URL: https://hnba.veslive.com/
Submission: On September 16 via api from US

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 38 HTTP transactions. The main IP is 2606:4700:10::6816:418b, located in United States and belongs to CLOUDFLARENET, US. The main domain is hnba.veslive.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2020. Valid for: a year.
This is the only time hnba.veslive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 23.99.20.247 8075 (MICROSOFT...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:3::621 54113 (FASTLY)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
3 151.139.237.32 33438 (HIGHWINDS2)
38 11
Domain
Subdomains
Transfer
10 veslive.com
734 KB
7 tawk.to
115 KB
6 fonts.googleapis.com
5 KB
3 netdna-ssl.com
29 KB
3 jsdelivr.net
54 KB
3 gstatic.com
32 KB
3 google-analytics.com
19 KB
2 flyzoo.co
1 KB
1 doubleclick.net
85 B
38 9
Domain Requested by
10 hnba.veslive.com hnba.veslive.com
6 fonts.googleapis.com hnba.veslive.com
embed.tawk.to
4 vsa68.tawk.to embed.tawk.to
3 new-cdn-b-flyzoocorporatio.netdna-ssl.com hnba.veslive.com
3 cdn.jsdelivr.net embed.tawk.to
hnba.veslive.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com hnba.veslive.com
www.google-analytics.com
2 va.tawk.to embed.tawk.to
1 widget-b.flyzoo.co hnba.veslive.com
1 stats.g.doubleclick.net www.google-analytics.com
1 embed.tawk.to hnba.veslive.com
1 widget.flyzoo.co hnba.veslive.com
38 12

This site contains links to these domains. Also see Links.

Domain
wpastra.com
Subject / Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-01 -
2021-08-01
a year
*.google-analytics.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months
upload.video.google.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months
*.gstatic.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months
*.flyzoo.co
Sectigo RSA Domain Validation Secure Server CA
2019-05-04 -
2021-05-03
2 years
*.g.doubleclick.net
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-08-17 -
2021-04-17
8 months
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA
2020-02-18 -
2021-03-18
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
81 KB
15 KB
Document
General
Full URL
https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:418b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c31238bcfdabf74e40ce014fa323169cd15b84816bfb2b7e4434367be7839e0f

Request headers

:method
GET
:authority
hnba.veslive.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 16 Sep 2020 16:33:14 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc2953f13782431c2b51c1be84138e71a1600273994; expires=Fri, 16-Oct-20 16:33:14 GMT; path=/; domain=.veslive.com; HttpOnly; SameSite=Lax
last-modified
Wed, 16 Sep 2020 16:21:09 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
05395c69a90000c2ae91ade200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5d3bfcef79f7c2ae-FRA
content-encoding
br
ab6e0aa32ede72354b1490bcca3d54c8.css
/wp-content/cache/min/1
555 KB
64 KB
Stylesheet
General
Full URL
https://hnba.veslive.com/wp-content/cache/min/1/ab6e0aa32ede72354b1490bcca3d54c8.css
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:418b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc9ce699dfc1fe5264da31ab61fa57ce30774986c2f43d9561f807b8077f270d

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Sep 2020 14:26:19 GMT
server
cloudflare
age
972
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=14400
cf-ray
5d3bfcf05bbec2ae-FRA
cf-request-id
05395c6a3b0000c2ae91ae8200000001
cf-bgj
minify
analytics.js
www.google-analytics.com
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
7173
date
Wed, 16 Sep 2020 14:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Wed, 16 Sep 2020 16:33:41 GMT
css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.1&disp...
fonts.googleapis.com
26 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.1&display=swap
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e98a84d201a5ce748c59f64fe3b5341601b863b3fff7d63a045aa6f655edf08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 16:33:14 GMT
server
ESF
date
Wed, 16 Sep 2020 16:33:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Sep 2020 16:33:14 GMT
jquery.js?ver=1.12.4-wp
/wp-includes/js/jquery
95 KB
32 KB
Script
General
Full URL
https://hnba.veslive.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:418b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
cloudflare
age
972
cf-polished
origSize=96873
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
cf-ray
5d3bfcf06bcac2ae-FRA
cf-request-id
05395c6a410000c2ae91ae9200000001
cf-bgj
minify
lazyload.min.js
/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1
8 KB
3 KB
Script
General
Full URL
https://hnba.veslive.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:418b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Sep 2020 04:33:34 GMT
server
cloudflare
age
972
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
cf-ray
5d3bfcf06bcfc2ae-FRA
cf-request-id
05395c6a430000c2ae91aea200000001
053b8884b8f736cfd410520433721094.js
/wp-content/cache/min/1
549 KB
131 KB
Script
General
Full URL
https://hnba.veslive.com/wp-content/cache/min/1/053b8884b8f736cfd410520433721094.js
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:418b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c784ba85a307d380d9859e29575dc74f6624dfad808f83fdaf34cbce0bfb44

