promo.leovegas.com Open in urlscan Pro
2a03:b0c0:3:d0::d19:7001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fitnessnatural.eu/qs=r-aeifkaeiijfdhccaceicgekackekdfiadckkiabababafjadeaceahggacdjdakkgeacb
Effective URL:
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D...
Submission: On January 07 via manual (January 7th 2019, 5:41:17 am UTC) from SE

Summary HTTP 67 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 31 IPs in 10 countries across 30 domains to perform 67 HTTP transactions. The main IP is 2a03:b0c0:3:d0::d19:7001, located in Netherlands and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is promo.leovegas.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 2nd 2018. Valid for: 2 years.

This is the only time promo.leovegas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.227.149.193 185.227.149.193	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC)
1	91.209.70.15 91.209.70.15	43317 (FISHNET-AS) (FISHNET-AS)
1 1	107.154.248.103 107.154.248.103	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
1 1	52.17.252.251 52.17.252.251	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 10	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d19:7001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:183::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
19	2600:9000:200... 2600:9000:200c:ae00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	147.75.83.1 147.75.83.1	54825 (PACKET) (PACKET - Packet Host)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19b::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
1	52.28.139.186 52.28.139.186	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	147.75.32.173 147.75.32.173	54825 (PACKET) (PACKET - Packet Host)
1	18.184.40.88 18.184.40.88	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1288:7c:... 2a00:1288:7c:800::4001	43428 (YAHOO-ULS) (YAHOO-ULS)
1	2600:9000:200... 2600:9000:200c:c000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	188.125.66.33 188.125.66.33	34010 (YAHOO-IRD) (YAHOO-IRD)
1	35.176.35.233 35.176.35.233	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.0.221.2 52.0.221.2	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 3	104.155.76.175 104.155.76.175	15169 (GOOGLE) (GOOGLE - Google LLC)
3 4	18.153.11.2 18.153.11.2	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.29.212.156 52.29.212.156	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	77.66.11.200 77.66.11.200	16245 (NGDC) (NGDC)
1	54.247.82.85 54.247.82.85	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	54.36.123.231 54.36.123.231	16276 (OVH) (OVH)
2 2	37.252.172.39 37.252.172.39	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	52.16.89.247 52.16.89.247	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.16.169.117 52.16.169.117	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
67	31

1 185.227.149.193 (None, ) 1 redirects

ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US)
PTR: imitation.fitnessnatural.eu

fitnessnatural.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.209.70.15 (Russian Federation)

ASN43317 (FISHNET-AS, RU)

waybitz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.248.103 (Redwood City, United States) 1 redirects

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.248.103.ip.incapdns.net

ads.leovegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.252.251 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-252-251.eu-west-1.compute.amazonaws.com

leo-promo-redirect-service.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:b0c0:3:d0::d19:7001 (Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

promo.leovegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:183::13b8 (European Union)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:200c:ae00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.83.1 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-23

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19b::13b8 (European Union)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.139.186 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-139-186.eu-central-1.compute.amazonaws.com

api.ipdata.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.173 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-27

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.40.88 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-184-40-88.eu-central-1.compute.amazonaws.com

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:7c:800::4001 (United Kingdom)

ASN43428 (YAHOO-ULS, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:c000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.66.33 (Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.35.233 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-176-35-233.eu-west-2.compute.amazonaws.com

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.221.2 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-221-2.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.155.76.175 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 175.76.155.104.bc.googleusercontent.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.153.11.2 (Cambridge, United States) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-2.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.2 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.212.156 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-212-156.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.66.11.200 (Denmark)

ASN16245 (NGDC, DK)

uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.82.85 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-82-85.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.36.123.231 (Woodbridge, United States) 1 redirects

ASN16276 (OVH, FR)
PTR: s03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.39 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 246.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.89.247 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-89-247.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.169.117 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-169-117.eu-west-1.compute.amazonaws.com

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	ctfassets.net images.ctfassets.net	3 MB
11	leovegas.com 2 redirects ads.leovegas.com promo.leovegas.com	372 KB
4	bidswitch.net 3 redirects x.bidswitch.net	1 KB
4	adform.net track.adform.net	41 KB
4	gstatic.com fonts.gstatic.com	44 KB
4	optimizely.com cdn.optimizely.com errors.client.optimizely.com	80 KB
3	creative-serving.com 1 redirects ads.creative-serving.com	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	82 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	id5-sync.com 1 redirects id5-sync.com	2 KB
2	openx.net us-u.openx.net eu-u.openx.net	512 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	270 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	justpremium.com match.justpremium.com	215 B
1	demdex.net dpm.demdex.net	769 B
1	casalemedia.com dsum-sec.casalemedia.com	942 B
1	krxd.net beacon.krxd.net	453 B
1	semasio.net uip.semasio.net	579 B
1	360yield.com ad.360yield.com	721 B
1	sonobi.com sync.go.sonobi.com	509 B
1	yahoo.com sp.analytics.yahoo.com	449 B
1	quantcount.com rules.quantcount.com	1 KB
1	yimg.com s.yimg.com	5 KB
1	ipdata.co api.ipdata.co	436 B
1	googletagmanager.com www.googletagmanager.com	29 KB
1	googleapis.com fonts.googleapis.com	930 B
1	herokuapp.com 1 redirects leo-promo-redirect-service.herokuapp.com	367 B
1	waybitz.com waybitz.com	469 B
1	fitnessnatural.eu 1 redirects fitnessnatural.eu	317 B
67	30

