www.bovada.lv Open in urlscan Pro
163.171.128.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/jo0t8q4SUn
Effective URL:
https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093
Submission: On March 25 via api (March 25th 2021, 2:10:07 pm UTC) from US

Summary HTTP 128 Redirects Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 24 domains to perform 128 HTTP transactions. The main IP is 163.171.128.148, located in Germany and belongs to QUANTILNETWORKS, US. The main domain is www.bovada.lv.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on December 28th 2020. Valid for: a year.

This is the only time www.bovada.lv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2 4	160.153.136.3 160.153.136.3	21501 (GODADDY-AMS) (GODADDY-AMS)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	104.126.36.137 104.126.36.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	51.77.152.115 51.77.152.115	16276 (OVH) (OVH)
3	2.17.185.233 2.17.185.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.18.191.136 104.18.191.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.241.51.109 54.241.51.109	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a00d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.94.230.46 52.94.230.46	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
5	52.50.7.8 52.50.7.8	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
6	13.226.158.65 13.226.158.65	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:62:... 2a04:4e42:62::272	54113 (FASTLY) (FASTLY)
2	52.94.225.95 52.94.225.95	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:218... 2600:9000:2182:b400:c:95c2:e940:21	16509 (AMAZON-02) (AMAZON-02)
1 2	23.37.42.16 23.37.42.16	16625 (AKAMAI-AS) (AKAMAI-AS)
1 45	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
4	68.68.9.218 68.68.9.218	11342 (PATHWAY) (PATHWAY)
1	185.54.150.22 185.54.150.22	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	13.226.159.67 13.226.159.67	16509 (AMAZON-02) (AMAZON-02)
2	185.156.184.207 185.156.184.207	11342 (PATHWAY) (PATHWAY)
2	208.78.16.222 208.78.16.222	11342 (PATHWAY) (PATHWAY)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	13.226.159.112 13.226.159.112	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.3 13.226.159.3	16509 (AMAZON-02) (AMAZON-02)
2	54.84.7.101 54.84.7.101	14618 (AMAZON-AES) (AMAZON-AES)
128	37

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 160.153.136.3 (Amsterdam, Netherlands) 2 redirects

ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-136-3.ip.secureserver.net

allexpressnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.allexpressnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.126.36.137 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-36-137.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.152.115 (France)

ASN16276 (OVH, FR)
PTR: ns3137837.ip-51-77-152.eu

counter8.stat.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.17.185.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-185-233.deploy.static.akamaitechnologies.com

nebula.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.191.136 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

media.revenuenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
record.revenuenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.241.51.109 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-51-109.us-west-1.compute.amazonaws.com

bdv.bidvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a00d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.230.46 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.50.7.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-7-8.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.226.158.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-65.dus51.r.cloudfront.net

wms-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:62::272 (United States)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.225.95 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

fls-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:b400:c:95c2:e940:21 (United States)

ASN16509 (AMAZON-02, US)

d2b9l3u54v5v39.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.16 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-16.deploy.static.akamaitechnologies.com

img.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 163.171.128.148 (Germany) 1 redirects

ASN54994 (QUANTILNETWORKS, US)

www.bovada.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.68.9.218 (Canada)

ASN11342 (PATHWAY, CA)

services.bovada.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.22 (Germany)

ASN60164 (WEBTREKK-AS, DE)

responder.wt-safetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-67.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.156.184.207 (United Kingdom)

ASN11342 (PATHWAY, CA)

nchat2.bovada.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.78.16.222 (Mexico)

ASN11342 (PATHWAY, CA)

api.wicket-keeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-112.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-3.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.7.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pro2.webtrekk-us.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	bovada.lv 1 redirects www.bovada.lv services.bovada.lv nchat2.bovada.lv	1 MB
10	amazon-adsystem.com ws-na.amazon-adsystem.com wms-na.amazon-adsystem.com fls-na.amazon-adsystem.com	21 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	349 KB
9	youtube.com www.youtube.com	762 KB
9	wsimg.com img1.wsimg.com nebula.wsimg.com	78 KB
6	viglink.com cdn.viglink.com api.viglink.com	31 KB
4	google.com www.google.com	29 KB
4	allexpressnews.com 2 redirects allexpressnews.com www.allexpressnews.com	11 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	cloudfront.net d2b9l3u54v5v39.cloudfront.net	4 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
3	bidvertiser.com bdv.bidvertiser.com	17 KB
2	webtrekk-us.net pro2.webtrekk-us.net	1 KB
2	wicket-keeper.com api.wicket-keeper.com	166 B
2	secureserver.net 1 redirects img.secureserver.net	1 KB
2	media-amazon.com m.media-amazon.com	7 KB
2	revenuenetwork.com 1 redirects media.revenuenetwork.com record.revenuenetwork.com	92 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	recaptcha.net www.recaptcha.net	1 KB
1	wt-safetag.com responder.wt-safetag.com	31 KB
1	ytimg.com i.ytimg.com	14 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	stat.ovh counter8.stat.ovh	4 KB
1	t.co t.co	482 B
128	24

	Domain	Requested by
45	www.bovada.lv	1 redirects www.bovada.lv
9	www.youtube.com	www.allexpressnews.com www.youtube.com
6	wms-na.amazon-adsystem.com	ws-na.amazon-adsystem.com
6	img1.wsimg.com	www.allexpressnews.com img1.wsimg.com
5	www.gstatic.com	www.youtube.com www.recaptcha.net www.google.com www.gstatic.com
5	api.viglink.com	cdn.viglink.com www.allexpressnews.com
4	services.bovada.lv	www.bovada.lv
4	www.google.com	www.youtube.com www.gstatic.com www.google.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com www.google.com
3	d2b9l3u54v5v39.cloudfront.net	bdv.bidvertiser.com
3	bdv.bidvertiser.com	www.allexpressnews.com bdv.bidvertiser.com
3	nebula.wsimg.com	www.allexpressnews.com
2	pro2.webtrekk-us.net
2	api.wicket-keeper.com	www.bovada.lv
2	nchat2.bovada.lv	t.co nchat2.bovada.lv
2	img.secureserver.net	1 redirects www.allexpressnews.com
2	fls-na.amazon-adsystem.com	ws-na.amazon-adsystem.com
2	m.media-amazon.com	ws-na.amazon-adsystem.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	ws-na.amazon-adsystem.com	www.allexpressnews.com
2	fonts.googleapis.com	www.allexpressnews.com
2	www.allexpressnews.com	t.co
2	allexpressnews.com	2 redirects
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.recaptcha.net	www.bovada.lv
1	static.hotjar.com	t.co
1	responder.wt-safetag.com	www.bovada.lv
1	record.revenuenetwork.com	1 redirects
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	cdn.viglink.com	www.allexpressnews.com
1	media.revenuenetwork.com	www.allexpressnews.com
1	counter8.stat.ovh	www.allexpressnews.com
1	t.co
128	36

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-11`	a year	crt.sh
counter8.stat.ovh R3	`2021-01-18` - `2021-04-18`	3 months	crt.sh
revenuenetwork.com Cloudflare Inc ECC CA-3	`2020-06-01` - `2021-06-01`	a year	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2021-03-05` - `2022-04-06`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
viglink.com Amazon	`2020-12-13` - `2022-01-11`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2020-09-16` - `2021-09-21`	a year	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2019-10-22` - `2021-10-22`	2 years	crt.sh
www.bovada.lv GlobalSign GCC R3 DV TLS CA 2020	`2020-12-28` - `2022-01-29`	a year	crt.sh
*.bovada.lv R3	`2021-03-12` - `2021-06-10`	3 months	crt.sh
*.wt-safetag.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-17` - `2022-11-19`	2 years	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
misc.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.wicket-keeper.com GlobalSign GCC R3 DV TLS CA 2020	`2020-12-02` - `2021-05-30`	6 months	crt.sh
*.webtrekk-us.net Sectigo RSA Domain Validation Secure Server CA	`2020-12-01` - `2022-01-01`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093
Frame ID: 797C8D749507E8512C964148A40FAC0D
Requests: 81 HTTP requests in this frame

Frame: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08FC66ZV4&asins=B08FC66ZV4&linkId=93a51c4de103cdff8c46859a74fcbbab&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Frame ID: 3FB5493B50889DBCF2A331C7712F99F4
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/k5XaM0ZzGF8
Frame ID: 32EFA6FA24B5EACDCD0490BF6B67C98A
Requests: 18 HTTP requests in this frame

Frame: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=164822&bid=1949966&RD=9077106709049&DIF=1&bd_ref_v=www.allexpressnews.com&tref=1&win_name=null&docref=https%3A%2F%2Ft.co%2Fjo0t8q4SUn&jsrand=9077106709049&js1loc=-&loctitle=%20PS5%20Giveaway%20and%20Restocks%20undefined
Frame ID: 8E35C19041B21DF440446ADF0FA962F4
Requests: 4 HTTP requests in this frame

Frame: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08D7DX16N&asins=B08D7DX16N&linkId=8dee32a33f2385dd1d122d3a18cb9575&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Frame ID: 312F00EA36F8FD330FAF994B01801491
Requests: 6 HTTP requests in this frame

Frame: https://services.bovada.lv/receiver.html
Frame ID: 94E487AA088963ABEE021FE2D5ECE96B
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNa_oUAAAAAJHZmkav4IcbNUGWKj-M9xxavODt&co=aHR0cHM6Ly93d3cuYm92YWRhLmx2OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=8hswz740ah7o
Frame ID: CCB33E2D2202588A9FC41223C2A4B504
Requests: 8 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-f8697186ca3a8d08bfff6b2981bb517b.html
Frame ID: 2809AA9841F11324FD8DDCED1C84A5B1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/jo0t8q4SUn Page URL
http://allexpressnews.com/ps5.html HTTP 302
http://allexpressnews.com/ps5.html HTTP 301
http://www.allexpressnews.com/ps5.html Page URL
https://record.revenuenetwork.com/__FWeOJW18LBTrvWNKSES1GNd7ZgqdRLk/1/ HTTP 301
https://www.bovada.lv/welcome/4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk/https://www.bovada.lv/sports/esport... HTTP 301
https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=... Page URL

Page Statistics

128
Requests

77 %
HTTPS

43 %
IPv6

24
Domains

36
Subdomains

37
IPs

8
Countries

2943 kB
Transfer

10160 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/jo0t8q4SUn Page URL
http://allexpressnews.com/ps5.html HTTP 302
http://allexpressnews.com/ps5.html HTTP 301
http://www.allexpressnews.com/ps5.html Page URL
https://record.revenuenetwork.com/__FWeOJW18LBTrvWNKSES1GNd7ZgqdRLk/1/ HTTP 301
https://www.bovada.lv/welcome/4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk/https://www.bovada.lv/sports/esports?overlay=join&affid=25093 HTTP 301
https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://allexpressnews.com/ps5.html HTTP 302
http://allexpressnews.com/ps5.html HTTP 301
http://www.allexpressnews.com/ps5.html

Request Chain 24

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 57

http://img.secureserver.net/t/1/tl/event?cts=1616681374130&ap=WSBv7&ds=4000&tce=1616681373691&tcs=1616681373678&tdc=0&tdclee=1616681374139&tdcles=1616681374130&tdi=1616681374130&tdl=1616681373745&tdle=1616681373678&tdls=1616681373671&tfs=1616681373670&tns=1616681373530&trqs=1616681373691&tre=1616681373745&trps=1616681373742&tles=0&tlee=0&dh=www.allexpressnews.com&dp=%2Fps5.html&dr=https%3A%2F%2Ft.co%2Fjo0t8q4SUn&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&feedtype=perf&z=1034634188 HTTP 301
https://img.secureserver.net/t/1/tl/event?cts=1616681374130&ap=WSBv7&ds=4000&tce=1616681373691&tcs=1616681373678&tdc=0&tdclee=1616681374139&tdcles=1616681374130&tdi=1616681374130&tdl=1616681373745&tdle=1616681373678&tdls=1616681373671&tfs=1616681373670&tns=1616681373530&trqs=1616681373691&tre=1616681373745&trps=1616681373742&tles=0&tlee=0&dh=www.allexpressnews.com&dp=%2Fps5.html&dr=https%3A%2F%2Ft.co%2Fjo0t8q4SUn&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&feedtype=perf&z=1034634188

128 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 jo0t8q4SUn Show response
t.co/ 296 B
482 B 134ms
133ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/jo0t8q4SUn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

da07f58540b7f0aae2359458352207eb444c99a4df6052281848df8a833213ab

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /jo0t8q4SUn
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 200
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Thu, 25 Mar 2021 14:09:33 GMT
expires: Thu, 25 Mar 2021 14:14:33 GMT
referrer-policy: unsafe-url
server: tsa_f
set-cookie: muc=ac817396-6e40-4e01-b891-777d69feb3bd; Max-Age=63072000; Expires=Sat, 25 Mar 2023 14:09:33 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 70b49a1a748209dd4b47d05c6b413b6a
x-response-time: 112
x-xss-protection: 0

GET
H/1.1

200
OK

Cookie set ps5.html Show response
www.allexpressnews.com/
Redirect Chain

http://allexpressnews.com/ps5.html
http://allexpressnews.com/ps5.html
http://www.allexpressnews.com/ps5.html

14 KB
5 KB

71ms
51ms

Document
text/html

160.153.136.3
GODADDY-AMS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.allexpressnews.com/ps5.html

Requested by

Host: t.co
URL: https://t.co/jo0t8q4SUn

Protocol

HTTP/1.1

Server

160.153.136.3 Amsterdam, Netherlands, ASN21501 (GODADDY-AMS, DE),

Reverse DNS

ip-160-153-136-3.ip.secureserver.net

Software

DPS/1.11.4 /

Resource Hash

96735c6bf505866cd1575bfb19852e35a954d1c959b6d4c96caa63c3aa5cb1eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'

Request headers

Host: www.allexpressnews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: https://t.co/jo0t8q4SUn
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.co/jo0t8q4SUn

Response headers

Link: <http://www.allexpressnews.com/site.css?v=>; rel=preload; as=style,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://img2.wsimg.com>; rel=preconnect; crossorigin,<https://img4.wsimg.com>; rel=preconnect; crossorigin,<http://img4.wsimg.com>; rel=preconnect; crossorigin,<http://nebula.wsimg.com>; rel=preconnect; crossorigin
cache-control: public, max-age=60, s-maxage=300
Content-Security-Policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Encoding: gzip
Server: DPS/1.11.4
X-SiteId: 4000
Set-Cookie: dps_site_id=4000; path=/
ETag: 3a6d566bee666df577f66fdbfd0e119f
Date: Thu, 25 Mar 2021 14:09:33 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