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Sep 2020 14:26:19 GMT
server
cloudflare
age
972
cf-polished
origSize=562594
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
cf-ray
5d3bfcf06bd1c2ae-FRA
cf-request-id
05395c6a430000c2ae91aeb200000001
cf-bgj
minify
data:truncated
data:truncated
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
547efd55fdcc71e4a4c1e3297e83c40efd7ceb70449d073b0554520a02b3e07a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
data:truncated
data:truncated
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d7a5a56917d164620e5e544f12e877b8907195468278c42db42e276a5ae4008

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
data:truncated
data:truncated
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa907e0f45c61feb796596821533dbbe3e0cb1c4e28ba884d7a59558e7047f4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
data:truncated
data:truncated
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
710dcb1212f176e6c6d59346c1fc4a98d294e3da02006ed37cecc52f9282b830

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
login-bg.png
/wp-content/uploads/2020/09
38 KB
38 KB
Image
General
Full URL
https://hnba.veslive.com/wp-content/uploads/2020/09/login-bg.png
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:418b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4f4c661586d22972813dec4b1962b4e36aa7ac5dec1aa699699d0ecdf0cda23

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:14 GMT
cf-cache-status
HIT
last-modified
Thu, 03 Sep 2020 01:26:20 GMT
server
cloudflare
age
972
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
cf-ray
5d3bfcf07bdcc2ae-FRA
cf-request-id
05395c6a480000c2ae91aec200000001
linkid.js
www.google-analytics.com/plugins/ua
2 KB
1001 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 15:43:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2968
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Wed, 16 Sep 2020 16:43:46 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.1&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hnba.veslive.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.1&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 18:20:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
79958
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Wed, 15 Sep 2021 18:20:36 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.1&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hnba.veslive.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.1&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 18:20:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
79958
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Wed, 15 Sep 2021 18:20:36 GMT
flyzoo.start.js
widget.flyzoo.co/scripts
2 KB
1 KB
Script
General
Full URL
https://widget.flyzoo.co/scripts/flyzoo.start.js
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/wp-content/cache/min/1/053b8884b8f736cfd410520433721094.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.99.20.247 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a28b821f4511a8bfe39d19a67f931c7d67ae515283fe5fe57d48eb8e8e7836bd

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 16:33:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 06 May 2018 08:07:35 GMT
Server
Microsoft-IIS/8.5
ETag
"53457c4a11e5d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Accept-Ranges
bytes
Content-Length
1149
default
embed.tawk.to/5f5d01bd4704467e89ee6ca9
508 KB
111 KB
Script
General
Full URL
https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/wp-content/cache/min/1/053b8884b8f736cfd410520433721094.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8ffcae953f37f6d1369775323daf502f29ec7edeaccaedf882d88b40dbddbb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://hnba.veslive.com
Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10615
status
200
vary
Accept-Encoding
cf-request-id
05395c6ad500001f214b153200000001
server
cloudflare
etag
W/"fulls69314"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, s-maxage=3600
cf-ray
5d3bfcf159031f21-FRA
collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-161729932-17&cid=1484874981.1600273994&jid=1761827749&gjid=1035727758&_gid=1172769335.1600273994&_u=aGBAgUAjCAAAAE~&z=411396248
stats.g.doubleclick.net/j
1 B
85 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-161729932-17&cid=1484874981.1600273994&jid=1761827749&gjid=1035727758&_gid=1172769335.1600273994&_u=aGBAgUAjCAAAAE~&z=411396248
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 16 Sep 2020 16:33:14 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://hnba.veslive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect?v=1&_v=j86&a=1219357611&t=pageview&_s=1&dl=https%3A%2F%2Fhnba.veslive.com%2F&ul=en-us&de=UTF-8&dt=HNBA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAjC~&jid=1761827749&gjid=1035727758&...
www.google-analytics.com
35 B
118 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1219357611&t=pageview&_s=1&dl=https%3A%2F%2Fhnba.veslive.com%2F&ul=en-us&de=UTF-8&dt=HNBA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAjC~&jid=1761827749&gjid=1035727758&cid=1484874981.1600273994&tid=UA-161729932-17&_gid=1172769335.1600273994&cd2=false&z=214205428
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Sep 2020 15:26:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4033
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Mask-Group-2.png
/wp-content/uploads/2020/09
5 KB
5 KB
Image
General
Full URL
https://hnba.veslive.com/wp-content/uploads/2020/09/Mask-Group-2.png
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:418b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b5a9ccee43f1413ebbd3222d2bdcef79dcf21fbde06909cc6d5f3ad5f0281d