	Domain	Requested by
19	images.ctfassets.net	promo.leovegas.com
10	promo.leovegas.com	1 redirects waybitz.com promo.leovegas.com
4	x.bidswitch.net	3 redirects
4	track.adform.net	waybitz.com track.adform.net
4	fonts.gstatic.com	promo.leovegas.com
3	ads.creative-serving.com	1 redirects
2	secure.adnxs.com	2 redirects
2	id5-sync.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	errors.client.optimizely.com	cdn.optimizely.com
2	www.google-analytics.com	www.googletagmanager.com promo.leovegas.com
2	cdn.optimizely.com	promo.leovegas.com
1	match.justpremium.com
1	dpm.demdex.net
1	eu-u.openx.net
1	dsum-sec.casalemedia.com
1	beacon.krxd.net
1	uip.semasio.net
1	ad.360yield.com
1	sync.go.sonobi.com
1	us-u.openx.net
1	pixel.quantserve.com	promo.leovegas.com
1	sp.analytics.yahoo.com	s.yimg.com
1	rules.quantcount.com	secure.quantserve.com
1	s.yimg.com	track.adform.net
1	secure.quantserve.com	track.adform.net
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	api.ipdata.co	waybitz.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	promo.leovegas.com
1	fonts.googleapis.com	promo.leovegas.com
1	leo-promo-redirect-service.herokuapp.com	1 redirects
1	ads.leovegas.com	1 redirects
1	waybitz.com
1	fitnessnatural.eu	1 redirects
67	36

This site contains links to these domains. Also see Links.

Domain
www.authorisation.mga.org.mt
secure.gamblingcommission.gov.uk
spillemyndigheden.dk
www.begambleaware.org
www.gamcare.org.uk
www.gamblersanonymous.org
www.leosafeplay.com

Subject Issuer	Validity	Valid
www.waybitz.com Go Daddy Secure Certificate Authority - G2	`2017-11-15` - `2019-11-15`	2 years	crt.sh
*.leovegas.com DigiCert SHA2 Secure Server CA	`2018-02-02` - `2020-01-23`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
cdn.optimizely.com DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-23`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
images.contentful.com Amazon	`2018-05-04` - `2019-06-04`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2018-02-02` - `2019-10-02`	2 years	crt.sh
*.ipdata.co Amazon	`2018-09-27` - `2019-10-27`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-12-04` - `2019-01-16`	a month	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-11-21` - `2019-05-20`	6 months	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
*.creative-serving.com COMODO RSA Domain Validation Secure Server CA	`2018-03-14` - `2019-04-03`	a year	crt.sh
*.bidswitch.net COMODO RSA Domain Validation Secure Server CA	`2018-03-22` - `2019-05-05`	a year	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2018-04-03` - `2019-04-08`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2017-01-04` - `2019-02-04`	2 years	crt.sh
*.360yield.com COMODO RSA Domain Validation Secure Server CA	`2018-03-12` - `2020-03-11`	2 years	crt.sh
*.semasio.net COMODO ECC Domain Validation Secure Server CA	`2018-03-09` - `2019-03-28`	a year	crt.sh
*.krxd.net Go Daddy Secure Certificate Authority - G2	`2017-06-12` - `2019-07-11`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2018-04-16` - `2019-02-06`	10 months	crt.sh
*.id5-sync.com Go Daddy Secure Certificate Authority - G2	`2017-04-02` - `2020-04-02`	3 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
tracking.justpremium.com Amazon	`2018-06-21` - `2019-07-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Frame ID: EE44A707509FDCB9C8F16A16D878198C
Requests: 76 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Frame ID: 58471C4287F40909D886D1D9DE1DBFD8
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=497538&lid=31340545&ctype=0&media=0&PageName=mc-casino-lp&rnd=1941872976&cpref=https%3a%2f%2fwaybitz.com%2f19812a224470dd1800%2f21997_1939247_13%2f3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10%2f48&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526tracking%255Fvariable%25253D801702268%252526unique%255Ftransaction%255Fid%25253D470475%252526pid%25253D3596701%252526bid%25253D13186
Frame ID: B47DCC204D381E252251D6FA01EF9287
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://fitnessnatural.eu/qs=r-aeifkaeiijfdhccaceicgekackekdfiadckkiabababafjadeaceahggacdjdakkgeacb HTTP 302
https://waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_995... Page URL
https://ads.leovegas.com/redirect.aspx?pid=3596701&bid=13186&lpid=473%22&tracking_variable=801702268&... HTTP 301
https://leo-promo-redirect-service.herokuapp.com/mc-casino/?btag=661653_77571B059F524C35BFC514E8A616EC7D&tracking_variable=80... HTTP 301
https://promo.leovegas.com/mc-casino/?qs=btag%253D661653_77571B059F524C35BFC514E8A616EC7D%2526tracking_... HTTP 302
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526trac... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
env /^google_tag_manager$/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^quantserve$/i