Redirect headers

location: http://www.allexpressnews.com/ps5.html
Vary: Accept-Encoding
Server: DPS/1.11.4
X-SiteId: 4000
Set-Cookie: dps_site_id=4000; path=/
ETag: 3a6d566bee666df577f66fdbfd0e119f
Date: Thu, 25 Mar 2021 14:09:33 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

GET
H/1.1 200
OK site.css
www.allexpressnews.com/ 20 KB
5 KB 35ms
35ms Stylesheet
text/css 160.153.136.3
GODADDY-AMS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.allexpressnews.com/site.css?v=

Protocol

HTTP/1.1

Server

160.153.136.3 Amsterdam, Netherlands, ASN21501 (GODADDY-AMS, DE),

Reverse DNS

ip-160-153-136-3.ip.secureserver.net

Software

DPS/1.11.4 /

Resource Hash

de252171dbf0367a88f8ba4e0d5d1c4a8b21ca46d67348a9c47bacd0ea23fee7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'

Request headers

Referer: http://www.allexpressnews.com/ps5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
Vary: Accept-Encoding
Server: DPS/1.11.4
ETag: 015b94240c70dd182a7d97cd694f7ec8
X-SiteId: 4000
Transfer-Encoding: chunked
content-type: text/css
cache-control: public, max-age=60, s-maxage=300
Date: Thu, 25 Mar 2021 14:09:33 GMT
Connection: keep-alive
Link: <http://www.allexpressnews.com/site.css?v=>; rel=preload; as=style,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://img2.wsimg.com>; rel=preconnect; crossorigin,<https://img4.wsimg.com>; rel=preconnect; crossorigin,<http://img4.wsimg.com>; rel=preconnect; crossorigin,<http://nebula.wsimg.com>; rel=preconnect; crossorigin
Keep-Alive: timeout=5

GET
H/1.1 200
OK css
fonts.googleapis.com/ 17 KB
2 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fdf639334bc674af8cc136edd42de9c4a91cec505df1950a9ac17ac855cdb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 25 Mar 2021 13:33:54 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 25 Mar 2021 14:09:33 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

534e7d5a9ef38e44fde5b6dd3882dabde3a01a08f206cfe9bf283013d81e86a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 25 Mar 2021 13:59:16 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 25 Mar 2021 14:09:33 GMT

GET
H/1.1 200
OK duel.js Show response
img1.wsimg.com/starfield/duel/v2.5.8/ 40 KB
15 KB 48ms
32ms Script
application/x-javascript 104.126.36.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://img1.wsimg.com/starfield/duel/v2.5.8/duel.js?appid=O3BkA5J1
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: HTTP/1.1
Server: 104.126.36.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1ca2faaa4a7ba86c934c337dcb47ebd521dd5721a9f62302ef36f074c1a4c8d8

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jan 2016 20:03:53 GMT
ETag: "6e4534b164fd11:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15038
Expires: Fri, 25 Mar 2022 14:09:33 GMT

GET
H/1.1 200
OK freecounterstat.php
counter8.stat.ovh/private/ 4 KB
4 KB 18205ms
34ms Image
image/png 51.77.152.115
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter8.stat.ovh/private/freecounterstat.php?c=mrd2u3k5suemt8ndxmd4yk253mx19pg4
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.152.115 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3137837.ip-51-77-152.eu
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1c / PHP/7.2.24
Resource Hash: 36015ef52054ff745a4a20f8e938870224f635ece8b12acca9c9618e929abc9c

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:52 GMT
Content-Encoding: gzip
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1c
X-Powered-By: PHP/7.2.24
Vary: Accept-Encoding,User-Agent
Content-Type: image/png
Connection: close
Content-Length: 4210

GET
H/1.1 200
OK a7f25ae8adc6a692c063269184b91361
nebula.wsimg.com/ 15 KB
16 KB 54ms
33ms Image
image/jpeg 2.17.185.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nebula.wsimg.com/a7f25ae8adc6a692c063269184b91361?AccessKeyId=26CD91DD178ED21D415C&disposition=0&alloworigin=1
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: HTTP/1.1
Server: 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-185-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a3af8f1690382299a8af75df5c24140141594aa59c12e572d07b4be1c74c5e8e

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:33 GMT
Content-Encoding: gzip
x-cloud-object-key: a7f25ae8adc6a692c063269184b91361
x-cloud-acl: public-read
x-cloud-bucket-name: resources
x-cloud-object-name: resources/ccb4d2a1-41bb-4c33-8058-b3331a0a8f13-cropped-raffle.jpg
x-cloud-public-bucket: []
Connection: keep-alive
Content-Length: 15503
x-cloud-meta
x-cloud-bucket-key: 04e2d8ceb2019f38af3ca528b0c5420c
Last-Modified: Wed, 02 Dec 2020 18:11:00 GMT
Server: Apache
ETag: 5f6cd293332a4313bb34e425b501eea0
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=31536000
x-cloud-request-id: GDN32E3C749424804843E8FEE3DB2628
x-cloud-version: 5cfb2dd649c4f6352febb9e1162474a3
created-date: Wed, 02 Dec 2020 18:11:00 GMT

GET
H2 200 160x600.gif
media.revenuenetwork.com/GIF/Bovada/eSports/ 91 KB
92 KB 132ms
89ms Image
image/gif 104.18.191.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.revenuenetwork.com/GIF/Bovada/eSports/160x600.gif
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.191.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce6c99b4fec3f6a46b6eda4c21079747413fb839cb2fb204efa4f9b98c71a19a

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:33 GMT
cf-cache-status: REVALIDATED
x-amz-version-id: null
cf-polished: origSize=93883
x-amz-meta-ctime: 1588681826
content-type: image/gif
last-modified: Tue, 05 May 2020 12:30:27 GMT
content-length: 93042
cf-request-id: 090b5128b10000082869af4000000001
x-amz-meta-uid: 5187
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d18e4a264aa9ed48046528805f5c1c9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-gid: 5187
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
cf-ray: 6358b7bab8940828-CDG
x-amz-meta-mtime: 1588681826

GET
H/1.1 200
OK BidVertiser.dbm Show response
bdv.bidvertiser.com/ 9 KB
9 KB 310ms
296ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=164822&bid=1949966
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: -1
Cache-Control: no-store
Connection: close
Content-Length: 9014
Content-Type: text/javascript

GET
H/1.1 200
OK 5055633353f4aeb6b87c0478b31e0a76
nebula.wsimg.com/ 8 KB
8 KB 62ms
41ms Image
image/jpeg 2.17.185.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nebula.wsimg.com/5055633353f4aeb6b87c0478b31e0a76?AccessKeyId=26CD91DD178ED21D415C&disposition=0&alloworigin=1
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: HTTP/1.1
Server: 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-185-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1e278893f69d9b191bd408dc428d437cf49380165cde19619e109888f4711845

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:33 GMT
Content-Encoding: gzip
x-cloud-object-key: 5055633353f4aeb6b87c0478b31e0a76
x-cloud-acl: public-read
x-cloud-bucket-name: resources
x-cloud-object-name: resources/b6cab42e-23ee-4093-8cd9-1f8f48456202-cropped-ps5.jpg
x-cloud-public-bucket: []
Connection: keep-alive
Content-Length: 7282
x-cloud-meta
x-cloud-bucket-key: 04e2d8ceb2019f38af3ca528b0c5420c
Last-Modified: Tue, 01 Dec 2020 21:58:56 GMT
Server: Apache
ETag: d576eb7b78f6bb734b94a0b444f30bc2
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=31536000
x-cloud-request-id: GDNA3B4FE640F5932693F3CA009C252C
x-cloud-version: 994dad914a27edfc3a8478d3c85087a9
created-date: Tue, 01 Dec 2020 21:58:56 GMT

GET
H/1.1 200
OK 59fb09bee8f22073398cc3b2c80bbcec
nebula.wsimg.com/ 2 KB
2 KB 62ms
41ms Image
image/png 2.17.185.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nebula.wsimg.com/59fb09bee8f22073398cc3b2c80bbcec?AccessKeyId=531592D248B589D87A56&disposition=0&alloworigin=1
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: HTTP/1.1
Server: 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-185-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a47e3233f03feab950a7b1f335b810850207b545b545334c4855dd27ba9b8311

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:33 GMT
Content-Encoding: gzip
x-cloud-object-key: 59fb09bee8f22073398cc3b2c80bbcec
x-cloud-acl: public-read
x-cloud-bucket-name: resources
x-cloud-object-name: 596395c9-2881-4adf-ab64-0b374f538c7e.png
x-cloud-public-bucket: []
Connection: keep-alive
Content-Length: 1447
x-cloud-meta
x-cloud-bucket-key: 33ad60ffbf7e27ebd09f827cb99bf077
Last-Modified: Thu, 31 May 2018 22:02:26 GMT
Server: Apache
ETag: 4e17fceb00a590b16d61e92259589719
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=31536000
x-cloud-request-id: GDNDF976D6F9333525F4AE407F5FCF42
x-cloud-version: 9cd2d91461bf1a2a42705de0bf278c36
created-date: Sat, 08 Mar 2014 00:27:49 GMT

GET
H/1.1 200
OK tcc_l.combined.1.0.5.min.js Show response
img1.wsimg.com/tcc/ 6 KB
3 KB 24ms
24ms Script
application/x-javascript 104.126.36.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://img1.wsimg.com/tcc/tcc_l.combined.1.0.5.min.js
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: HTTP/1.1
Server: 104.126.36.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d774beebaea68f3e3be399e441d6f5bf073ce036a8cce8a90b444c60d2985f04

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 21:28:14 GMT
ETag: "02b9e6ff26d11:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2157
Expires: Fri, 25 Mar 2022 14:09:33 GMT

GET
H2 200 jq.js Show response
img1.wsimg.com/wst/v7/WSB7_J_20210311_0410_WSB-18930_2938/v2/libs/jquery/ 91 KB
33 KB 73ms
25ms Script
application/x-javascript 104.126.36.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/wst/v7/WSB7_J_20210311_0410_WSB-18930_2938/v2/libs/jquery/jq.js
Requested by: Host: img1.wsimg.com
URL: http://img1.wsimg.com/starfield/duel/v2.5.8/duel.js?appid=O3BkA5J1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf203e638014174f96a22eef8411dafc7e8c900160433acdb3f0396fa85b2f8

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:33 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 11:27:10 GMT
etag: "f54ae7796916d71:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 33456
expires: Fri, 25 Mar 2022 14:09:33 GMT

GET
H/1.1 200
OK vglnk.js Show response
cdn.viglink.com/api/ 81 KB
29 KB 23ms
15ms Script
text/javascript 2606:4700::6810:a00d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viglink.com/api/vglnk.js
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: HTTP/1.1
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 146836
CF-RAY: 6358b7ba7e0a4aa4-FRA
Connection: keep-alive
Content-Length: 28567
x-amz-id-2: f2A79/PIabJcKYYEBv+tpgp8/VgKXY5dHKkHSc/g459bvls3jOkZv+DFIRd7QJnSmL3s+bfBZ+4=
Last-Modified: Wed, 02 Dec 2020 18:57:12 GMT
Server: cloudflare
ETag: "072eaf64a771815874455704fca9301b"
Vary: Accept-Encoding
x-amz-request-id: DD38FB3D9F1B2BDF
Cache-Control: public, max-age=604800
cf-request-id: 090b51288800004aa4e8bae000000001
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Thu, 01 Apr 2021 14:09:33 GMT

GET
H/1.1 200
OK q Show response
ws-na.amazon-adsystem.com/widgets/ Frame 3FB5 14 KB
4 KB 200ms
185ms Document
text/html 52.94.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08FC66ZV4&asins=B08FC66ZV4&linkId=93a51c4de103cdff8c46859a74fcbbab&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: HTTP/1.1
Server: 52.94.230.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 465ec29b3d4c7edd77dfc03ac552f50be3ad16b2460e577575f6ae9a393ff6a8

Request headers

Host: ws-na.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.allexpressnews.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.allexpressnews.com/

Response headers

Date: Thu, 25 Mar 2021 14:09:33 GMT
Server: Server
Content-Encoding: gzip
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
charset: UTF-8
Access-Control-Allow-Origin: *
Content-Length: 3393
Vary: User-Agent
nnCoection: close
Content-Type: text/html;charset=UTF-8

GET
H2 200 k5XaM0ZzGF8 Show response
www.youtube.com/embed/ Frame 32EF 50 KB
21 KB 68ms
67ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/k5XaM0ZzGF8

Requested by

Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3ae4dfa87608d493973baff159187efa4ac3630761c8a1c716c5697951b6c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/k5XaM0ZzGF8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.allexpressnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.allexpressnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Mar 2021 14:09:33 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=QHjrakYjC_o; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=z4fuNmTokws; Domain=.youtube.com; Expires=Tue, 21-Sep-2021 14:09:33 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+693; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.allexpressnews.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 13:40:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:22 GMT
Server: sffe
Age: 174539
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14380
X-XSS-Protection: 0
Expires: Wed, 23 Mar 2022 13:40:34 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 237 B
969 B 136ms
37ms XHR
text/javascript 52.50.7.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.7.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-7-8.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 6c33b43a8a3a0bf326afadabbe58e1dbc2324d818ac0b27b495f3bacd6e1e4a4

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 14:09:33 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.allexpressnews.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 237
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/38c5f870/ Frame 32EF 339 KB
51 KB 37ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/k5XaM0ZzGF8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c6de398b00be04297ce1aebdf24eed587464488127326a6611438bc65dc26e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/k5XaM0ZzGF8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 10:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 12645
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52118
x-xss-protection: 0
expires: Fri, 25 Mar 2022 10:38:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 32EF 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/k5XaM0ZzGF8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:51:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 476258
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 20 Mar 2022 01:51:55 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/38c5f870/www-embed-player.vflset/ Frame 32EF 161 KB
58 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/k5XaM0ZzGF8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f47665d4cc35069e17635c7584d07b44765a0634fad1475d8a6a0a163c6d246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/k5XaM0ZzGF8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 170640
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59582
x-xss-protection: 0
expires: Wed, 23 Mar 2022 14:45:33 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/ Frame 32EF 2 MB
507 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/k5XaM0ZzGF8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e0d14229ae0f4d80a6e75cf1344fd3d32cccfa42e39ee154993eea24064eb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/k5XaM0ZzGF8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 09:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 17351
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519271
x-xss-protection: 0
expires: Fri, 25 Mar 2022 09:20:22 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/38c5f870/fetch-polyfill.vflset/ Frame 32EF 8 KB
3 KB 31ms
20ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/k5XaM0ZzGF8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/k5XaM0ZzGF8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 23:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 52441
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 24 Mar 2022 23:35:32 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 32EF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
897 B