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:14 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Sep 2020 02:44:29 GMT
server
cloudflare
age
972
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
cf-ray
5d3bfcf1ee0cc2ae-FRA
cf-request-id
05395c6b310000c2ae91af6200000001
Mask-Group-1.png
/wp-content/uploads/2020/09
7 KB
7 KB
Image
General
Full URL
https://hnba.veslive.com/wp-content/uploads/2020/09/Mask-Group-1.png
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:418b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47aa20275d6c61805693dddde42ca0cef3653818f5a582c5ec6309c06d949563

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:14 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Sep 2020 02:44:28 GMT
server
cloudflare
age
972
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
cf-ray
5d3bfcf1ee10c2ae-FRA
cf-request-id
05395c6b310000c2ae91af7200000001
Header-image-2.png
/wp-content/uploads/2020/09
72 KB
72 KB
Image
General
Full URL
https://hnba.veslive.com/wp-content/uploads/2020/09/Header-image-2.png
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:418b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adb417130361a4553be3e722064604ea19e7199082a309f975143caa6353928d

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:14 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Sep 2020 22:25:10 GMT
server
cloudflare
age
972
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
cf-ray
5d3bfcf1ee11c2ae-FRA
cf-request-id
05395c6b310000c2ae91af8200000001
Header-corner-Image.png
/wp-content/uploads/2020/09
365 KB
366 KB
Image
General
Full URL
https://hnba.veslive.com/wp-content/uploads/2020/09/Header-corner-Image.png
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:418b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c19dc641028c4d753f64ac56c4db16bef26ca9514e70ff4fb3f43a7f1044244