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^YAHOO$/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^webpackJsonp$/i

Page Statistics

67
Requests

100 %
HTTPS

29 %
IPv6

30
Domains

36
Subdomains

31
IPs

10
Countries

3625 kB
Transfer

5049 kB
Size

12
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=EN&company=726b906b-4fe8-4cf9-9294-0a6a8a808d90&details=1

Search URL Search Domain Scan URL

URL: https://secure.gamblingcommission.gov.uk/PublicRegister/Search/Detail/39198

Search URL Search Domain Scan URL

URL: https://spillemyndigheden.dk/

Search URL Search Domain Scan URL

URL: https://www.begambleaware.org/

Search URL Search Domain Scan URL

URL: http://www.gamcare.org.uk/

Search URL Search Domain Scan URL

URL: http://www.gamblersanonymous.org/ga/

Search URL Search Domain Scan URL

URL: https://www.leosafeplay.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fitnessnatural.eu/qs=r-aeifkaeiijfdhccaceicgekackekdfiadckkiabababafjadeaceahggacdjdakkgeacb HTTP 302
https://waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10/48 Page URL
https://ads.leovegas.com/redirect.aspx?pid=3596701&bid=13186&lpid=473%22&tracking_variable=801702268&unique_transaction_id=470475 HTTP 301
https://leo-promo-redirect-service.herokuapp.com/mc-casino/?btag=661653_77571B059F524C35BFC514E8A616EC7D&tracking_variable=801702268&unique_transaction_id=470475&pid=3596701&bid=13186 HTTP 301
https://promo.leovegas.com/mc-casino/?qs=btag%253D661653_77571B059F524C35BFC514E8A616EC7D%2526tracking_variable%253D801702268%2526unique_transaction_id%253D470475%2526pid%253D3596701%2526bid%253D13186 HTTP 302
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://fitnessnatural.eu/qs=r-aeifkaeiijfdhccaceicgekackekdfiadckkiabababafjadeaceahggacdjdakkgeacb HTTP 302
https://waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10/48

Request Chain 64

https://ads.creative-serving.com/pixel?id=3151410&type=js HTTP 302
https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js

Request Chain 65

https://x.bidswitch.net/sync?dsp_id=4&user_id=90e9bd12-b8f3-40ea-8952-c051fff3fb42&ssp=&expires=30&user_group=2&cb=544 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=kgOfDPYjRY6tgZ0KteVEMw== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEFU3p16yCUtFmv83YxlfB9s&google_cver=1

Request Chain 66

https://x.bidswitch.net/sync?dsp_id=4&user_id=90e9bd12-b8f3-40ea-8952-c051fff3fb42&ssp=&expires=30&user_group=2&cb=426 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=92039f0c-f623-458e-ad81-9d0ab5e54433

Request Chain 67

https://x.bidswitch.net/sync?dsp_id=4&user_id=90e9bd12-b8f3-40ea-8952-c051fff3fb42&ssp=&expires=30&user_group=2&cb=977 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=92039f0c-f623-458e-ad81-9d0ab5e54433

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc HTTP 302
https://ads.creative-serving.com/gcm?google_gid=CAESEAber3-sAulxmm6oAaD_i5w&google_cver=1

Request Chain 74

https://id5-sync.com/s/101/90e9bd12-b8f3-40ea-8952-c051fff3fb42/1.gif HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/101/2/0/2.gif?puid=$UID HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F101%2F2%2F0%2F2.gif%3Fpuid%3D%24UID HTTP 302
https://id5-sync.com/c/101/2/0/2.gif?puid=798986433573422149

67 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set 48 Show response
waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10/
Redirect Chain

http://fitnessnatural.eu/qs=r-aeifkaeiijfdhccaceicgekackekdfiadckkiabababafjadeaceahggacdjdakkgeacb
https://waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10/48

192 B
469 B

794ms
527ms

Document
text/html

91.209.70.15
FISHNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10/48
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.209.70.15 , Russian Federation, ASN43317 (FISHNET-AS, RU),
Reverse DNS
Software: Apache /
Resource Hash: bdbdaa27de2d1f6e9650f196686208978a6ea0ab129b3b391af85db099b2a527