40ms
39ms

XHR
application/json

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/k5XaM0ZzGF8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a44e6c006cf7a38f3e25dd226e3575e4066d8fb03013605abeb37fbf10bc6791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 25 Mar 2021 14:09:34 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 32EF 29 B
406 B 25ms
5ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 13:56:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 810
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 25 Mar 2021 14:11:04 GMT

GET
H/1.1 200
OK sync.js Show response
api.viglink.com/api/ 0
307 B 34ms
34ms Script
text/plain 52.50.7.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/sync.js?key=5e92d53f7b80e9bd0d491321c3eaff9b
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.7.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-7-8.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 14:09:33 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 67ms
34ms Image
text/plain 52.50.7.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?key=5e92d53f7b80e9bd0d491321c3eaff9b
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.7.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-7-8.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 14:09:33 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/ Frame 32EF 97 KB
97 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4551596f954aa5759824aea3f0069656fcacb1f8a2c52d1d871f3f2e0057847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/k5XaM0ZzGF8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:45:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 170632
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98980
x-xss-protection: 0
expires: Wed, 23 Mar 2022 14:45:42 GMT

GET
H2 200 JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js Show response
www.google.com/js/th/ Frame 32EF 33 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/JKpd_lk327AobN_pv_3rQSdPyh1_wevmg2lsMnVM1bk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24aa5dfe5937dbb0286cdfe9bffdeb41274fca1d7fc1ebe683696c32754cd5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 05:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 117344
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12778
x-xss-protection: 0
expires: Thu, 24 Mar 2022 05:33:50 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/ Frame 32EF 24 KB
24 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a20336a648e840ea05405464c67782e3deff240b1c6260c7c1eff298046fa2de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/k5XaM0ZzGF8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 14:45:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 00:19:11 GMT
server: sffe
age: 170632
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24206
x-xss-protection: 0
expires: Wed, 23 Mar 2022 14:45:42 GMT

GET
DATA 200
OK truncated
/ Frame 32EF 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwniecPQVJEcPe7ldhOaiE0Ge6Th-c5CVUow9YZiU1w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 32EF 3 KB
3 KB 27ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwniecPQVJEcPe7ldhOaiE0Ge6Th-c5CVUow9YZiU1w=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/k5XaM0ZzGF8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

38273865c7901661552c6b051d101337d75a526a8a79621d1e5cad50f5d01c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 10:28:32 GMT
x-content-type-options: nosniff
age: 13262
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3069
x-xss-protection: 0
server: fife
etag: "v28d2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 25 Mar 2021 04:41:34 GMT

GET
H2 200 hqdefault.webp
i.ytimg.com/vi_webp/k5XaM0ZzGF8/ Frame 32EF 14 KB
14 KB 26ms
6ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/k5XaM0ZzGF8/hqdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/k5XaM0ZzGF8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6524d6aa475bc619e7a7321dc622f2f622d21c7be71b3bf3011ece5bb561cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:08:48 GMT
x-content-type-options: nosniff
server: sffe
age: 46
etag: "1602781289"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14130
x-xss-protection: 0
expires: Thu, 25 Mar 2021 16:08:48 GMT

GET
H/1.1 200
OK bidvertiser.dbm Show response
bdv.bidvertiser.com/ 0
333 B 322ms
306ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/bidvertiser.dbm?pid=164822&bid=1949966&RD=3608783208484&DIF=2
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=164822&bid=1949966
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Len: 0
Date: Thursday, 25-Mar-2021 14:09:34 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 25-Mar-2020 14:09:34 GMT
CONNECTION: Close
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK Cookie set BidVertiser.dbm Show response
bdv.bidvertiser.com/ Frame 8E35 8 KB
8 KB 317ms
305ms Document
text/html 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=164822&bid=1949966&RD=9077106709049&DIF=1&bd_ref_v=www.allexpressnews.com&tref=1&win_name=null&docref=https%3A%2F%2Ft.co%2Fjo0t8q4SUn&jsrand=9077106709049&js1loc=-&loctitle=%20PS5%20Giveaway%20and%20Restocks%20undefined
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=164822&bid=1949966
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2eff8639669bf86d63e04791d4e9d9281c7dff4cb22e581e0b6cd0de83fc1840

Request headers

Host: bdv.bidvertiser.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.allexpressnews.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.allexpressnews.com/

Response headers

Date: Thursday, 25-Mar-2021 14:09:34 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 25-Mar-2020 14:09:34 GMT
Set-Cookie: bdv_c3p=235; domain=.bidvertiser.com; path=/; expires=Fri, 26-Mar-2021 14:09:34 GMT bdv_c3p=1_1_1; domain=.bidvertiser.com; path=/; expires=Fri, 26-Mar-2021 14:09:34 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 7698
CONNECTION: Close

GET
H/1.1 200
OK q Show response
ws-na.amazon-adsystem.com/widgets/ Frame 312F 14 KB
4 KB 101ms
100ms Document
text/html 52.94.230.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08D7DX16N&asins=B08D7DX16N&linkId=8dee32a33f2385dd1d122d3a18cb9575&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: HTTP/1.1
Server: 52.94.230.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: b67b5784c012a49cc70d172bbd8767545d6af08a39698bfe8c205ed503063afc

Request headers

Host: ws-na.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.allexpressnews.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.allexpressnews.com/

Response headers

Date: Thu, 25 Mar 2021 14:09:34 GMT
Server: Server
Content-Encoding: gzip
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
charset: UTF-8
Access-Control-Allow-Origin: *
Content-Length: 3371
Vary: User-Agent
nnCoection: close
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookiemanager.js Show response
img1.wsimg.com/wst/v7/WSB7_J_20210311_0410_WSB-18930_2938/v2/common/cookiemanager/ 552 B
569 B 27ms
26ms Script
application/x-javascript 104.126.36.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/wst/v7/WSB7_J_20210311_0410_WSB-18930_2938/v2/common/cookiemanager/cookiemanager.js
Requested by: Host: img1.wsimg.com
URL: http://img1.wsimg.com/starfield/duel/v2.5.8/duel.js?appid=O3BkA5J1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3e1adba2cfbb91f080da970318299e5ecfcbf0cca6e5bbe8543822d34d06d8e3

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:34 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 11:20:12 GMT
etag: "7245c7806816d71:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 355
expires: Fri, 25 Mar 2022 14:09:34 GMT

GET
H2 200 iebackground.js Show response
img1.wsimg.com/wst/v7/WSB7_J_20210311_0410_WSB-18930_2938/v2/designer/iebackground/ 1 KB
817 B 27ms
27ms Script
application/x-javascript 104.126.36.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/wst/v7/WSB7_J_20210311_0410_WSB-18930_2938/v2/designer/iebackground/iebackground.js
Requested by: Host: img1.wsimg.com
URL: http://img1.wsimg.com/starfield/duel/v2.5.8/duel.js?appid=O3BkA5J1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf0450afe6f75037853e4eefdcf6d54e8d0ffe34a10b635dc703db2f8f2e85bd

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:34 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 11:20:54 GMT
etag: "a866e1996816d71:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 603
expires: Fri, 25 Mar 2022 14:09:34 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 56 B
509 B 34ms
34ms XHR
text/javascript 52.50.7.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.7.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-7-8.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: bdabf2dbac9b69342a5e3ed2e85c9160d2dab7db5eb3a57319333151f7fc9188

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 14:09:33 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.allexpressnews.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 56
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 3FB5 1 KB
2 KB 52ms
37ms Image
image/png 13.226.158.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wms-na.amazon-adsystem.com/panda/20070822/US/img/a-logo-amazon.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08FC66ZV4&asins=B08FC66ZV4&linkId=93a51c4de103cdff8c46859a74fcbbab&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Server: 13.226.158.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-65.dus51.r.cloudfront.net
Software: Server /
Resource Hash: bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5

Request headers

Referer: http://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 09 Mar 2021 03:11:05 GMT
Via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
Age: 1421909
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1427
Last-Modified: Wed, 16 Dec 2020 09:01:38 GMT
Server: Server
ETag: "593-5b6911f829e81"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: m-DDQsTnHHjmQiwiFpYCWPrv_jAD8TbyQz4zpDL16zqERFjCAK9Dew==
Expires: Tue, 16 Mar 2021 03:11:05 GMT

GET
H2 200 51-ws-E4DfL._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 3FB5 4 KB
4 KB 23ms
8ms Image
image/jpeg 2a04:4e42:62::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51-ws-E4DfL._AC_AC_SR98,95_.jpg
Requested by: Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08FC66ZV4&asins=B08FC66ZV4&linkId=93a51c4de103cdff8c46859a74fcbbab&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3a2727f0f7cb047e0db15b402e1baba1fdd82ae9af791168d25e3c2cb4356976

Request headers

Referer: http://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:34 GMT
last-modified: Sun, 01 Nov 2020 13:49:51 GMT
age: 2393996
x-cache: HIT from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 20 Feb 2041 21:09:37 GMT
cache-control: max-age=630720000,public
x-amz-ir-id: c9272857-2d5c-4fea-a3ce-055d2bb67ca9
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 3682
x-served-by: cache-dca17731-DCA, cache-hhn11534-HHN

GET
H/1.1 200
OK prime.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 3FB5 3 KB
4 KB 53ms
38ms Image
image/png 13.226.158.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wms-na.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08FC66ZV4&asins=B08FC66ZV4&linkId=93a51c4de103cdff8c46859a74fcbbab&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Server: 13.226.158.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-65.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

Referer: http://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 04:29:30 GMT
Via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
Age: 1244404
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3357
Last-Modified: Wed, 16 Dec 2020 09:01:49 GMT
Server: Server
ETag: "d1d-5b691202e2612"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 0KG_T4qhaXaI4ZGTUnISw3jWdGaV5MkSCqgYjTGPRPgFmak5KfCr2g==
Expires: Thu, 18 Mar 2021 04:29:30 GMT

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 3FB5 43 B
200 B 191ms
170ms Image
image/gif 52.94.225.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1616681374147&p=%7B%22program%22%3A%221%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22allexpressn01-20%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwww.allexpressnews.com%2F%22%7D
Requested by: Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08FC66ZV4&asins=B08FC66ZV4&linkId=93a51c4de103cdff8c46859a74fcbbab&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Server: 52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Referer: http://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:33 GMT
x-amzn-RequestId: 5fef5773-2492-4891-86e0-3ecb465144bb
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 3FB5 341 B
876 B 53ms
39ms Image
image/gif 13.226.158.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08FC66ZV4&asins=B08FC66ZV4&linkId=93a51c4de103cdff8c46859a74fcbbab&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Server: 13.226.158.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-65.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

Referer: http://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 10 Mar 2021 02:59:30 GMT
Via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
Age: 1336204
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 341
Last-Modified: Wed, 16 Dec 2020 09:11:03 GMT
Server: Server
ETag: "155-5b691412842e1"
Content-Type: image/gif
Charset: UTF-8
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 4ExqEl1CA_h0_viaxPer7ptFW_DC2yPX9_0qFeRdaws_Jeq2dhOmXw==
Expires: Wed, 17 Mar 2021 02:59:30 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 32EF 4 KB
2 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 25 Mar 2021 14:09:34 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 32EF 0
38 B 6ms
5ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?vPmT2w
Requested by: Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/k5XaM0ZzGF8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:34 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 util.window.js Show response
img1.wsimg.com/wst/v7/WSB7_J_20210311_0410_WSB-18930_2938/v2/common/util/ 111 B
327 B 25ms
24ms Script
application/x-javascript 104.126.36.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/wst/v7/WSB7_J_20210311_0410_WSB-18930_2938/v2/common/util/util.window.js
Requested by: Host: img1.wsimg.com
URL: http://img1.wsimg.com/starfield/duel/v2.5.8/duel.js?appid=O3BkA5J1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.36.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-36-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0a76f5945828a2b4977a1758cdb53eed66e558fcbd27e50601225c4ec1b846a0

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:34 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 11:20:16 GMT
etag: "b2c41836816d71:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 115
expires: Fri, 25 Mar 2022 14:09:34 GMT

GET
H/1.1 200
OK a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 312F 1 KB
2 KB 27ms
26ms Image
image/png 13.226.158.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wms-na.amazon-adsystem.com/panda/20070822/US/img/a-logo-amazon.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08D7DX16N&asins=B08D7DX16N&linkId=8dee32a33f2385dd1d122d3a18cb9575&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Server: 13.226.158.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-65.dus51.r.cloudfront.net
Software: Server /
Resource Hash: bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5

Request headers

Referer: http://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 03:51:16 GMT
Via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
Age: 37098
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1427
Last-Modified: Wed, 16 Dec 2020 09:01:38 GMT
Server: Server
ETag: "593-5b6911f829e81"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: RwXP1EZE6DV8nSADWLfog3NdcBRTSpIazdT2S0mU4IovA9MeBzKqaQ==
Expires: Tue, 16 Mar 2021 03:11:05 GMT

GET
H2 200 51qr9KDVeYL._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 312F 3 KB
3 KB 9ms
8ms Image
image/jpeg 2a04:4e42:62::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/51qr9KDVeYL._AC_AC_SR98,95_.jpg
Requested by: Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08D7DX16N&asins=B08D7DX16N&linkId=8dee32a33f2385dd1d122d3a18cb9575&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bb9107de0db516831387e61eb9d0e8659083bc5435723751f6e8b1c66d3312fd

Request headers

Referer: http://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:34 GMT
last-modified: Thu, 15 Oct 2020 16:30:36 GMT
age: 602552
x-cache: HIT from fastly, HIT from fastly
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 13 Mar 2041 14:47:02 GMT
cache-control: max-age=630720000,public
x-amz-ir-id: 1a3a439f-a502-4744-a4cb-a8cc928cd257
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 3370
x-served-by: cache-dca17727-DCA, cache-hhn11534-HHN