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:14 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Sep 2020 22:35:12 GMT
server
cloudflare
age
972
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
cf-ray
5d3bfcf1ee17c2ae-FRA
cf-request-id
05395c6b310000c2ae91af9200000001
css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
fonts.googleapis.com
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
150b6afd03574b0db5e6c489ed0aa2758368c92ee6a8ec474a564dd265aa842c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 15:01:30 GMT
server
ESF
date
Wed, 16 Sep 2020 16:33:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Sep 2020 16:33:14 GMT
css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
fonts.googleapis.com
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
150b6afd03574b0db5e6c489ed0aa2758368c92ee6a8ec474a564dd265aa842c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 14:53:20 GMT
server
ESF
date
Wed, 16 Sep 2020 16:33:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Sep 2020 16:33:14 GMT
css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
fonts.googleapis.com
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
150b6afd03574b0db5e6c489ed0aa2758368c92ee6a8ec474a564dd265aa842c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 14:57:59 GMT
server
ESF
date
Wed, 16 Sep 2020 16:33:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Sep 2020 16:33:14 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css
192 B
245 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4239092
x-cache
HIT
status
200
content-length
152
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by
cache-fra19125-FRA
date
Wed, 16 Sep 2020 16:33:14 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js
295 KB
53 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4239090
x-cache
HIT
status
200
content-length
53889
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19125-FRA
date
Wed, 16 Sep 2020 16:33:14 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
1600273994627
va.tawk.to/register
2 KB
2 KB
XHR
General
Full URL
https://va.tawk.to/register/1600273994627
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc641a9af9edd9dd89ff845a6ef7e8145084e2e59726056f47806e31e37767a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Sep 2020 16:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status
200
vary
Accept-Encoding
cf-request-id
05395c6b9a0000c303cfb91200000001
x-served-by
visitor-application-preemptive-4nkq
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://hnba.veslive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
5d3bfcf29844c303-FRA
access-control-allow-headers
origin, content-type
css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
fonts.googleapis.com
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
150b6afd03574b0db5e6c489ed0aa2758368c92ee6a8ec474a564dd265aa842c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 14:56:31 GMT
server
ESF
date
Wed, 16 Sep 2020 16:33:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Sep 2020 16:33:14 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hnba.veslive.com
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 18:21:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
79931
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Wed, 15 Sep 2021 18:21:03 GMT
?k=5f623e4ae935df0d719a2f3c&u=N6KLzSEPgUqCJjtjfMLA4OXItjaI%2BEjfTYr5dGcsQoPSJyxiVVbMn2SZb0o6ksgM&uv=2&a=5f5d01bd4704467e89ee6ca9&cver=0&pop=false&w=o5j54x&jv=693&asver=776&ust=false&p=HNBA&r=&EIO=3...
vsa68.tawk.to/s
101 B
226 B
XHR
General
Full URL
https://vsa68.tawk.to/s/?k=5f623e4ae935df0d719a2f3c&u=N6KLzSEPgUqCJjtjfMLA4OXItjaI%2BEjfTYr5dGcsQoPSJyxiVVbMn2SZb0o6ksgM&uv=2&a=5f5d01bd4704467e89ee6ca9&cver=0&pop=false&w=o5j54x&jv=693&asver=776&ust=false&p=HNBA&r=&EIO=3&transport=polling&__t=NINmrIH
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2500458ac62fc008ee77a512d1217ce51d59556faa223117b9f15a732ca7b47e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:15 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://hnba.veslive.com
access-control-allow-credentials
true
cf-ray
5d3bfcf43bf1c303-FRA
content-length
101
cf-request-id
05395c6c9f0000c303cfba1200000001
26a1.png?v=2.2.7
cdn.jsdelivr.net/emojione/assets/png
413 B
515 B
Image
General
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
4239091
x-cache
HIT
status
200
content-length
413
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by
cache-fra19125-FRA
date
Wed, 16 Sep 2020 16:33:14 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
?k=5f623e4ae935df0d719a2f3c&u=N6KLzSEPgUqCJjtjfMLA4OXItjaI%2BEjfTYr5dGcsQoPSJyxiVVbMn2SZb0o6ksgM&uv=2&a=5f5d01bd4704467e89ee6ca9&cver=0&pop=false&w=o5j54x&jv=693&asver=776&ust=false&p=HNBA&r=&EIO=3...
vsa68.tawk.to/s
440 B
628 B
XHR
General
Full URL
https://vsa68.tawk.to/s/?k=5f623e4ae935df0d719a2f3c&u=N6KLzSEPgUqCJjtjfMLA4OXItjaI%2BEjfTYr5dGcsQoPSJyxiVVbMn2SZb0o6ksgM&uv=2&a=5f5d01bd4704467e89ee6ca9&cver=0&pop=false&w=o5j54x&jv=693&asver=776&ust=false&p=HNBA&r=&EIO=3&transport=polling&__t=NINmrLP.0&sid=LDvrkLFxo5XJfkvdpyJ0
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17ebd026ec91c3c44168ea9759259c371c8c42e54a5134e3941e6bad1ca16fe
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:15 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://hnba.veslive.com
access-control-allow-credentials
true
cf-ray
5d3bfcf55defc303-FRA
content-length
440
cf-request-id
05395c6d5a0000c303cfbad200000001
flyzoo.embedded.css
new-cdn-b-flyzoocorporatio.netdna-ssl.com/content
17 KB
4 KB
Stylesheet
General
Full URL
https://new-cdn-b-flyzoocorporatio.netdna-ssl.com/content/flyzoo.embedded.css
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.32 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
939428e06e0522dc90c3b7a0175007a409c276dc444d970263cb2ed0ba6c6c8d