Request headers

Host: waybitz.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 05:40:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 192
Server: Apache
Set-Cookie: uid8911=801702268-20190106234058-6439ba35cf32684a55ce667f6067b6d4-; expires=Thu, 07-Feb-2019 04:40:58 GMT; Max-Age=2674800; path=/

Redirect headers

Date: Mon, 07 Jan 2019 05:40:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
location: https://waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10/48
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request / Show response
promo.leovegas.com/de/mc-casino/
Redirect Chain

https://ads.leovegas.com/redirect.aspx?pid=3596701&bid=13186&lpid=473%22&tracking_variable=801702268&unique_transaction_id=470475
https://leo-promo-redirect-service.herokuapp.com/mc-casino/?btag=661653_77571B059F524C35BFC514E8A616EC7D&tracking_variable=801702268&unique_transaction_id=470475&pid=3596701&bid=13186
https://promo.leovegas.com/mc-casino/?qs=btag%253D661653_77571B059F524C35BFC514E8A616EC7D%2526tracking_variable%253D801702268%2526unique_transaction_id%253D470475%2526pid%253D3596701%2526bid%253D13186
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%252...

112 KB
37 KB

32ms
32ms

Document
text/html

2a03:b0c0:3:d0::d19:7001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186

Requested by

Host: waybitz.com
URL: https://waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10/48

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d19:7001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

fae617ff3d9cfb3000f1490e3317dd74dac1869fe5b673db2850e3b5ddcf46ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: promo.leovegas.com
:scheme: https
:path: /de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10/48
accept-encoding: gzip, deflate, br
cookie: visid_incap_1837241=WsEYfLtASsysZ6pE7dDnIGrmMlwAAAAAQUIPAAAAAADP40MEUPv7dSRbVi6Q7Dr5; incap_ses_767_1837241=4faeX96dhjeO0F0WHO+kCmrmMlwAAAAAzNiiKMq3Pn457pGImyCcSw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10/48

Response headers

status: 200
cache-control: public, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8
date: Mon, 07 Jan 2019 04:17:59 GMT
etag: "702419ce5961f07a8eb195d562aec702-ssl-df"
strict-transport-security: max-age=31536000
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd
content-encoding: gzip
age: 4980
content-length: 37296
server: Netlify
vary: Accept-Encoding
x-nf-request-id: 84ae1e78-9103-4346-becd-014f841bdc3c-9897064

Redirect headers

status: 302
cache-control: public, max-age=0, must-revalidate
content-length: 201
content-type: text/plain; charset=utf-8
date: Mon, 07 Jan 2019 05:40:59 GMT
location: /de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd
age: 0
server: Netlify
x-nf-request-id: 84ae1e78-9103-4346-becd-014f841bdc3c-9897027

GET
H2 200 component---src-layouts-index-js-3de8a3369d78e83a8c15.js Show response
promo.leovegas.com/ 2 KB
1 KB 14ms
13ms Script
application/javascript 2a03:b0c0:3:d0::d19:7001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/component---src-layouts-index-js-3de8a3369d78e83a8c15.js

Requested by

Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d19:7001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

d638522ee69bf4b6b86fe37164570c5cc7952af7eec5d9aceb59954bb0228ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /component---src-layouts-index-js-3de8a3369d78e83a8c15.js
pragma: no-cache
cookie: visid_incap_1837241=WsEYfLtASsysZ6pE7dDnIGrmMlwAAAAAQUIPAAAAAADP40MEUPv7dSRbVi6Q7Dr5; incap_ses_767_1837241=4faeX96dhjeO0F0WHO+kCmrmMlwAAAAAzNiiKMq3Pn457pGImyCcSw==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: 84ae1e78-9103-4346-becd-014f841bdc3c-9897074
date: Mon, 07 Jan 2019 04:18:31 GMT
content-encoding: gzip
server: Netlify
age: 4948
etag: "8bfb0fc1103b958fa84cdcb73fb67ee7-ssl-df"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 876
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 component---src-templates-new-look-and-feel-index-js-4667aa44468bb06ffd66.js Show response
promo.leovegas.com/ 5 KB
2 KB 15ms
14ms Script
application/javascript 2a03:b0c0:3:d0::d19:7001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/component---src-templates-new-look-and-feel-index-js-4667aa44468bb06ffd66.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d19:7001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