GET
H/1.1 200
OK prime.png
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 312F 3 KB
4 KB 26ms
26ms Image
image/png 13.226.158.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wms-na.amazon-adsystem.com/panda/20070822/US/img/prime.png
Requested by: Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08D7DX16N&asins=B08D7DX16N&linkId=8dee32a33f2385dd1d122d3a18cb9575&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Server: 13.226.158.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-65.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c

Request headers

Referer: http://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 04:29:30 GMT
Via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
Age: 1244404
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3357
Last-Modified: Wed, 16 Dec 2020 09:01:49 GMT
Server: Server
ETag: "d1d-5b691202e2612"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: tXLsc315d75zfMjEqgNTl7bD4AezFwqHnEIeby-31hNWfSQZTkBdXQ==
Expires: Thu, 18 Mar 2021 04:29:30 GMT

GET
H/1.1 200
OK json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 312F 43 B
200 B 185ms
171ms Image
image/gif 52.94.225.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1616681374257&p=%7B%22program%22%3A%221%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22allexpressn01-20%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwww.allexpressnews.com%2F%22%7D
Requested by: Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08D7DX16N&asins=B08D7DX16N&linkId=8dee32a33f2385dd1d122d3a18cb9575&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Server: 52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

Referer: http://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:34 GMT
x-amzn-RequestId: d7299830-8472-4299-985e-f2cd8966de0c
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame 312F 341 B
876 B 26ms
26ms Image
image/gif 13.226.158.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ac&ref=tf_til&ad_type=product_link&tracking_id=allexpressn01-20&marketplace=amazon&region=US&placement=B08D7DX16N&asins=B08D7DX16N&linkId=8dee32a33f2385dd1d122d3a18cb9575&show_border=false&link_opens_in_new_window=false&price_color=333333&title_color=0066c0&bg_color=ffffff
Protocol: HTTP/1.1
Server: 13.226.158.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-65.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

Referer: http://ws-na.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 10 Mar 2021 02:59:30 GMT
Via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
Age: 1336204
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 341
Last-Modified: Wed, 16 Dec 2020 09:11:03 GMT
Server: Server
ETag: "155-5b691412842e1"
Content-Type: image/gif
Charset: UTF-8
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: RsvXcJBGuJbvbnliwJsFzKO2-JIMVshNXSXoEir3F6C6J0a6ZaoZRw==
Expires: Wed, 17 Mar 2021 02:59:30 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 58 B
511 B 35ms
34ms XHR
text/javascript 52.50.7.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.7.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-7-8.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 9856f416d367f5481ec029ffc878f53cbff1d809eff9c0e452b2b17b4fce0116

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 14:09:33 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://www.allexpressnews.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 58
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK default.css
d2b9l3u54v5v39.cloudfront.net/css/ Frame 8E35 1 KB
1 KB 19ms
10ms Stylesheet
text/css 2600:9000:2182:b400:c:95c2:e940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2b9l3u54v5v39.cloudfront.net/css/default.css
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=164822&bid=1949966&RD=9077106709049&DIF=1&bd_ref_v=www.allexpressnews.com&tref=1&win_name=null&docref=https%3A%2F%2Ft.co%2Fjo0t8q4SUn&jsrand=9077106709049&js1loc=-&loctitle=%20PS5%20Giveaway%20and%20Restocks%20undefined
Protocol: HTTP/1.1
Server: 2600:9000:2182:b400:c:95c2:e940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af

Request headers

Referer: http://bdv.bidvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 24 Mar 2021 18:46:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Sep 2015 08:25:40 GMT
Server: Microsoft-IIS/10.0
Age: 71672
ETag: "70d0ec1947f4d01:0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 682
X-Amz-Cf-Id: cYpDidrSHiN9Fu8TxJH6crWLM6o6vJmSMQhL-Wy7MMeqEqjiJmfFbg==

GET
H/1.1 200
OK 598x158.css
d2b9l3u54v5v39.cloudfront.net/css/ Frame 8E35 3 KB
1 KB 19ms
9ms Stylesheet
text/css 2600:9000:2182:b400:c:95c2:e940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2b9l3u54v5v39.cloudfront.net/css/598x158.css?cbst=2
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=164822&bid=1949966&RD=9077106709049&DIF=1&bd_ref_v=www.allexpressnews.com&tref=1&win_name=null&docref=https%3A%2F%2Ft.co%2Fjo0t8q4SUn&jsrand=9077106709049&js1loc=-&loctitle=%20PS5%20Giveaway%20and%20Restocks%20undefined
Protocol: HTTP/1.1
Server: 2600:9000:2182:b400:c:95c2:e940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 49617ae18de9b53d3d940741d580dbe36ba050c5d07cd32fd937904cf00bde2d

Request headers

Referer: http://bdv.bidvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 01:07:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 16:21:47 GMT
Server: Microsoft-IIS/10.0
Age: 46929
ETag: "82363f707890d31:0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 919
X-Amz-Cf-Id: 4b7c-z4W52K6KMP6PaKiCzNkDs-fSi4S2FgmfctKDiQGuAFFZW0VMA==

GET
H/1.1 200
OK bdv_fsthd.js Show response
d2b9l3u54v5v39.cloudfront.net/activejs/ Frame 8E35 1 KB
2 KB 22ms
13ms Script
application/javascript 2600:9000:2182:b400:c:95c2:e940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=164822&bid=1949966&RD=9077106709049&DIF=1&bd_ref_v=www.allexpressnews.com&tref=1&win_name=null&docref=https%3A%2F%2Ft.co%2Fjo0t8q4SUn&jsrand=9077106709049&js1loc=-&loctitle=%20PS5%20Giveaway%20and%20Restocks%20undefined
Protocol: HTTP/1.1
Server: 2600:9000:2182:b400:c:95c2:e940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617

Request headers

Referer: http://bdv.bidvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 01:59:35 GMT
Via: 1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Jan 2021 11:27:17 GMT
Server: Microsoft-IIS/10.0
Age: 44197
ETag: "977ef3668ead61:0"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 1199
X-Amz-Cf-Id: tV_JxQgIL98ePFdfKz2kU_B5fJqxhZk3u3-1-8IvPER2a6Y-Pgn7Cw==

GET
H/1.1

200
OK

event
img.secureserver.net/t/1/tl/
Redirect Chain

http://img.secureserver.net/t/1/tl/event?cts=1616681374130&ap=WSBv7&ds=4000&tce=1616681373691&tcs=1616681373678&tdc=0&tdclee=1616681374139&tdcles=1616681374130&tdi=1616681374130&tdl=1616681373745&t...
https://img.secureserver.net/t/1/tl/event?cts=1616681374130&ap=WSBv7&ds=4000&tce=1616681373691&tcs=1616681373678&tdc=0&tdclee=1616681374139&tdcles=1616681374130&tdi=1616681374130&tdl=1616681373745&...

43 B
642 B

169ms
111ms

Image
image/gif

23.37.42.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.secureserver.net/t/1/tl/event?cts=1616681374130&ap=WSBv7&ds=4000&tce=1616681373691&tcs=1616681373678&tdc=0&tdclee=1616681374139&tdcles=1616681374130&tdi=1616681374130&tdl=1616681373745&tdle=1616681373678&tdls=1616681373671&tfs=1616681373670&tns=1616681373530&trqs=1616681373691&tre=1616681373745&trps=1616681373742&tles=0&tlee=0&dh=www.allexpressnews.com&dp=%2Fps5.html&dr=https%3A%2F%2Ft.co%2Fjo0t8q4SUn&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&feedtype=perf&z=1034634188

Requested by

Host: www.allexpressnews.com
URL: http://www.allexpressnews.com/ps5.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.42.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.allexpressnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Thu, 25 Mar 2021 14:09:41 GMT
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://www.allexpressnews.com, *
Access-Control-Max-Age: 1000
Cache-Control: private
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://img.secureserver.net/t/1/tl/event?cts=1616681374130&ap=WSBv7&ds=4000&tce=1616681373691&tcs=1616681373678&tdc=0&tdclee=1616681374139&tdcles=1616681374130&tdi=1616681374130&tdl=1616681373745&tdle=1616681373678&tdls=1616681373671&tfs=1616681373670&tns=1616681373530&trqs=1616681373691&tre=1616681373745&trps=1616681373742&tles=0&tlee=0&dh=www.allexpressnews.com&dp=%2Fps5.html&dr=https%3A%2F%2Ft.co%2Fjo0t8q4SUn&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&feedtype=perf&z=1034634188
Date: Thu, 25 Mar 2021 14:09:41 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 32EF 28 B
293 B 19ms
18ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/38c5f870/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/k5XaM0ZzGF8
X-YouTube-Client-Version: 1.20210322.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt6NGZ1Tm1Ub2t3cyids_KCBg%3D%3D
X-YouTube-Ad-Signals: dt=1616681373956&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKoWZxkD3jGcMVbEDRipQRE4bBi4EQBU2O3MhNwmuMQ_WfS4KZKkRUrsTZDyqvwDRaV7_K3f60nBTwu8ulwjt5vVf5Db1g

Response headers

date: Thu, 25 Mar 2021 14:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 25 Mar 2021 14:09:44 GMT

GET
H2

200

Primary Request esports Show response
www.bovada.lv/sports/
Redirect Chain

https://record.revenuenetwork.com/__FWeOJW18LBTrvWNKSES1GNd7ZgqdRLk/1/
https://www.bovada.lv/welcome/4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk/https://www.bovada.lv/sports/esports?overlay=join&affid=25093
https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093

30 KB
11 KB

237ms
236ms

Document
text/html

163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

4be365a0a27ecb1fb5bbc12a1ea7e8186db88c9d0f6d37dfb6a32bf8042bdc0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

:method: GET
:authority: www.bovada.lv
:scheme: https
:path: /sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://www.allexpressnews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.allexpressnews.com/ps5.html

Response headers

date: Thu, 25 Mar 2021 14:09:52 GMT
content-type: text/html; charset=UTF-8
etag: W/"en|||v:0|lgn:0|dt:d|os:w|cntry:FR|cur:USD|jn:0|rt:o|pb:0|control|Thu,-25-Mar-2021-14:09:52-GMT"
content-encoding: gzip
referrer-policy: strict-origin
set-cookie: VISITED=true;domain=.bovada.lv;expires=Sun, 23 Mar 2031 14:09:52 GMT;path=/;Secure;SameSite=Lax LANG=en;domain=.bovada.lv;path=/;Secure;SameSite=Lax Device-Type=Desktop|false;expires=Sun, 23 Mar 2031 14:09:52 GMT;path=/;Domain=.bovada.lv;Secure;SameSite=Lax variant=v:0|lgn:0|dt:d|os:w|cntry:FR|cur:USD|jn:0|rt:o|pb:0;expires=Sun, 23 Mar 2031 14:09:52 GMT;path=/;Domain=.bovada.lv;Secure;SameSite=Lax AB=control;Secure;SameSite=Lax
accept-ranges: bytes
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1zm204:4 (W), 1.1 kf160:0 (W), 1.1 PSdgflkfFRA1gi91:8 (W)
x-px: ms PSdgflkfFRA1gi91FRA,ms kf160FRA,ms PSdgflkfFRA1zm204FRA,ms PSygldLON2wq20LHR(origin)
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29244
cache-control: public, max-age=0
strict-transport-security: max-age=16070400
server: PWS/8.3.1.0.8

Redirect headers

date: Thu, 25 Mar 2021 14:09:52 GMT
content-length: 0
server: PWS/8.3.1.0.8
location: https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093
via: 1.0 PSdgflkfFRA1gi91:1 (W)
x-px: -
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29238
cache-control: public, max-age=0
strict-transport-security: max-age=16070400

POST atr
www.youtube.com/api/stats/ Frame 32EF 0
0

GET
H2 200 main-8baa86f3-f74e-4a14-bf8d-75cd4cad09db.css
www.bovada.lv/assets/css/ 440 KB
62 KB 34ms
33ms Stylesheet
text/css 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/css/main-8baa86f3-f74e-4a14-bf8d-75cd4cad09db.css

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

75bcf517cbf408c33487e5975b476f1d6f75dd36930a24b4f770bab26d924015

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:52 GMT
via: 1.1 PSygldLON2wr19:6 (W), 1.1 PSdgflkfFRA1zm204:9 (W), 1.1 kf148:4 (W), 1.1 PSdgflkfFRA1gi91:12 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29277
content-type: text/css; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1gi91FRA,ms kf148FRA,ht PSdgflkfFRA1zm204FRA
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 62722

GET
H2 200 runtime.66fa669cc34861760a40.js Show response
www.bovada.lv/assets/js/ 4 KB
3 KB 30ms
29ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

813c8ff02876b21ea0873ad0aedb967d74f6b2bc2e2361ee8376fd56d5387218

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:52 GMT
via: 1.1 PSygldLON2wr19:6 (W), 1.1 PSdgflkfFRA1zm204:6 (W), 1.1 PSdgflkfFRA1je97:11 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29288
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1je97FRA,ht PSdgflkfFRA1zm204FRA
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 2204

GET
H2 200 polyfills.f1b5326356ec73b9cdff.js Show response
www.bovada.lv/assets/js/ 41 KB
14 KB 29ms
28ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e5f58a4bd7c2a8acde1c0e30967d510b96aeed2eecb050bb1b403046616148e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:52 GMT
via: 1.1 PSygldLON2wr19:6 (W), 1.1 PSdgflkfFRA1zm204:2 (W), 1.1 PSdgflkfFRA1gi91:8 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29289
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1gi91FRA,ht PSdgflkfFRA1zm204FRA
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 13983

GET
H2 200 main.2467d4cc62e68a8f3091.js Show response
www.bovada.lv/assets/js/ 2 MB
546 KB 43ms
43ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

706f9890521d5e5a173e0ec014bb9e06608e243b8c1914d4a4efcbb9ca4af3bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:52 GMT
via: 1.1 PSygldLON2wr19:6 (W), 1.1 PSdgflkfFRA1dt202:0 (W), 1.1 PSdgflkfFRA1gi91:7 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29290
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1gi91FRA,ht PSdgflkfFRA1dt202FRA
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 558205

GET
H2 200 rubikRegular.woff2
www.bovada.lv/assets/assets/fonts/rubik/ 28 KB
28 KB 221ms
220ms Font
font/woff2 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/assets/fonts/rubik/rubikRegular.woff2