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:15 GMT
content-encoding
gzip
last-modified
Wed, 07 Aug 2019 15:18:25 GMT
server
NetDNA-cache/2.2
x-amz-request-id
DK1W7KFXBJDV6MDM
etag
"8dbd641b6b9683e93a4bfdbbcc4dff77"
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-origin
*
content-length
3371
x-amz-id-2
mwmla0WmgJLReJzmsg0TA39Cv1nW7KKTGHJNFoUOMG8wC+9dGlsuvZhEAvID8epudgedRvTG+OM=
expires
Wed, 23 Sep 2020 16:33:15 GMT
flyzoo.v2.0.0.js
new-cdn-b-flyzoocorporatio.netdna-ssl.com/scripts
107 KB
23 KB
Script
General
Full URL
https://new-cdn-b-flyzoocorporatio.netdna-ssl.com/scripts/flyzoo.v2.0.0.js
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.32 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
03e7732c005db524a246ca1d6c6f42fe37237691bc50a60849eb98e20865d0b7

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:15 GMT
content-encoding
gzip
last-modified
Wed, 07 Aug 2019 15:18:13 GMT
server
NetDNA-cache/2.2
x-amz-request-id
E07895EEED1AD0B9
etag
"b1f52ea6c98e33bc358388dee3f60ea7"
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-origin
*
content-length
22699
x-amz-id-2
Yme73eNmT5hb+ZlPbanCtiWQKvb49lUZ1Vi8BLbnFrik6lGtUn8Js+Qmm+YniVDMGtnZgvLsTE8=
expires
Wed, 23 Sep 2020 16:33:15 GMT
css?family=Varela+Round&subset=latin,latin-ext,cyrillic-ext,vietnamese,cyrillic
fonts.googleapis.com
2 KB
570 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Varela+Round&subset=latin,latin-ext,cyrillic-ext,vietnamese,cyrillic
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e71fb1d08504151b532bd20bf62e3e5caeb49eda98dcdce20e695c5c11fb7846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 16:33:15 GMT
server
ESF
date
Wed, 16 Sep 2020 16:33:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Sep 2020 16:33:15 GMT
dock?lv=1&title=HNBA&url=https%3A%2F%2Fhnba.veslive.com%2F&referrer=&at=&uid=&a=&n=&e=&pu=&ar=&api=true&sig=efe195c557c01a7c28af34076b0cccecf6d310dab6c55b05208c461b91d537c7&th=&fl=false&fzla=auto&a...
widget-b.flyzoo.co/widget
0
0
Document
General
Full URL
https://widget-b.flyzoo.co/widget/dock?lv=1&title=HNBA&url=https%3A%2F%2Fhnba.veslive.com%2F&referrer=&at=&uid=&a=&n=&e=&pu=&ar=&api=true&sig=efe195c557c01a7c28af34076b0cccecf6d310dab6c55b05208c461b91d537c7&th=&fl=false&fzla=auto&appid=5f10c739bb547e1f843ab7cf5f066f57bb547e19f812176b&o=true
Requested by
Host: hnba.veslive.com
URL: https://hnba.veslive.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.99.20.247 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
widget-b.flyzoo.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hnba.veslive.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://hnba.veslive.com/