ae42dac54a6274ba896e594084b86d586253f896f85d6a80cef866e408741095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /component---src-templates-new-look-and-feel-index-js-4667aa44468bb06ffd66.js
pragma: no-cache
cookie: visid_incap_1837241=WsEYfLtASsysZ6pE7dDnIGrmMlwAAAAAQUIPAAAAAADP40MEUPv7dSRbVi6Q7Dr5; incap_ses_767_1837241=4faeX96dhjeO0F0WHO+kCmrmMlwAAAAAzNiiKMq3Pn457pGImyCcSw==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: 84ae1e78-9103-4346-becd-014f841bdc3c-9897075
date: Mon, 07 Jan 2019 04:19:27 GMT
content-encoding: gzip
server: Netlify
age: 4893
etag: "6d9485f39b40df55b543487fc27bf631-ssl-df"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1930
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 path---de-mc-casino-d044120685d98a2aa42e.js Show response
promo.leovegas.com/ 17 KB
8 KB 15ms
14ms Script
application/javascript 2a03:b0c0:3:d0::d19:7001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/path---de-mc-casino-d044120685d98a2aa42e.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d19:7001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

d728b708242502dd3038371bdfebd020587b1dea3d1a71b1257ff3a851eaf55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /path---de-mc-casino-d044120685d98a2aa42e.js
pragma: no-cache
cookie: visid_incap_1837241=WsEYfLtASsysZ6pE7dDnIGrmMlwAAAAAQUIPAAAAAADP40MEUPv7dSRbVi6Q7Dr5; incap_ses_767_1837241=4faeX96dhjeO0F0WHO+kCmrmMlwAAAAAzNiiKMq3Pn457pGImyCcSw==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: 84ae1e78-9103-4346-becd-014f841bdc3c-9897076
date: Mon, 07 Jan 2019 04:19:27 GMT
content-encoding: gzip
server: Netlify
age: 4893
etag: "0fa2c406c59a665315095489bdf5b09b-ssl-df"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7977
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 app-a3c69c46bd85d11f91f4.js Show response
promo.leovegas.com/ 74 KB
11 KB 15ms
15ms Script
application/javascript 2a03:b0c0:3:d0::d19:7001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/app-a3c69c46bd85d11f91f4.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d19:7001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

c6f0594bf4cb64b488de1ff8e21b4cc1e808a8b23ad5cd99bb53df0fd817ca98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /app-a3c69c46bd85d11f91f4.js
pragma: no-cache
cookie: visid_incap_1837241=WsEYfLtASsysZ6pE7dDnIGrmMlwAAAAAQUIPAAAAAADP40MEUPv7dSRbVi6Q7Dr5; incap_ses_767_1837241=4faeX96dhjeO0F0WHO+kCmrmMlwAAAAAzNiiKMq3Pn457pGImyCcSw==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: 84ae1e78-9103-4346-becd-014f841bdc3c-9897077
date: Mon, 07 Jan 2019 04:18:31 GMT
content-encoding: gzip
server: Netlify
age: 4948
etag: "7b4cfefe5a8ef6a7fa928f827d0679d9-ssl-df"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11359
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 commons-e581d391b4e7d1ecdb55.js Show response
promo.leovegas.com/ 779 KB
217 KB 16ms
15ms Script
application/javascript 2a03:b0c0:3:d0::d19:7001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d19:7001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

08e42927e76b886ce64a51477622fc7ad9ea89acc9f9c1c18f2130d789020328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /commons-e581d391b4e7d1ecdb55.js
pragma: no-cache
cookie: visid_incap_1837241=WsEYfLtASsysZ6pE7dDnIGrmMlwAAAAAQUIPAAAAAADP40MEUPv7dSRbVi6Q7Dr5; incap_ses_767_1837241=4faeX96dhjeO0F0WHO+kCmrmMlwAAAAAzNiiKMq3Pn457pGImyCcSw==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: 84ae1e78-9103-4346-becd-014f841bdc3c-9897078
date: Mon, 07 Jan 2019 04:19:27 GMT
content-encoding: gzip
server: Netlify
age: 4893
etag: "95ad59efdf412c00e6715db6240d7173-ssl-df"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 221805
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 css
fonts.googleapis.com/ 14 KB
930 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

eccce4d3d8f23b6d31ca45a26dc910311dd9425b8667e9f5c5c11a05d791e33d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 07 Jan 2019 05:40:59 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 07 Jan 2019 05:40:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Mon, 07 Jan 2019 05:40:59 GMT

GET
H2 200 9430800627.js Show response
cdn.optimizely.com/js/ 273 KB
77 KB 64ms
10ms Script
text/javascript 2a02:26f0:6c00:183::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/9430800627.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:183::13b8 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