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/css/main-8baa86f3-f74e-4a14-bf8d-75cd4cad09db.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

ec2abdd166e36cad7367db3f6850ac4900e089329474f608aa10af09fa579280

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Origin: https://www.bovada.lv
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:52 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1zm204:1 (W), 1.1 PSdgflkfFRA1bc95:4 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29291
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1bc95FRA,ms PSdgflkfFRA1zm204FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 28280

GET
H2 200 receiver.html Show response
services.bovada.lv/ Frame 94E4 220 B
558 B 644ms
387ms Document
text/html 68.68.9.218
PATHWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bovada.lv/receiver.html

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.68.9.218 , Canada, ASN11342 (PATHWAY, CA),

Reverse DNS

Software

Resource Hash

94448815839b3a56152c920547957e72d52561c8658a8232e8374c3f585953ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.bovada.lv
Strict-Transport-Security	max-age=63072000
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: services.bovada.lv
:scheme: https
:path: /receiver.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bovada.lv/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: VISITED=true; LANG=en; Device-Type=Desktop|false; variant=v:0|lgn:0|dt:d|os:w|cntry:FR|cur:USD|jn:0|rt:o|pb:0; ftv=1616681392879
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bovada.lv/

Response headers

date: Thu, 25 Mar 2021 14:09:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
last-modified: Thu, 25 Mar 2021 09:28:18 GMT
etag: W/"dc-17868b68f50"
cache-control: public, max-age=3600
referrer-policy: strict-origin
set-cookie: AB=control;Secure;SameSite=Lax
content-security-policy: frame-ancestors https://*.bovada.lv
x-xss-protection: 1; mode=block
age: 0
accept-ranges: bytes
strict-transport-security: max-age=63072000
content-encoding: gzip

GET
H2 200 verification.json Show response
www.bovada.lv/i18n/en/ 224 B
664 B 223ms
222ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/i18n/en/verification.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

0472d5f7bead0812d053bdc83840d952c86654f25775c60d5f466bc11bcec208

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:53 GMT
via: 1.1 PShlamstdAMS1au20:2 (W), 1.1 PSdgflkfFRA1zm204:1 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
referrer-policy: strict-origin
last-modified: Tue, 23 Mar 2021 07:49:52 GMT
server: PWS/8.3.1.0.8
etag: "60599da0-e0"
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29334
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1dm92FRA,ht PSdgflkfFRA1zm204FRA
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 224

GET
H2 200 5.e8bc9bb76f590552197f.js Show response
www.bovada.lv/assets/js/ 55 KB
17 KB 580ms
579ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/5.e8bc9bb76f590552197f.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

53bd33966e6511467a04313dcfacdf1a5ff45dd48c19631769e71d94d7fa5682

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:53 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1lb17:10 (W), 1.1 kf160:4 (W), 1.1 PSdgflkfFRA1gi91:14 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29337
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1gi91FRA,ms kf160FRA,ms PShlamstdAMS1lb17AMS,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 16942

GET
H2 200 6.2ba8a49da76d3fd2c965.js Show response
www.bovada.lv/assets/js/ 240 KB
41 KB 623ms
621ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/6.2ba8a49da76d3fd2c965.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

5fd6405b976daf05781102ecbe6770237d29d4f92eff2d7c9c6d2eb89f1110ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:53 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1yz203:10 (W), 1.1 kf148:10 (W), 1.1 PSdgflkfFRA1je97:0 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29338
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1je97FRA,ms kf148FRA,ms PSdgflkfFRA1yz203FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 41131

GET
H2 200 11.47b7d36acbc2c6ed49e5.js Show response
www.bovada.lv/assets/js/ 19 KB
6 KB 236ms
235ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/11.47b7d36acbc2c6ed49e5.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

20c93af403202aeaada00f137823b5a380caedca0514c8a2d88def2f60c9b1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:53 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1lb17:1 (W), 1.1 PS-FRA-01E6z147:5 (W), 1.1 PSdgflkfFRA1dm92:8 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29339
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1dm92FRA,ms PS-FRA-01E6z147FRA,ms PShlamstdAMS1lb17AMS,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 5266

GET
H2 200 14.ee051d2e35fb8c9e0b24.js Show response
www.bovada.lv/assets/js/ 2 MB
237 KB 237ms
235ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/14.ee051d2e35fb8c9e0b24.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

df5067cd29fb2dbde487244fcad617790169e20559f008317d6b13f0fceab39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:53 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1zm204:5 (W), 1.1 PSdgflkfFRA1je97:9 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29340
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1je97FRA,ms PSdgflkfFRA1zm204FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 241289

GET
H2 200 19.08576d87163c18951863.js Show response
www.bovada.lv/assets/js/ 815 KB
161 KB 578ms
577ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/19.08576d87163c18951863.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

0941273fce1542812d4789504edebf51fa45e72d771cbf8b56c4939aa29a0252

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:53 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1pu19:3 (W), 1.1 PSdgflkfFRA1vg90:8 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29341
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1vg90FRA,ms PShlamstdAMS1pu19AMS,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 164119

GET
H2 200 common.7c5093db21dc1c543432.js Show response
www.bovada.lv/assets/js/ 32 KB
8 KB 579ms
578ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/common.7c5093db21dc1c543432.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

2a7f3e117ad690bf898ff2965c84c3fbc6bc2013cfc2793da4aab413d1f1634b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:53 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1dt202:4 (W), 1.1 PSdgflkfFRA1je97:10 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29342
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1je97FRA,ms PSdgflkfFRA1dt202FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 7329

GET
H2 200 67.02b09062b4f964fbf5d9.js Show response
www.bovada.lv/assets/js/ 17 KB
5 KB 583ms
583ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/67.02b09062b4f964fbf5d9.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

96ac14990bf5ec91d2d00e0fc41366154a9e472f23d1f344701f65e6f712da5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:53 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1pu19:0 (W), 1.1 PSdgflkfFRA1eq94:9 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b0_PSdgflkfFRA1dm9_18147-29343
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1eq94FRA,ms PShlamstdAMS1pu19AMS,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 4866

GET
H2 200 access Show response
services.bovada.lv/services/jurisdiction/v2/ Frame 94E4 20 B
285 B 476ms
473ms XHR
application/json 68.68.9.218
PATHWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bovada.lv/services/jurisdiction/v2/access

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.68.9.218 , Canada, ASN11342 (PATHWAY, CA),

Reverse DNS

Software

Resource Hash

5c1493abafcbaa6b945aff4fde76520ae4a28607198cea6bfa293c5e6c08b00d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json, text/plain, */*
Referer: https://services.bovada.lv/
X-REFERER: https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
content-encoding: gzip
referrer-policy: strict-origin
age: 0
vary: accept-encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 46

GET
H2 200 site Show response
www.bovada.lv/services/sports/config/ 26 KB
27 KB 227ms
227ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/services/sports/config/site

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

bc3c538761bb8a152bef380e4dd4a1cb1e3ea89f5b3c7ab0d110343dd2ac9845

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CHANNEL: desktop

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1pu19:2 (W), 1.1 PSdgflkfFRA1gi91:12 (W)
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29490
content-type: application/json;charset=utf-8
cache-control: max-age=3600, public
x-px: ms PSdgflkfFRA1gi91FRA,ms PShlamstdAMS1pu19AMS,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400

GET
H2 200 esports Show response
services.bovada.lv/services/sports/event/v2/nav/A/description/ Frame 94E4 1 KB
793 B 402ms
401ms XHR
application/json 68.68.9.218
PATHWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bovada.lv/services/sports/event/v2/nav/A/description/esports?lang=en

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.68.9.218 , Canada, ASN11342 (PATHWAY, CA),

Reverse DNS

Software

Resource Hash

5114c4a8d63222302855a5a893b6589eb30641578bb0c1ca7d69c282dbf08a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json, text/plain, */*
Referer: https://services.bovada.lv/
X-REFERER: https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CHANNEL: desktop

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
content-encoding: gzip
age: 0
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin
cache-control: public, max-age=900, stale-while-revalidate=30
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
accept-ranges: bytes
access-control-allow-headers: x-channel, Authorization, X-Sports-Origin, X-SPORT-CONTEXT

GET
H2 200 en Show response
www.bovada.lv/content/content-metadata/v2/metadata/buckets/default/ 224 B
697 B 254ms
253ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/content/content-metadata/v2/metadata/buckets/default/en?path=/sports/esports?overlay=join

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

62c437e10437d1d593fd98c52f30e6584f774ba60a3f94abea7ee685cf75de99

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
content-encoding: gzip
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29527
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1dt202:10 (W), 1.1 PS-FRA-01E6z147:6 (W), 1.1 PSdgflkfFRA1eq94:1 (W)
cache-control: max-age=1800, public
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1eq94FRA,ms PS-FRA-01E6z147FRA,ms PSdgflkfFRA1dt202FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 139

GET
H2 200 4.3c0fe07a79052fadfc18.js Show response
www.bovada.lv/assets/js/ 55 KB
15 KB 223ms
222ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/4.3c0fe07a79052fadfc18.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

475ee635028cf94f79651edb6b0311e4876149044276cc682b679c223d5aa23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1qj18:8 (W), 1.1 PS-FRA-018SR149:1 (W), 1.1 PSdgflkfFRA1gi91:11 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29529
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1gi91FRA,ms PS-FRA-018SR149FRA,ms PShlamstdAMS1qj18AMS,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 14879

GET
H2 200 7.3894d7fd3196c0bd9704.js Show response
www.bovada.lv/assets/js/ 63 KB
12 KB 227ms
227ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/7.3894d7fd3196c0bd9704.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

524397d16344367108e30331c6b7456a29dd904eb58e3303d14fb2184e56081c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1zm204:0 (W), 1.1 kf148:4 (W), 1.1 PSdgflkfFRA1eq94:6 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29530
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1eq94FRA,ms kf148FRA,ms PSdgflkfFRA1zm204FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 11447

GET
H2 200 64.97126ce2e54fcc5a2366.js Show response
www.bovada.lv/assets/js/ 31 KB
8 KB 227ms
226ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/64.97126ce2e54fcc5a2366.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

bdcca4aa96d22faf51d92ea2ce89c22c207122488d90cccb062a69c99ed1d905

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1yz203:7 (W), 1.1 kf160:3 (W), 1.1 PSdgflkfFRA1bc95:11 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29531
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1bc95FRA,ms kf160FRA,ms PSdgflkfFRA1yz203FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-encoding: gzip
content-length: 7295

GET
H2 200 language.json Show response
www.bovada.lv/i18n/en/ 468 B
685 B 229ms
229ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/i18n/en/language.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

021f8226b4d8815de6cafbb9c492dafcaeb762029164f3db093b9063767db891

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
content-encoding: gzip
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29534
access-control-allow-origin: *
x-px: ms PSdgflkfFRA1dm92FRA,ms PS-FRA-018SR149FRA,ht PSdgflkfFRA1zm204FRA
content-length: 187
referrer-policy: strict-origin
last-modified: Tue, 23 Mar 2021 07:50:06 GMT
server: PWS/8.3.1.0.8
etag: W/"60599dae-1d4"
strict-transport-security: max-age=16070400
content-type: application/json
via: 1.1 PShlamstdAMS1au20:1 (W), 1.1 PSdgflkfFRA1zm204:7 (W), 1.1 PS-FRA-018SR149:3 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 header.json Show response
www.bovada.lv/i18n/en/ 411 B
674 B 245ms
244ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/i18n/en/header.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

1d8cd937203c05aaf8b8943b1b3d800bdcea2f0e13144a673ea7c4b70eaf0dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
content-encoding: gzip
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29535
access-control-allow-origin: *
x-px: ms PSdgflkfFRA1dm92FRA,ht PSdgflkfFRA1dt202FRA
content-length: 215
referrer-policy: strict-origin
last-modified: Tue, 23 Mar 2021 07:49:52 GMT
server: PWS/8.3.1.0.8
etag: W/"60599da0-19b"
strict-transport-security: max-age=16070400
content-type: application/json
via: 1.1 PShlamstdAMS1au20:1 (W), 1.1 PSdgflkfFRA1dt202:8 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 spNav.json Show response
www.bovada.lv/i18n/en/ 306 B
644 B 225ms
224ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/i18n/en/spNav.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

cf0109afc1998c50054646efdac9de6d3c37fdeea36af065de680df98242ae38

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
content-encoding: gzip
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29538
access-control-allow-origin: *
x-px: ms PSdgflkfFRA1dm92FRA,ms PShlamstdAMS1qj18AMS,ms PSygldLON2wq20LHR(origin)
content-length: 163
referrer-policy: strict-origin
last-modified: Tue, 23 Mar 2021 07:49:56 GMT
server: PWS/8.3.1.0.8
etag: W/"60599da4-132"
strict-transport-security: max-age=16070400
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1qj18:0 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 description Show response
services.bovada.lv/services/sports/event/v2/nav/A/ Frame 94E4 4 KB
1 KB 487ms
487ms XHR
application/json 68.68.9.218
PATHWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://services.bovada.lv/services/sports/event/v2/nav/A/description?lang=en

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.68.9.218 , Canada, ASN11342 (PATHWAY, CA),

Reverse DNS

Software

Resource Hash

33f1608a04505e92522a9ab0e0a3dd77f22766f96fa873292104d252f1ecfbde

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json, text/plain, */*
Referer: https://services.bovada.lv/
X-REFERER: https://www.bovada.lv/sports/esports?referral=4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk&overlay=join&affid=25093
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CHANNEL: desktop

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
content-encoding: gzip
age: 0
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin
cache-control: public, max-age=3600, stale-while-revalidate=30
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
accept-ranges: bytes
access-control-allow-headers: x-channel, Authorization, X-Sports-Origin, X-SPORT-CONTEXT
content-length: 898

GET
H2 200 spOddsFormats.json Show response
www.bovada.lv/i18n/en/ 248 B
750 B 580ms
580ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/i18n/en/spOddsFormats.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

9a2dfab5630b2fc26401c44cad8ae45e2d027fc3c7b711e6a56ef43f226fb05c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1zm204:9 (W), 1.1 PS-FRA-01E6z147:5 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
referrer-policy: strict-origin
last-modified: Tue, 23 Mar 2021 07:49:52 GMT
server: PWS/8.3.1.0.8
etag: "60599da0-f8"
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29542
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1dm92FRA,ms PS-FRA-01E6z147FRA,ms PSdgflkfFRA1zm204FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 248

GET
H2 200 spEventPathFilter.json Show response
www.bovada.lv/i18n/en/ 494 B
697 B 611ms
611ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/i18n/en/spEventPathFilter.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