Response headers

Cache-Control
private, max-age=300
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Wed, 16 Sep 2020 16:38:16 GMT
Last-Modified
Wed, 16 Sep 2020 16:33:16 GMT
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Date
Wed, 16 Sep 2020 16:33:15 GMT
Content-Length
1965
v3
va.tawk.to/log-performance
5 B
141 B
XHR
General
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Sep 2020 16:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
cf-request-id
05395c6fe90000c303cfbd1200000001
x-served-by
visitor-application-preemptive-jbhf
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://hnba.veslive.com
access-control-allow-credentials
true
cf-ray
5d3bfcf97d7ac303-FRA
access-control-allow-headers
origin, content-type
?k=5f623e4ae935df0d719a2f3c&u=N6KLzSEPgUqCJjtjfMLA4OXItjaI%2BEjfTYr5dGcsQoPSJyxiVVbMn2SZb0o6ksgM&uv=2&a=5f5d01bd4704467e89ee6ca9&cver=0&pop=false&w=o5j54x&jv=693&asver=776&ust=false&p=HNBA&r=&EIO=3...
vsa68.tawk.to/s
2 B
96 B
XHR
General
Full URL
https://vsa68.tawk.to/s/?k=5f623e4ae935df0d719a2f3c&u=N6KLzSEPgUqCJjtjfMLA4OXItjaI%2BEjfTYr5dGcsQoPSJyxiVVbMn2SZb0o6ksgM&uv=2&a=5f5d01bd4704467e89ee6ca9&cver=0&pop=false&w=o5j54x&jv=693&asver=776&ust=false&p=HNBA&r=&EIO=3&transport=polling&__t=NINmrVf&sid=LDvrkLFxo5XJfkvdpyJ0
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Sep 2020 16:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/html
access-control-allow-origin
https://hnba.veslive.com
access-control-allow-credentials
true
cf-ray
5d3bfcf97d7fc303-FRA
cf-request-id
05395c6feb0000c303cfbd2200000001
?k=5f623e4ae935df0d719a2f3c&u=N6KLzSEPgUqCJjtjfMLA4OXItjaI%2BEjfTYr5dGcsQoPSJyxiVVbMn2SZb0o6ksgM&uv=2&a=5f5d01bd4704467e89ee6ca9&cver=0&pop=false&w=o5j54x&jv=693&asver=776&ust=false&p=HNBA&r=&EIO=3...
vsa68.tawk.to/s
4 B
111 B
XHR
General
Full URL
https://vsa68.tawk.to/s/?k=5f623e4ae935df0d719a2f3c&u=N6KLzSEPgUqCJjtjfMLA4OXItjaI%2BEjfTYr5dGcsQoPSJyxiVVbMn2SZb0o6ksgM&uv=2&a=5f5d01bd4704467e89ee6ca9&cver=0&pop=false&w=o5j54x&jv=693&asver=776&ust=false&p=HNBA&r=&EIO=3&transport=polling&__t=NINmrVh&sid=LDvrkLFxo5XJfkvdpyJ0
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f5d01bd4704467e89ee6ca9/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:16 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://hnba.veslive.com
access-control-allow-credentials
true
cf-ray
5d3bfcf97d81c303-FRA
content-length
4
cf-request-id
05395c6fec0000c303cfbd3200000001
mobilechat.png
new-cdn-b-flyzoocorporatio.netdna-ssl.com/content
3 KB
3 KB
Image
General
Full URL
https://new-cdn-b-flyzoocorporatio.netdna-ssl.com/content/mobilechat.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.32 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ca573ce6b32e0f72842c89d5e7f74c3b18076eb2921a79d13a36ff2fde133057

Request headers

Referer
https://hnba.veslive.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 16:33:16 GMT
content-encoding
gzip
last-modified
Wed, 07 Aug 2019 15:18:26 GMT
server
NetDNA-cache/2.2
x-amz-request-id
7C701E6B380E9E2D
etag
"cef3e11262a216dd6ba26590c2f20a58"
x-cache
HIT
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-origin
*
content-length
2787
x-amz-id-2
OWtbJb9VrzM2ijzyD3P7NVX8XRddUwqiYJHrLYvNsCGoDKOKfNg3oQoi9sRRDJw1gzgkFjPvq/w=
expires
Wed, 23 Sep 2020 16:33:16 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gaTrackerIsOptedOut function| __gaTrackerOptout function| gaOptout string| GoogleAnalyticsObject function| __gaTracker object| monsterinsights_frontend function| loadCSS object| astra object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| $ function| jQuery object| localize object| ElementorProFrontendConfig object| elementorFrontendConfig object| lazyLoadOptions function| MonsterInsights object| MonsterInsightsObject object| FlyzooApi object| Tawk_API object| Tawk_LoadStart function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent string| _FlyzooApplicationId function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| bodyElement boolean| isEditMode object| ea object| jQuery112407559038138626515 object| __core-js_shared__ object| core object| elementorModules function| Sticky object| elementorProFrontend object| DialogsManager function| Waypoint function| Swiper function| ShareLink object| elementorFrontend function| LazyLoad string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy undefined| _FLYZOO_SERVER string| _FLYZOO_CDN boolean| _FLYZOO_LOADED function| doFlyzoo function| loadFlyzoo number| flyzooLoaderVersion string| DEPLOY string| _CHANNEL_CHAT string| _CHANNEL_REALTIME string| _HUBSERVER_CHAT string| _HUBSERVER_REALTIME number| _MAX_CHANNELS string| _StaticCDN boolean| flyzoobardragging function| fzDebounce function| setupFlyzooDefaults function| setupDragging function| StartFlyzoo function| createFlyzooSpinner object| Flyzoo object| FlyzooStorage function| FlyzooSpinner boolean| flyzooSideUserListLoaded boolean| flyzooSideChatLoaded object| $elem