56c0991ebc43b18ddb9e50c64d519e535dfb3fc72118d972a4ac6ec697eaca26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: _0PF_XYAyGZYJLV3XV7uKaLddi5yyY.o
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 5DC03E6EE43F2DF2
status: 200
date: Mon, 07 Jan 2019 05:40:59 GMT
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:6c00:183::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
x-akamai-ro-ghost-path: 2.22.50.190,dlr-not-sent:already-encoded-by-ro
content-length: 78413
x-amz-id-2: lk3D80SzBtAyHgcHwSy6ZKsZwcaS1Ic5PsIyARWH5/TbxXFwdexzkTl5Y93uqyUJbQ1ssp85WgU=
last-modified: Thu, 06 Dec 2018 02:12:43 GMT
server: Akamai Resource Optimizer
etag: "2cc84b815246c6031884845a72875975"
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 2651
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 leovegas-casino-logo.367bf0de.svg
promo.leovegas.com/static/ 12 KB
6 KB 41ms
41ms Image
image/svg+xml 2a03:b0c0:3:d0::d19:7001
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.leovegas.com/static/leovegas-casino-logo.367bf0de.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d19:7001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

ce6756a7c10ff1f8be82a1e4e94a18bb8e68c2f19df87df9cb8168c6dda2fd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /static/leovegas-casino-logo.367bf0de.svg
pragma: no-cache
cookie: visid_incap_1837241=WsEYfLtASsysZ6pE7dDnIGrmMlwAAAAAQUIPAAAAAADP40MEUPv7dSRbVi6Q7Dr5; incap_ses_767_1837241=4faeX96dhjeO0F0WHO+kCmrmMlwAAAAAzNiiKMq3Pn457pGImyCcSw==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: 84ae1e78-9103-4346-becd-014f841bdc3c-9897079
date: Mon, 07 Jan 2019 04:19:27 GMT
content-encoding: gzip
server: Netlify
age: 4892
etag: "e22766ec110e48144fe3105d28f58b47-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5532
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
29 KB 46ms
17ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

16987eaef0f4c447416e90e00afdd5790d8cef420e9b30cbca79624b6b4e6720

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 05:40:59 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 29864
x-xss-protection: 1; mode=block
expires: Mon, 07 Jan 2019 05:40:59 GMT

GET
H2 200 paypal.png
images.ctfassets.net/kijvoxi4q0zn/5mV9JttLd6KUmokSUsGg0c/2b440f40bc4ae963f4b8bdb8d8a5ad31/ 4 KB
4 KB 68ms
7ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/5mV9JttLd6KUmokSUsGg0c/2b440f40bc4ae963f4b8bdb8d8a5ad31/paypal.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a662b48f5c2363b832340eb5288af5df0ac51cdb4231785c0df2e18b335c959f

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546827
etag: "ce7c0914c695d29b08d6e444955b561c"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3832
x-amz-cf-id: 3E_BHRjIOEafDjD8PoS1sOycyiUXvQZXHQj9QXG65xUdfwqFlKtKoQ==

GET
H2 200 sofortklarna.png
images.ctfassets.net/kijvoxi4q0zn/2CAIGpcyAQ6UGC2c00EOIw/b4e98e832fe525ce78bfbda0833264e5/ 6 KB
6 KB 48ms
7ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/2CAIGpcyAQ6UGC2c00EOIw/b4e98e832fe525ce78bfbda0833264e5/sofortklarna.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b14a7f9c486e98dee1363e7fe513bfb4a1f85cccd620aa93f9492c9b1669c70d

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546828
etag: "594c21590f36927ee691ddb66fa9ba0e"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 5744
x-amz-cf-id: T-htoaIMWbEuA7IOlVUz4xS3H6WF7Og_NbFeGX4fMR5AhrWZwU16BA==

GET
H2 200 visa.png
images.ctfassets.net/kijvoxi4q0zn/3ViLoK5xpS4ewO4S0uCyey/5d6f669d7115ef736e8249079161d49a/ 4 KB
4 KB 12ms
7ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/3ViLoK5xpS4ewO4S0uCyey/5d6f669d7115ef736e8249079161d49a/visa.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 273960782964d6c98b7784d94eef99d63d8bf70c80a48a3d77da0c8191989c39

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 02 Nov 2018 18:01:42 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 5657958
etag: "3564f544731f0c9e221f694ab9a1975e"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3630
x-amz-cf-id: bSwthrd-vqrDOv9IB0x2pQIN6Fpi0zQk_2oZpqsB4lZh-u8zW4DCuQ==

GET
H2 200 paysafe.png
images.ctfassets.net/kijvoxi4q0zn/41nin6pA92SG2EO06iaYEO/76548fa568856af2df611d3fdaa5b9a0/ 2 KB
3 KB 16ms
11ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/41nin6pA92SG2EO06iaYEO/76548fa568856af2df611d3fdaa5b9a0/paysafe.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 21bb3c933ccc576c2f6d75e583fbb2bcaac5e37c71ed4644754cdaab692bf74a

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546828
etag: "62f2a79a770caf4f38e58fd5c4a91f5f"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2453
x-amz-cf-id: KXMhS1Vos6qshRRFzLEr6f34YPpoLr5zMXffdprqqMCdDuKkryFBWA==