4656208457d1b1b7de2500a2cb6c6762d2007b8ee58777f982fb68ffb6fb351d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29543
access-control-allow-origin: *
x-px: ms PSdgflkfFRA1dm92FRA,ms kf160FRA,ms PSdgflkfFRA1zm204FRA,ms PSygldLON2wq20LHR(origin)
content-length: 192
referrer-policy: strict-origin
last-modified: Tue, 23 Mar 2021 07:50:06 GMT
server: PWS/8.3.1.0.8
etag: W/"60599dae-1ee"
strict-transport-security: max-age=16070400
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1zm204:6 (W), 1.1 kf160:9 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 spBetslip.json Show response
www.bovada.lv/i18n/en/ 18 KB
5 KB 580ms
580ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/i18n/en/spBetslip.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

303c3faa2335d580d276bd90027221f19ee63ab33817c757e6f1994f1311e6d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
referrer-policy: strict-origin
last-modified: Tue, 23 Mar 2021 07:49:52 GMT
server: PWS/8.3.1.0.8
etag: W/"60599da0-4714"
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29547
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1dm92FRA,ms PS-FRA-018SR149FRA,ms PSdgflkfFRA1yz203FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1yz203:2 (W), 1.1 PS-FRA-018SR149:5 (W), 1.1 PSdgflkfFRA1dm92:1 (W)

GET
H2 200 icons-bovada-v3.woff
www.bovada.lv/assets/assets/fonts/icons/bovada/ 76 KB
77 KB 588ms
587ms Font
font/woff 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/assets/fonts/icons/bovada/icons-bovada-v3.woff?v2

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/css/main-8baa86f3-f74e-4a14-bf8d-75cd4cad09db.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

1c0355303027fbd2993d7e10a03d0bc6ad6904c15de7c83373521e5d8b7c8e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Origin: https://www.bovada.lv
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1qj18:5 (W), 1.1 PSdgflkfFRA1vg90:2 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29549
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1vg90FRA,ms PShlamstdAMS1qj18AMS,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 78216

GET
H2 200 spCoupon.json Show response
www.bovada.lv/i18n/en/ 2 KB
1 KB 577ms
577ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/i18n/en/spCoupon.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

bddb517c97272704347247455ef269d3765517c6854aa3224d396abbadc899ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29556
access-control-allow-origin: *
x-px: ms PSdgflkfFRA1dm92FRA,ms PShlamstdAMS1qj18AMS,ms PSygldLON2wq20LHR(origin)
content-length: 800
referrer-policy: strict-origin
last-modified: Tue, 23 Mar 2021 07:49:52 GMT
server: PWS/8.3.1.0.8
etag: W/"60599da0-911"
strict-transport-security: max-age=16070400
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1qj18:1 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes

GET footer
www.bovada.lv/content/v5/buckets/default/languages/en/slugs/ 0
0

GET
H2 200 nav-menu Show response
www.bovada.lv/content/v5/buckets/default/languages/en/slugs/ 25 KB
5 KB 608ms
607ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/content/v5/buckets/default/languages/en/slugs/nav-menu

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

16a90edfb1f7f2663b1d46072debe18f8d0c0f4779c82102183a1e964ee8b9b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Preset-Filter: navigation

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
etag: "|Thu,-25-Mar-2021-14:09:55-GMT"
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29558
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1zm204:10 (W), 1.1 PSdgflkfFRA1gi91:1 (W)
cache-control: public, max-age=0
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1gi91FRA,ms PSdgflkfFRA1zm204FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 4622

GET
H2 200 nav-menu Show response
www.bovada.lv/content/v5/buckets/default/languages/en/slugs/ 25 KB
5 KB 610ms
610ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/content/v5/buckets/default/languages/en/slugs/nav-menu

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

16a90edfb1f7f2663b1d46072debe18f8d0c0f4779c82102183a1e964ee8b9b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Preset-Filter: navigation

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
etag: "|Thu,-25-Mar-2021-14:09:55-GMT"
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29559
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1zm204:10 (W), 1.1 PSdgflkfFRA1gi91:1 (W)
cache-control: public, max-age=0
access-control-allow-credentials: true
x-px: ht PSdgflkfFRA1gi91FRA
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 4622

GET
H2 200 nav-menu Show response
www.bovada.lv/content/v5/buckets/default/languages/en/slugs/ 25 KB
5 KB 609ms
609ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/content/v5/buckets/default/languages/en/slugs/nav-menu

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

16a90edfb1f7f2663b1d46072debe18f8d0c0f4779c82102183a1e964ee8b9b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Preset-Filter: navigation

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
etag: "|Thu,-25-Mar-2021-14:09:55-GMT"
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29560
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1zm204:10 (W), 1.1 PSdgflkfFRA1gi91:1 (W)
cache-control: public, max-age=0
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1gi91FRA,ht PSdgflkfFRA1zm204FRA
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 4622

GET
H2 200 sports.json Show response
www.bovada.lv/content/default/en/ 16 KB
1 KB 337ms
337ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/content/default/en/sports.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

75fb2a21a064ca9bb436deadbf3b1ada380d9b7ed158b33a00b3c18cc97a8d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
content-encoding: gzip
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29561
access-control-allow-origin: *
x-px: ms PSdgflkfFRA1dm92FRA,ms PShlamstdAMS1lb17AMS,ms PSygldLON2wq20LHR(origin)
content-length: 986
referrer-policy: strict-origin
last-modified: Wed, 24 Mar 2021 14:30:30 GMT
server: PWS/8.3.1.0.8
etag: W/"605b4d06-3fad"
strict-transport-security: max-age=16070400
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1lb17:7 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 sports-quick-links Show response
www.bovada.lv/content/v5/buckets/default/languages/en/slugs/ 3 KB
1 KB 584ms
583ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/content/v5/buckets/default/languages/en/slugs/sports-quick-links

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

77ad6c4c34a6d2a546218e35dab86efee38f19e767299464cddff6c5684dbade

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
etag: "|Thu,-25-Mar-2021-14:09:55-GMT"
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29563
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1yz203:6 (W), 1.1 PS-FRA-018SR149:10 (W), 1.1 PSdgflkfFRA1bc95:1 (W)
cache-control: public, max-age=0
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1bc95FRA,ms PS-FRA-018SR149FRA,ms PSdgflkfFRA1yz203FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 786

GET
H2 200 navigation-v2.json Show response
www.bovada.lv/content/default/en/ 591 B
747 B 248ms
248ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/content/default/en/navigation-v2.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

6565a070abfd8fbef639e6eac5d76382aef79cb7f71d73d15344d4ddb344d15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
content-encoding: gzip
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29564
access-control-allow-origin: *
x-px: ms PSdgflkfFRA1dm92FRA,ms PShlamstdAMS1qj18AMS,ms PSygldLON2wq20LHR(origin)
content-length: 233
referrer-policy: strict-origin
last-modified: Wed, 24 Mar 2021 14:30:30 GMT
server: PWS/8.3.1.0.8
etag: W/"605b4d06-24f"
strict-transport-security: max-age=16070400
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1qj18:4 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 betslip.json Show response
www.bovada.lv/content/default/en/ 731 B
752 B 234ms
234ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/content/default/en/betslip.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

8d8b0d4f69d972f61032ef4024eee001626871e845b2b50df43ce6505100f6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
content-encoding: gzip
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29565
access-control-allow-origin: *
x-px: ms PSdgflkfFRA1dm92FRA,ms PShlamstdAMS1qj18AMS,ms PSygldLON2wq20LHR(origin)
content-length: 238
referrer-policy: strict-origin
last-modified: Wed, 24 Mar 2021 14:30:30 GMT
server: PWS/8.3.1.0.8
etag: W/"605b4d06-2db"
strict-transport-security: max-age=16070400
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1qj18:7 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 logo_main.svg
www.bovada.lv/content/images/ 1 KB
1 KB 561ms
560ms Image
image/svg+xml 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/content/images/logo_main.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

53760a80204117fbc5aee1d5cd525d7419b8e74bde0f6b0b8a1b1469fc70574b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29567
content-type: image/svg+xml
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1pu19:1 (W), 1.1 PSdgflkfFRA1vg90:1 (W)
cache-control: public, max-age=157788000
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1vg90FRA,ms PShlamstdAMS1pu19AMS,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 748

GET
H2 200 rubikMedium.woff2
www.bovada.lv/assets/assets/fonts/rubik/ 28 KB
29 KB 564ms
563ms Font
font/woff2 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/assets/fonts/rubik/rubikMedium.woff2

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/css/main-8baa86f3-f74e-4a14-bf8d-75cd4cad09db.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

cc250ffc35ff42ab1238a89baca6ccd35dbdd24a5aa08d0395eb563df74a89d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Origin: https://www.bovada.lv
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PShlamstdAMS1lb17:8 (W), 1.1 PS-FRA-018SR149:0 (W), 1.1 PSdgflkfFRA1dm92:3 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29568
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=157788000
x-px: ms PSdgflkfFRA1dm92FRA,ms PS-FRA-018SR149FRA,ms PShlamstdAMS1lb17AMS,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 29120

GET
H2 200 hardblock.json Show response
www.bovada.lv/i18n/en/ 119 B
596 B 230ms
229ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/i18n/en/hardblock.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

f5c91fe5009112ff46de174eb94a147c8f1e77bb914ffd153e7d795b33186b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
via: 1.1 PSygldLON2wr19:4 (W), 1.1 PShlamstdAMS1pu19:8 (W), 1.1 PS-FRA-01E6z147:9 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
referrer-policy: strict-origin
last-modified: Tue, 23 Mar 2021 07:50:06 GMT
server: PWS/8.3.1.0.8
etag: "60599dae-77"
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29574
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1dm92FRA,ms PS-FRA-01E6z147FRA,ht PShlamstdAMS1pu19AMS
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 119

GET
H2 200 hardblock.json Show response
www.bovada.lv/i18n/es/ 121 B
559 B 255ms
255ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/i18n/es/hardblock.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

a02a03eb4ff43ee368b79593d9f1fadf4b72576c52071f8eb5a2fe3edaaef4d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
via: 1.1 PSygldLON2wr19:4 (W), 1.1 PShlamstdAMS1pu19:3 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
referrer-policy: strict-origin
last-modified: Tue, 23 Mar 2021 07:50:06 GMT
server: PWS/8.3.1.0.8
etag: "60599dae-79"
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29575
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1dm92FRA,ht PShlamstdAMS1pu19AMS
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 121

GET
H2 200 hardblock.json Show response
www.bovada.lv/i18n/zh-hans/ 120 B
598 B 227ms
226ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/i18n/zh-hans/hardblock.json

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

d1bf2809eb77a7cca0565d6759ba2d7dd6b61a10b344bcda53b5f83a7b6372ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
via: 1.1 PShlamstdAMS1au20:2 (W), 1.1 PSdgflkfFRA1dt202:2 (W), 1.1 PS-FRA-01E6z147:7 (W), 1.1 PSdgflkfFRA1dm92:1 (W)
referrer-policy: strict-origin
last-modified: Tue, 23 Mar 2021 07:50:06 GMT
server: PWS/8.3.1.0.8
etag: "60599dae-78"
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29576
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1dm92FRA,ms PS-FRA-01E6z147FRA,ht PSdgflkfFRA1dt202FRA
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 120

GET
H2 200 en Show response
www.bovada.lv/content/content-metadata/v2/metadata/buckets/default/ 2 B
580 B 264ms
264ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/content/content-metadata/v2/metadata/buckets/default/en?path=/blocked

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:54 GMT
content-encoding: gzip
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29577
content-type: application/json
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1dt202:10 (W), 1.1 PS-FRA-01E6z147:6 (W), 1.1 PSdgflkfFRA1eq94:1 (W)
cache-control: max-age=1800, public
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1eq94FRA,ms PS-FRA-01E6z147FRA,ms PSdgflkfFRA1dt202FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 22

GET
H2 200 not-available@2x.png
www.bovada.lv/content/images/special_pages/ 57 KB
57 KB 565ms
564ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bovada.lv/content/images/special_pages/not-available@2x.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e11d206da9af7dc69e2f27f9296725d4eae19b97dda467dafe2df6a93d9fa520

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
via: 1.1 PSygldLON2wq20:7 (W), 1.1 PSdgflkfFRA1dt202:7 (W), 1.1 PSdgflkfFRA1eq94:5 (W)
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
x-ws-request-id: 605c99b2_PSdgflkfFRA1dm9_18147-29578
content-type: image/png
cache-control: public, max-age=157788000
access-control-allow-credentials: true
x-px: ms PSdgflkfFRA1eq94FRA,ms PSdgflkfFRA1dt202FRA,ms PSygldLON2wq20LHR(origin)
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 57970

GET
H/1.1 200
OK 660499503695122 Show response
responder.wt-safetag.com/resp/api/get/ 121 KB
31 KB 1139ms
53ms Script
text/javascript 185.54.150.22
WEBTREKK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://responder.wt-safetag.com/resp/api/get/660499503695122?url=https%3A%2F%2Fwww.bovada.lv%2Fsports%2Fesports%3Freferral%3D4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk%26overlay%3Djoin%26affid%3D25093&v=5
Requested by: Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.54.150.22 , Germany, ASN60164 (WEBTREKK-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5a10c5feaac0bf01ea5aad206a648ca2b42be12d1ac7649b8773dd6743ac05ff

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 14:09:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 15:34:33 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age: 0, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 hotjar-510373.js Show response
static.hotjar.com/c/ 4 KB
2 KB 97ms
38ms Script
application/javascript 13.226.159.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-510373.js?sv=6

Requested by

Host: t.co
URL: https://t.co/jo0t8q4SUn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-67.dus51.r.cloudfront.net

Software

Resource Hash

56a6e62a89a13f7e374d3ea4eb3348b10260ab70f6338efdb28483c16417fd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 19
etag: W/bcf1fa4cf18e39662db8ffaa18c49dff
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: DUS51-C1
content-length: 1619
via: 1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)
x-amz-cf-id: 6C3N3bQ84ogn0I5tT3diy7W8LdXvcDMNnw2vP8cQKyekvwZ8KQYsJw==

GET
H2 200 42.344b43c2b6fd3cc62b24.js Show response
www.bovada.lv/assets/js/ 9 KB
3 KB 27ms
24ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/42.344b43c2b6fd3cc62b24.js