6 Cookies

Domain/Path Name / Value
.hnba.veslive.com/ Name: __tawkuuid
Value: e::hnba.veslive.com::N6KLzSEPgUqCJjtjfMLA4OXItjaI+EjfTYr5dGcsQoPSJyxiVVbMn2SZb0o6ksgM::2
.veslive.com/ Name: _gat
Value: 1
.veslive.com/ Name: __cfduid
Value: dc2953f13782431c2b51c1be84138e71a1600273994
.veslive.com/ Name: _gid
Value: GA1.2.1172769335.1600273994
.veslive.com/ Name: _ga
Value: GA1.2.1484874981.1600273994
hnba.veslive.com/ Name: TawkConnectionTime
Value: 0

3 Console Messages

Source Level URL
Text
console-api log URL: https://widget.flyzoo.co/scripts/flyzoo.start.js, Line 57, Column10
Message:
Flyzoo > loadFlyzoo()
console-api log URL: https://new-cdn-b-flyzoocorporatio.netdna-ssl.com/scripts/flyzoo.v2.0.0.js, Line 1, Column1232
Message:
Flyzoo V2.6.2 - Start //widget-b.flyzoo.co/
console-api log URL: https://new-cdn-b-flyzoocorporatio.netdna-ssl.com/scripts/flyzoo.v2.0.0.js, Line 4, Column6546
Message:
StartFlyzoo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
hnba.veslive.com
new-cdn-b-flyzoocorporatio.netdna-ssl.com
stats.g.doubleclick.net
va.tawk.to
vsa68.tawk.to
widget-b.flyzoo.co
widget.flyzoo.co
www.google-analytics.com
151.139.237.32
23.99.20.247
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700:10::6816:418b
2a00:1450:4001:803::200e
2a00:1450:4001:814::200a
2a00:1450:4001:81c::2003
2a00:1450:400c:c00::9c
2a04:4e42:3::621
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
03e7732c005db524a246ca1d6c6f42fe37237691bc50a60849eb98e20865d0b7
0b8ffcae953f37f6d1369775323daf502f29ec7edeaccaedf882d88b40dbddbb
150b6afd03574b0db5e6c489ed0aa2758368c92ee6a8ec474a564dd265aa842c
1e98a84d201a5ce748c59f64fe3b5341601b863b3fff7d63a045aa6f655edf08
2500458ac62fc008ee77a512d1217ce51d59556faa223117b9f15a732ca7b47e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2aa907e0f45c61feb796596821533dbbe3e0cb1c4e28ba884d7a59558e7047f4
3d7a5a56917d164620e5e544f12e877b8907195468278c42db42e276a5ae4008
47aa20275d6c61805693dddde42ca0cef3653818f5a582c5ec6309c06d949563
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
547efd55fdcc71e4a4c1e3297e83c40efd7ceb70449d073b0554520a02b3e07a
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
66c784ba85a307d380d9859e29575dc74f6624dfad808f83fdaf34cbce0bfb44
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6fc641a9af9edd9dd89ff845a6ef7e8145084e2e59726056f47806e31e37767a
710dcb1212f176e6c6d59346c1fc4a98d294e3da02006ed37cecc52f9282b830
72b5a9ccee43f1413ebbd3222d2bdcef79dcf21fbde06909cc6d5f3ad5f0281d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
939428e06e0522dc90c3b7a0175007a409c276dc444d970263cb2ed0ba6c6c8d
9c19dc641028c4d753f64ac56c4db16bef26ca9514e70ff4fb3f43a7f1044244
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a28b821f4511a8bfe39d19a67f931c7d67ae515283fe5fe57d48eb8e8e7836bd
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
adb417130361a4553be3e722064604ea19e7199082a309f975143caa6353928d
c31238bcfdabf74e40ce014fa323169cd15b84816bfb2b7e4434367be7839e0f
ca573ce6b32e0f72842c89d5e7f74c3b18076eb2921a79d13a36ff2fde133057
cc9ce699dfc1fe5264da31ab61fa57ce30774986c2f43d9561f807b8077f270d
d4f4c661586d22972813dec4b1962b4e36aa7ac5dec1aa699699d0ecdf0cda23
e71fb1d08504151b532bd20bf62e3e5caeb49eda98dcdce20e695c5c11fb7846
f17ebd026ec91c3c44168ea9759259c371c8c42e54a5134e3941e6bad1ca16fe
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b