GET
H2 200 trustly.png
images.ctfassets.net/kijvoxi4q0zn/4ZgGhzEvv2ACeAACUQUWKA/8ef5a9eef0ff01ed2aba14e77ba09db4/ 3 KB
3 KB 17ms
12ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/4ZgGhzEvv2ACeAACUQUWKA/8ef5a9eef0ff01ed2aba14e77ba09db4/trustly.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: db5448c194812ce8efad1c59985d077940ff131ebfba8d0f3232791136589ae2

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:31 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546829
etag: "e6c9bee5471fa317b7298fce8ebe5e5b"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3157
x-amz-cf-id: 9Mn2XcqKVDdLqZMDz3UgJHjtbHgsQJ8XIvcy8745Aw3S8Qmd8mOC3A==

GET
H2 200 skrill.png
images.ctfassets.net/kijvoxi4q0zn/c9n7WDRBqosmIY4E2ugQa/7c26eb0f1c21cdd89d87720931f56e3d/ 2 KB
3 KB 17ms
12ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/c9n7WDRBqosmIY4E2ugQa/7c26eb0f1c21cdd89d87720931f56e3d/skrill.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 145f3844ee4625769479e42ed319920f5e1d65350ce8798bf44c899ef0034793

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546828
etag: "b68c991eb7ce56009d8cf05ffccbc54f"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2476
x-amz-cf-id: t-zBhBCO-O_Suf03tONzT1t6c_rJ9aqn4DGT2b9odu606qNRm6Qq3A==

GET
H2 200 neteller.png
images.ctfassets.net/kijvoxi4q0zn/5BDClCPzlCK06wcmCgwiIK/809768fb004de199cf7c9e94386691ae/ 3 KB
3 KB 17ms
13ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/5BDClCPzlCK06wcmCgwiIK/809768fb004de199cf7c9e94386691ae/neteller.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 21b0443189f0b628070b7b4fae484173a0edb5c031136340a6935b6b9c0eb73b

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 02 Nov 2018 18:06:25 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 5657675
etag: "5274c381b9bb26fb04edf7e4aa0cb3bd"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2893
x-amz-cf-id: JpwR0uS2ZJ3II0dpAMjs62wjOLFAQ36SHLplbkZBok7tgndvAtpBEA==

GET
H2 200 EGR-Nordics-CasinoOperator-2017.png
images.ctfassets.net/kijvoxi4q0zn/6f6dOX7sD6Q8ukcwOwMykE/ada4ae647e5ef6cdd7587ae7dc0b49bd/ 32 KB
32 KB 17ms
13ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/6f6dOX7sD6Q8ukcwOwMykE/ada4ae647e5ef6cdd7587ae7dc0b49bd/EGR-Nordics-CasinoOperator-2017.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: f2902780cf44600bf868dd9ec81ba7862abec95b97cff8651762bf1a8b90dfb8

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:31 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546828
etag: "9705e60efb9329a3514ac4df0a1b889b"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 32306
x-amz-cf-id: H5oIqfLnIsLEcomVXrgZATk2Mpism31R5UJCsJXalpC7eI5EnHNqTQ==

GET
H2 200 EGR-Nordics-CasinoOperator-2016.png
images.ctfassets.net/kijvoxi4q0zn/4yEYKbj8JWEC2Gc02QuuWY/8b42c8e676005e55fe3deb01ccef0837/ 32 KB
32 KB 22ms
18ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/4yEYKbj8JWEC2Gc02QuuWY/8b42c8e676005e55fe3deb01ccef0837/EGR-Nordics-CasinoOperator-2016.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0c48b773fbf650a8222bc9b7beaaff31923a67e2adc29f42e15ac46c677d85cc

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:31 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546829
etag: "ad9a7d687628c9928fbd2ed7aa364af2"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 32551
x-amz-cf-id: H7kXuj4UqpMYpnuQJbnpPzAjres9zyWXx61YRIJOg1yi86q6ZpWT2g==

GET
H2 200 iphonex-app.218eb622.png
promo.leovegas.com/static/ 66 KB
66 KB 10ms
6ms Image
image/png 2a03:b0c0:3:d0::d19:7001
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.leovegas.com/static/iphonex-app.218eb622.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d19:7001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

e5b74ea28e08ec3cfc168a3d8179d4b528514e6ddd2f87af11797d126e507a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /static/iphonex-app.218eb622.png
pragma: no-cache
cookie: visid_incap_1837241=WsEYfLtASsysZ6pE7dDnIGrmMlwAAAAAQUIPAAAAAADP40MEUPv7dSRbVi6Q7Dr5; incap_ses_767_1837241=4faeX96dhjeO0F0WHO+kCmrmMlwAAAAAzNiiKMq3Pn457pGImyCcSw==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: 84ae1e78-9103-4346-becd-014f841bdc3c-9897091
date: Mon, 07 Jan 2019 04:18:21 GMT
server: Netlify
age: 4958
etag: "3439b0ed97d596f841835483a26a610e-ssl"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 67225
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 mga.png
images.ctfassets.net/kijvoxi4q0zn/2Uc4dcnb0cUSEgUqKeYmk8/5549d2a0745b2483ea3e5fbea1422682/ 4 KB
4 KB 22ms
19ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/2Uc4dcnb0cUSEgUqKeYmk8/5549d2a0745b2483ea3e5fbea1422682/mga.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 2ede25a0ac2405841be39bb212ab00eb1db622ae8c06a6cbfa1f21cc20a94bf6