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/runtime.66fa669cc34861760a40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

d02777642c18db11491595538e91114dd4438f37ec1a7724847d5ab899961c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
age: 6692
x-ws-request-id: 605c99b3_PSdgflkfFRA1dm9_18147-29676
content-type: application/javascript; charset=UTF-8
via: 1.1 PSygldLON2sq21:5 (W), 1.1 PShlamstdAMS1qj18:4 (W), 1.1 PSdgflkfFRA1bc95:13 (W)
cache-control: public, max-age=157788000
x-px: ht PSdgflkfFRA1bc95FRA
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 3089

GET
H2 200 curacaoLoader.js Show response
www.bovada.lv/assets/js/vendor/ 840 B
759 B 27ms
25ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/vendor/curacaoLoader.js?q=37002806283

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

858673571796fdef112093d66e31e2d479f86f5adee5af67691d6fc0302b5911

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
age: 6692
x-ws-request-id: 605c99b3_PSdgflkfFRA1dm9_18147-29677
content-type: application/javascript; charset=UTF-8
via: 1.1 PShlamstdAMS1af24:7 (W), 1.1 PSdgflkfFRA1zm204:4 (W), 1.1 PSdgflkfFRA1je97:0 (W)
cache-control: public, max-age=157788000
x-px: ht PSdgflkfFRA1je97FRA
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 390

GET
H2 200 nvChat.min.js Show response
www.bovada.lv/assets/js/ 10 KB
6 KB 27ms
25ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bovada.lv/assets/js/nvChat.min.js?cb=881733e21eef12d881406c00d33265ab960f243f

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

6a969495afeeeb25f6c070840910ece077bdaf0a89238819eb24d9d809472835

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
referrer-policy: strict-origin
server: PWS/8.3.1.0.8
age: 6692
x-ws-request-id: 605c99b3_PSdgflkfFRA1dm9_18147-29678
content-type: application/javascript; charset=UTF-8
via: 1.1 PShlamstdAMS1af24:1 (W), 1.1 PSdgflkfFRA1yz203:1 (W), 1.1 kf148:2 (W), 1.1 PSdgflkfFRA1eq94:4 (W)
cache-control: public, max-age=157788000
x-px: ht PSdgflkfFRA1eq94FRA
strict-transport-security: max-age=16070400
accept-ranges: bytes
content-length: 5313

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 956 B
1 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=reCaptchaScriptLoadedCallback&hl=en&render=6LfNa_oUAAAAAJHZmkav4IcbNUGWKj-M9xxavODt

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ea555dd5109f55a8438d1fbeb2dc5f35b8e2557eabc01e928194271d3ef70f66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 1; mode=block
expires: Thu, 25 Mar 2021 14:09:55 GMT

GET
H/1.1 200
OK nm.rules.js Show response
nchat2.bovada.lv/rules/la/ 10 KB
10 KB 840ms
467ms Script
application/javascript 185.156.184.207
PATHWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://nchat2.bovada.lv/rules/la/nm.rules.js

Requested by

Host: t.co
URL: https://t.co/jo0t8q4SUn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.156.184.207 , United Kingdom, ASN11342 (PATHWAY, CA),

Reverse DNS

Software

Apache/2.4.6 (CentOS) /

Resource Hash

bf37aeb0f3dfb6af907550daf6c2f9bb70160ac6fecd57cd95a42d26afcd6e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: private
Date: Thu, 25 Mar 2021 14:09:56 GMT
Last-Modified: Wed, 17 Jun 2020 04:51:37 GMT
Server: Apache/2.4.6 (CentOS)
ETag: "2639-5a8406a42f9b4"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Accept,Content-Type,Origin,X-Requested-With
Content-Length: 9785
Keep-Alive: timeout=5, max=100

OPTIONS
H/1.1 200
OK events
api.wicket-keeper.com/intake/v2/rum/ Frame 0
0 1084ms
194ms Preflight 208.78.16.222
PATHWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wicket-keeper.com/intake/v2/rum/events

Protocol

HTTP/1.1

Server

208.78.16.222 , Mexico, ASN11342 (PATHWAY, CA),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.bovada.lv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: Content-Type, Content-Encoding, Accept
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: https://www.bovada.lv
Access-Control-Expose-Headers: Etag
Access-Control-Max-Age: 3600
Content-Length: 0
Vary: Origin
X-Content-Type-Options: nosniff
Date: Thu, 25 Mar 2021 14:09:56 GMT

POST
H/1.1 202
Accepted events Show response
api.wicket-keeper.com/intake/v2/rum/ 0
166 B 194ms
194ms XHR
text/plain 208.78.16.222
PATHWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wicket-keeper.com/intake/v2/rum/events

Requested by

Host: www.bovada.lv
URL: https://www.bovada.lv/assets/js/polyfills.f1b5326356ec73b9cdff.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

208.78.16.222 , Mexico, ASN11342 (PATHWAY, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-ndjson

Response headers

Access-Control-Allow-Origin: https://www.bovada.lv
Date: Thu, 25 Mar 2021 14:09:56 GMT
X-Content-Type-Options: nosniff
Content-Length: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ 331 KB
130 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=reCaptchaScriptLoadedCallback&hl=en&render=6LfNa_oUAAAAAJHZmkav4IcbNUGWKj-M9xxavODt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bovada.lv
Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 12:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7232
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Mar 2022 12:09:23 GMT

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CCB3 19 KB
10 KB 44ms
43ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNa_oUAAAAAJHZmkav4IcbNUGWKj-M9xxavODt&co=aHR0cHM6Ly93d3cuYm92YWRhLmx2OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=8hswz740ah7o

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e47098101d2a5d8b234cf99a14467107debff6aea268f7a56fd08621cfde598f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6q+NbULAq9jgsQvlGxKPHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfNa_oUAAAAAJHZmkav4IcbNUGWKj-M9xxavODt&co=aHR0cHM6Ly93d3cuYm92YWRhLmx2OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=8hswz740ah7o
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bovada.lv/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=212=Uw9y92KPWMunpb2HsfyBH1QBU8zPvdYvns2Dn_OB2QZxlM35TXB7mWhyHoeXta5zA-JJ15Hs-56kbZt_Ji5IUk_aARKtGJVnR0hc8ad6zI2RVB6xhwzEm0VEoA81Remt2B_39FcqjjAgtahnLD0ezvnS_uW2i8DxtipQ731o_cc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bovada.lv/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 25 Mar 2021 14:09:55 GMT
content-security-policy: script-src 'report-sample' 'nonce-6q+NbULAq9jgsQvlGxKPHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10080
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 modules.35981999a656a5a28309.js Show response
script.hotjar.com/ 217 KB
58 KB 108ms
44ms Script
application/javascript 13.226.159.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.35981999a656a5a28309.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-510373.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-112.dus51.r.cloudfront.net

Software

Resource Hash

be26dc83d31ea12211104016f94a8df96762c716ff80ef9859b5d87d5ef19ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 12:55:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90887
x-cache: Hit from cloudfront
content-length: 58593
access-control-allow-origin: *
last-modified: Wed, 24 Mar 2021 12:55:01 GMT
etag: "feecc1308620f8e5b960a42433207f2e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: QkIXiRKbgwebkuU9ILcsmhiWLt7U1MgFYWtg3hKPYlq-y7VR0uKkYg==

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame CCB3 50 KB
25 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNa_oUAAAAAJHZmkav4IcbNUGWKj-M9xxavODt&co=aHR0cHM6Ly93d3cuYm92YWRhLmx2OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=8hswz740ah7o

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 11:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
age: 9836
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Fri, 25 Mar 2022 11:25:59 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame CCB3 331 KB
130 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 12:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7232
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Mar 2022 12:09:23 GMT

GET
H2 200 box-f8697186ca3a8d08bfff6b2981bb517b.html Show response
vars.hotjar.com/ Frame 2809 2 KB
1 KB 82ms
26ms Document
text/html 13.226.159.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-f8697186ca3a8d08bfff6b2981bb517b.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-510373.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-3.dus51.r.cloudfront.net
Software: /
Resource Hash: d0373a42045ce9658b8d8a8f022e0346924dbeace13eabc6d34bca513756c772

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-f8697186ca3a8d08bfff6b2981bb517b.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bovada.lv/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bovada.lv/

Response headers

content-type: text/html
content-length: 812
date: Thu, 25 Mar 2021 08:27:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "1cbb0cdb45ffe1a9c1166f60857de372"
last-modified: Thu, 25 Mar 2021 08:26:36 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: VTt_ri7_LyRq9mg6hzOohc_rgsiNL4OQWKhRagjpzheN8ER2gJYRHA==
age: 20568

GET
H3-Q050 200 X8unmHfEQ3F5n2RsHjGpzlShR0zqBlJO5Q_PtwQUnPI.js Show response
www.google.com/js/bg/ Frame CCB3 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/X8unmHfEQ3F5n2RsHjGpzlShR0zqBlJO5Q_PtwQUnPI.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fcba79877c44371799f646c1e31a9ce54a1474cea06524ee50fcfb704149cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNa_oUAAAAAJHZmkav4IcbNUGWKj-M9xxavODt&co=aHR0cHM6Ly93d3cuYm92YWRhLmx2OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=8hswz740ah7o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 13:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 3334
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5716
x-xss-protection: 0
expires: Fri, 25 Mar 2022 13:14:21 GMT

GET
H3-Q050 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CCB3 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 16:01:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 166088
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 30 Mar 2021 16:01:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CCB3 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:51:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 476280
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 20 Mar 2022 01:51:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CCB3 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:43:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 142011
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Wed, 23 Mar 2022 22:43:04 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame CCB3 102 B
217 B 14ms
14ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNa_oUAAAAAJHZmkav4IcbNUGWKj-M9xxavODt&co=aHR0cHM6Ly93d3cuYm92YWRhLmx2OjQ0Mw..&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&cb=8hswz740ah7o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 25 Mar 2021 14:09:55 GMT

GET
H/1.1 200
200 JSPClient.jsp Show response
nchat2.bovada.lv/iChatClient/ 1 KB
2 KB 204ms
203ms Script
application/javascript 185.156.184.207
PATHWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://nchat2.bovada.lv/iChatClient/JSPClient.jsp?action=RULES&json=%7B%22feid%22%3A%22bovadalv-frontend%22%7D&cbf=NM.jsonp.cb_0

Requested by

Host: nchat2.bovada.lv
URL: https://nchat2.bovada.lv/rules/la/nm.rules.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.156.184.207 , United Kingdom, ASN11342 (PATHWAY, CA),

Reverse DNS

Software

Apache/2.4.6 (CentOS) /

Resource Hash

10526811943cbece322efd88dd98707b275173345bae39ec0a953abd306c2d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: private
Date: Thu, 25 Mar 2021 14:09:56 GMT
Last-Modified: Thu, 25 Mar 2021 14:09:56 GMT
Server: Apache/2.4.6 (CentOS)
Strict-Transport-Security: max-age=63072000; includeSubDomains
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/javascript;charset=UTF-8
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Accept,Content-Type,Origin,X-Requested-With
Content-Length: 1182
Keep-Alive: timeout=5, max=99
Expires: Thu, 25 Mar 2021 15:09:56 GMT

GET
H2 200 wt
pro2.webtrekk-us.net/205099820688534/ 43 B
514 B 314ms
93ms Image
image/gif 54.84.7.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pro2.webtrekk-us.net/205099820688534/wt?p=524,BVD%3Asports%3Aesports%3Foverlay%3Djoin,1,1600x1200,24,1,1616681396828,http%3A%2F%2Fwww.allexpressnews.com%2F,1600x1200,0&uc708=FR&la=en&cg1=delta&cg2=BVD&is=-1&cp1=en&cp2=delta&cp3=BVD&cp4=www.bovada.lv&cp5=%2Fblocked&cp6=https%3A%2F%2Fwww.bovada.lv%2Fblocked&cp10=10&cp15=-1&cp18=page&cp19=-1&cp21=3402&cp22=0&cp30=DEFAULT&cp31=notlogged&cp32=-1&cp771=-1&cb3=BVD&cs6=f&cs8=FR&cs14=DEFAULT&np=&pu=https%3A%2F%2Fwww.bovada.lv%2Fblocked
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.7.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: 3001 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 14:09:57 GMT
content-type: image/gif;charset=UTF-8
last-modified: Thu, 25 Mar 2021 14:09:57 GMT
server: 3001
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 wt
pro2.webtrekk-us.net/205099820688534/ 43 B
515 B 313ms
92ms Image
image/gif 54.84.7.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pro2.webtrekk-us.net/205099820688534/wt?p=524,BVD%3Asports%3Aesports%3Foverlay%3Djoin,1,1600x1200,24,1,1616681396836,2,1600x1200,0&uc708=FR&la=en&cg1=delta&cg2=BVD&is=-1&cp1=en&cp2=delta&cp3=BVD&cp4=www.bovada.lv&cp5=%2Fblocked&cp6=https%3A%2F%2Fwww.bovada.lv%2Fblocked&cp10=10&cp15=-1&cp18=page&cp19=-1&cp21=3402&cp22=0&cp30=DEFAULT&cp31=notlogged&cp32=-1&cp771=-1&cb3=BVD&cs6=f&cs8=FR&cs14=DEFAULT&np=&pu=https%3A%2F%2Fwww.bovada.lv%2Fblocked
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.7.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: 3002 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bovada.lv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 14:09:57 GMT
content-type: image/gif;charset=UTF-8
last-modified: Thu, 25 Mar 2021 14:09:57 GMT
server: 3002
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=Gbn-eBCEo6WokJlC&docid=k5XaM0ZzGF8&ver=2&cmt=0&fs=0&rt=0&euri=http%3A%2F%2Fwww.allexpressnews.com%2F&lact=18533&cl=364421400&mos=0&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210322.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=en_US&cr=DE&len=43&fexp=23858057%2C23940237%2C23969934%2C23983296%2C23991330%2C24001373%2C24005870%2C24006795%2C24007246%2C24012117%2C24631984&vis=3

Domain: www.bovada.lv
URL: https://www.bovada.lv/content/v5/buckets/default/languages/en/slugs/footer

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bovada.lv/	1969-12-31 23:59:59	Name: lastpage Value: {"url":"/sports/esports"}
services.bovada.lv/	1969-12-31 23:59:59	Name: AB Value: control
.bovada.lv/	1969-12-31 23:59:59	Name: AFFILIATE_ID Value: 25093
.bovada.lv/	1969-12-31 23:59:59	Name: REFERRAL_AFFILIATE_TYPE Value: AFFILIATE
.bovada.lv/	1969-12-31 23:59:59	Name: REFERRAL_AFFILIATE Value: 4HtT4KbCqEUyZZlF30CwzWNd7ZgqdRLk
.bovada.lv/	1969-12-31 23:59:59	Name: ftv Value: 1616681392879
.bovada.lv/	1969-12-31 23:59:59	Name: LANG Value: en
.bovada.lv/	1970-01-23 08:40:41	Name: variant Value: v:0\|lgn:0\|dt:d\|os:w\|cntry:FR\|cur:USD\|jn:0\|rt:o\|pb:0
.bovada.lv/	1969-12-31 23:59:59	Name: REFERRAL_AFFILIATE_TIMESTAMP Value: 1616681392950
.bovada.lv/	1969-12-31 23:59:59	Name: affid Value: 25093
.bovada.lv/	1970-01-23 08:40:41	Name: Device-Type Value: Desktop\|false
.bovada.lv/	1970-01-23 08:40:41	Name: VISITED Value: true
www.bovada.lv/sports	1969-12-31 23:59:59	Name: AB Value: control

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js(Line 1) Message: Universal skipped request: LocalStorageService.get(sportsKey)
console-api	warning	URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js(Line 1) Message: Universal skipped request: LocalStorageService.get(sportsStatus)
console-api	warning	URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js(Line 1) Message: Universal skipped request: LocalStorageService.get(sportsBetslip)
console-api	warning	URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js(Line 1) Message: Universal skipped request: LocalStorageService.get(sportsPicks)
console-api	warning	URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js(Line 1) Message: Universal skipped request: LocalStorageService.remove(sportsPicks)
console-api	warning	URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js(Line 1) Message: Universal skipped request: LocalStorageService.get(sportsBsdate)
console-api	warning	URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js(Line 1) Message: Universal skipped request: LocalStorageService.get(sessionId)
console-api	warning	URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js(Line 1) Message: Universal skipped request: LocalStorageService.set(sportsKey,)
console-api	warning	URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js(Line 1) Message: Universal skipped request: LocalStorageService.set(sportsBetslip,{"SINGLE":[],"PARLAY":[],"ROUND_ROBIN":[],"TEASER":[],"key":"","selections":[]})
console-api	warning	URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js(Line 1) Message: Universal skipped request: LocalStorageService.set(sportsBsdate,1616681394507)
console-api	debug	URL: https://www.bovada.lv/assets/js/main.2467d4cc62e68a8f3091.js(Line 1) Message: Page load completed. Render time: 3402 , DNS resolution: 0
console-api	log	URL: https://nchat2.bovada.lv/rules/la/nm.rules.js(Line 1) Message: 15:09:56.892: NO matching rule. Next check() in 3 sec
console-api	log	URL: https://nchat2.bovada.lv/rules/la/nm.rules.js(Line 1) Message: 15:09:59.893: NO matching rule. Next check() in 3 sec

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allexpressnews.com
api.viglink.com
api.wicket-keeper.com
bdv.bidvertiser.com
cdn.viglink.com
counter8.stat.ovh
d2b9l3u54v5v39.cloudfront.net
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
img.secureserver.net
img1.wsimg.com
m.media-amazon.com
media.revenuenetwork.com
nchat2.bovada.lv
nebula.wsimg.com
pro2.webtrekk-us.net
record.revenuenetwork.com
responder.wt-safetag.com
script.hotjar.com
services.bovada.lv
static.doubleclick.net
static.hotjar.com
t.co
vars.hotjar.com
wms-na.amazon-adsystem.com
ws-na.amazon-adsystem.com
www.allexpressnews.com
www.bovada.lv
www.google.com
www.gstatic.com
www.recaptcha.net
www.youtube.com
yt3.ggpht.com
www.bovada.lv
www.youtube.com
104.126.36.137
104.18.191.136
104.244.42.197
13.226.158.65
13.226.159.112
13.226.159.3
13.226.159.67
160.153.136.3
163.171.128.148
185.156.184.207
185.54.150.22
2.17.185.233
208.78.16.222
23.37.42.16
2600:9000:2182:b400:c:95c2:e940:21
2606:4700::6810:a00d
2a00:1450:4001:800::2006
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::2016
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2004
2a00:1450:4001:813::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a04:4e42:62::272
51.77.152.115
52.50.7.8
52.94.225.95
52.94.230.46
54.241.51.109
54.84.7.101
68.68.9.218
021f8226b4d8815de6cafbb9c492dafcaeb762029164f3db093b9063767db891
0472d5f7bead0812d053bdc83840d952c86654f25775c60d5f466bc11bcec208
0941273fce1542812d4789504edebf51fa45e72d771cbf8b56c4939aa29a0252
0a76f5945828a2b4977a1758cdb53eed66e558fcbd27e50601225c4ec1b846a0
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
10526811943cbece322efd88dd98707b275173345bae39ec0a953abd306c2d43
16a90edfb1f7f2663b1d46072debe18f8d0c0f4779c82102183a1e964ee8b9b3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0355303027fbd2993d7e10a03d0bc6ad6904c15de7c83373521e5d8b7c8e91
1ca2faaa4a7ba86c934c337dcb47ebd521dd5721a9f62302ef36f074c1a4c8d8
1d8cd937203c05aaf8b8943b1b3d800bdcea2f0e13144a673ea7c4b70eaf0dc4
1e278893f69d9b191bd408dc428d437cf49380165cde19619e109888f4711845
1f47665d4cc35069e17635c7584d07b44765a0634fad1475d8a6a0a163c6d246
20c93af403202aeaada00f137823b5a380caedca0514c8a2d88def2f60c9b1b9
24aa5dfe5937dbb0286cdfe9bffdeb41274fca1d7fc1ebe683696c32754cd5b9
27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af
2a7f3e117ad690bf898ff2965c84c3fbc6bc2013cfc2793da4aab413d1f1634b
2eff8639669bf86d63e04791d4e9d9281c7dff4cb22e581e0b6cd0de83fc1840
303c3faa2335d580d276bd90027221f19ee63ab33817c757e6f1994f1311e6d9
33f1608a04505e92522a9ab0e0a3dd77f22766f96fa873292104d252f1ecfbde
36015ef52054ff745a4a20f8e938870224f635ece8b12acca9c9618e929abc9c
38273865c7901661552c6b051d101337d75a526a8a79621d1e5cad50f5d01c3a
3a2727f0f7cb047e0db15b402e1baba1fdd82ae9af791168d25e3c2cb4356976
3e1adba2cfbb91f080da970318299e5ecfcbf0cca6e5bbe8543822d34d06d8e3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf639334bc674af8cc136edd42de9c4a91cec505df1950a9ac17ac855cdb4d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4656208457d1b1b7de2500a2cb6c6762d2007b8ee58777f982fb68ffb6fb351d
465ec29b3d4c7edd77dfc03ac552f50be3ad16b2460e577575f6ae9a393ff6a8
475ee635028cf94f79651edb6b0311e4876149044276cc682b679c223d5aa23d
49617ae18de9b53d3d940741d580dbe36ba050c5d07cd32fd937904cf00bde2d
4be365a0a27ecb1fb5bbc12a1ea7e8186db88c9d0f6d37dfb6a32bf8042bdc0c
4cf203e638014174f96a22eef8411dafc7e8c900160433acdb3f0396fa85b2f8
5114c4a8d63222302855a5a893b6589eb30641578bb0c1ca7d69c282dbf08a7b
524397d16344367108e30331c6b7456a29dd904eb58e3303d14fb2184e56081c
534e7d5a9ef38e44fde5b6dd3882dabde3a01a08f206cfe9bf283013d81e86a9
53760a80204117fbc5aee1d5cd525d7419b8e74bde0f6b0b8a1b1469fc70574b
53bd33966e6511467a04313dcfacdf1a5ff45dd48c19631769e71d94d7fa5682
56a6e62a89a13f7e374d3ea4eb3348b10260ab70f6338efdb28483c16417fd2a
5a10c5feaac0bf01ea5aad206a648ca2b42be12d1ac7649b8773dd6743ac05ff
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c1493abafcbaa6b945aff4fde76520ae4a28607198cea6bfa293c5e6c08b00d
5e0d14229ae0f4d80a6e75cf1344fd3d32cccfa42e39ee154993eea24064eb63
5fcba79877c44371799f646c1e31a9ce54a1474cea06524ee50fcfb704149cf2
5fd6405b976daf05781102ecbe6770237d29d4f92eff2d7c9c6d2eb89f1110ec
62c437e10437d1d593fd98c52f30e6584f774ba60a3f94abea7ee685cf75de99
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
64657ae86fa8924bd37f4ccf0017842e4fe755a5745b754990cfe311d0f4d40c
6565a070abfd8fbef639e6eac5d76382aef79cb7f71d73d15344d4ddb344d15f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a969495afeeeb25f6c070840910ece077bdaf0a89238819eb24d9d809472835
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6c33b43a8a3a0bf326afadabbe58e1dbc2324d818ac0b27b495f3bacd6e1e4a4
706f9890521d5e5a173e0ec014bb9e06608e243b8c1914d4a4efcbb9ca4af3bd
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
75bcf517cbf408c33487e5975b476f1d6f75dd36930a24b4f770bab26d924015
75fb2a21a064ca9bb436deadbf3b1ada380d9b7ed158b33a00b3c18cc97a8d5b
77ad6c4c34a6d2a546218e35dab86efee38f19e767299464cddff6c5684dbade
813c8ff02876b21ea0873ad0aedb967d74f6b2bc2e2361ee8376fd56d5387218
858673571796fdef112093d66e31e2d479f86f5adee5af67691d6fc0302b5911
871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617
8d8b0d4f69d972f61032ef4024eee001626871e845b2b50df43ce6505100f6ec
94448815839b3a56152c920547957e72d52561c8658a8232e8374c3f585953ee
96735c6bf505866cd1575bfb19852e35a954d1c959b6d4c96caa63c3aa5cb1eb
96ac14990bf5ec91d2d00e0fc41366154a9e472f23d1f344701f65e6f712da5f
9856f416d367f5481ec029ffc878f53cbff1d809eff9c0e452b2b17b4fce0116
9a2dfab5630b2fc26401c44cad8ae45e2d027fc3c7b711e6a56ef43f226fb05c
9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9c6de398b00be04297ce1aebdf24eed587464488127326a6611438bc65dc26e3
a02a03eb4ff43ee368b79593d9f1fadf4b72576c52071f8eb5a2fe3edaaef4d4
a20336a648e840ea05405464c67782e3deff240b1c6260c7c1eff298046fa2de
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a3af8f1690382299a8af75df5c24140141594aa59c12e572d07b4be1c74c5e8e
a44e6c006cf7a38f3e25dd226e3575e4066d8fb03013605abeb37fbf10bc6791
a47e3233f03feab950a7b1f335b810850207b545b545334c4855dd27ba9b8311
a6524d6aa475bc619e7a7321dc622f2f622d21c7be71b3bf3011ece5bb561cd9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4551596f954aa5759824aea3f0069656fcacb1f8a2c52d1d871f3f2e0057847
b67b5784c012a49cc70d172bbd8767545d6af08a39698bfe8c205ed503063afc
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
bb9107de0db516831387e61eb9d0e8659083bc5435723751f6e8b1c66d3312fd
bc3c538761bb8a152bef380e4dd4a1cb1e3ea89f5b3c7ab0d110343dd2ac9845
bdabf2dbac9b69342a5e3ed2e85c9160d2dab7db5eb3a57319333151f7fc9188
bdcca4aa96d22faf51d92ea2ce89c22c207122488d90cccb062a69c99ed1d905
bddb517c97272704347247455ef269d3765517c6854aa3224d396abbadc899ac
bdfb40649c423c030d9265c8b5eeabf9a79f6845aee4842ceccd244e836805a5
be26dc83d31ea12211104016f94a8df96762c716ff80ef9859b5d87d5ef19ba4
bf37aeb0f3dfb6af907550daf6c2f9bb70160ac6fecd57cd95a42d26afcd6e54
cc250ffc35ff42ab1238a89baca6ccd35dbdd24a5aa08d0395eb563df74a89d7
ce6c99b4fec3f6a46b6eda4c21079747413fb839cb2fb204efa4f9b98c71a19a
cf0109afc1998c50054646efdac9de6d3c37fdeea36af065de680df98242ae38
cf0450afe6f75037853e4eefdcf6d54e8d0ffe34a10b635dc703db2f8f2e85bd
d02777642c18db11491595538e91114dd4438f37ec1a7724847d5ab899961c68
d0373a42045ce9658b8d8a8f022e0346924dbeace13eabc6d34bca513756c772
d1bf2809eb77a7cca0565d6759ba2d7dd6b61a10b344bcda53b5f83a7b6372ff
d774beebaea68f3e3be399e441d6f5bf073ce036a8cce8a90b444c60d2985f04
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da07f58540b7f0aae2359458352207eb444c99a4df6052281848df8a833213ab
de252171dbf0367a88f8ba4e0d5d1c4a8b21ca46d67348a9c47bacd0ea23fee7
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df5067cd29fb2dbde487244fcad617790169e20559f008317d6b13f0fceab39d
e11d206da9af7dc69e2f27f9296725d4eae19b97dda467dafe2df6a93d9fa520
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47098101d2a5d8b234cf99a14467107debff6aea268f7a56fd08621cfde598f
e5f58a4bd7c2a8acde1c0e30967d510b96aeed2eecb050bb1b403046616148e8
ea555dd5109f55a8438d1fbeb2dc5f35b8e2557eabc01e928194271d3ef70f66
ec2abdd166e36cad7367db3f6850ac4900e089329474f608aa10af09fa579280
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f3ae4dfa87608d493973baff159187efa4ac3630761c8a1c716c5697951b6c65
f5c91fe5009112ff46de174eb94a147c8f1e77bb914ffd153e7d795b33186b7f

www.bovada.lv Open in urlscan Pro 163.171.128.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

128 Requests

77 %HTTPS

43 %IPv6

24 Domains

36 Subdomains

37 IPs

8 Countries

2943 kBTransfer

10160 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bovada.lv Open in urlscan Pro
163.171.128.148 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

77 %
HTTPS

43 %
IPv6

24
Domains

36
Subdomains

37
IPs

8
Countries

2943 kB
Transfer

10160 kB
Size

13
Cookies

128 HTTP transactions
1 data transactions