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546828
etag: "9f179ffc68cc8efa5a8dc6d543c42f10"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3665
x-amz-cf-id: Tg2XCT7NwA-WLgNcJw3qQeh9mC3v1e5pGzOrgv0OjDXQ1a1NdxzjCg==

GET
H2 200 gambling-commission.png
images.ctfassets.net/kijvoxi4q0zn/4Nb9hNN54c4S0oiCUa4ESm/c6602fe3b62546091d35592a4273c530/ 6 KB
6 KB 23ms
19ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/4Nb9hNN54c4S0oiCUa4ESm/c6602fe3b62546091d35592a4273c530/gambling-commission.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 5ffe45acf226a47230a5c69a51c1675b02ec885015106de4af29eec99961fc0a

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546828
etag: "19e7e8eaf95d3d620d7824eae5b3ab8b"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 5888
x-amz-cf-id: WKVswg2HEfvmTaTYZGHlLyfxcYpD2AoIa2Ef2ChPOCc51HOD9YqaIw==

GET
H2 200 license3.png
images.ctfassets.net/kijvoxi4q0zn/1QrpFMgzA4ea8gYcOmus4q/4f46552fd36bb194b222f0b6c252154a/ 6 KB
6 KB 23ms
19ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/1QrpFMgzA4ea8gYcOmus4q/4f46552fd36bb194b222f0b6c252154a/license3.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a63d3c65ea6fb8f61859c63e4f4b966c2ffaca62733d62064acf7fcc82d0b5e8

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 07 Nov 2018 00:07:36 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 5290404
etag: "0b78d1564ae1add09bba65d11ed32bc7"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 6324
x-amz-cf-id: Xm1-uOwtKXp2qXq1szLr5FRs3Ih20ZVlj3BKU2HJkZp6jElcSnt9Fw==

GET
H2 200 eu.png
images.ctfassets.net/kijvoxi4q0zn/2nPMd5FgoYGmgmQic6QcoK/41fbb4126551a01649fc1c471864cdd8/ 4 KB
4 KB 23ms
20ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/2nPMd5FgoYGmgmQic6QcoK/41fbb4126551a01649fc1c471864cdd8/eu.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b855baad3ab0ad04962f7f418073e6a433589e52c45c9077e82d0786077e6329

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 02 Nov 2018 18:01:42 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 5657958
etag: "3345ac39791029391aba953adb6c54e8"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3664
x-amz-cf-id: drVMqUK_ytHbDbiidtg3swD9DgmOyKmzlIex8iigzJqOE8xRkXU9zg==

GET
H2 200 begambleaware.png
images.ctfassets.net/kijvoxi4q0zn/4n5itn9bJeauCqAYGIYEc8/54f339e439f7b365d8a19824aefafbb5/ 5 KB
5 KB 23ms
20ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/4n5itn9bJeauCqAYGIYEc8/54f339e439f7b365d8a19824aefafbb5/begambleaware.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 02920491695411e238e7fbc665cb602f6f314db84721495b6d5c10b452fc9e59

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 02 Nov 2018 18:01:42 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 5657958
etag: "3c8fe3f2334e33daa00c0aac5ad53975"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 5187
x-amz-cf-id: mr0Fd2KXuS8r2gT8HOe658kmby0xG_CPzyauDkfjX07_8tBHeXUN8g==

GET
H2 200 gamcare.png
images.ctfassets.net/kijvoxi4q0zn/62kAEz4BsAEqeaCI2ciGss/6e22bf0f1696b261eeddf0a5916cfd40/ 3 KB
3 KB 23ms
21ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/62kAEz4BsAEqeaCI2ciGss/6e22bf0f1696b261eeddf0a5916cfd40/gamcare.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6e1587a49a2d4640c0936ab3c7b63bc37d4186b4033ecefd256bc7c1f982bb9f

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546828
etag: "ad6b57b26bbacb687f3603f27855ecc6"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2783
x-amz-cf-id: aiERLmpmh8uqqlIzl7Hk2tRjXKuRJLOahI4o9KsSHuXrhTxRYnSqVA==

GET
H2 200 ga.png
images.ctfassets.net/kijvoxi4q0zn/59JQfnohhYqM2oI0wgOQoq/26fdfac0b667ea33c73f2145447f5cf1/ 3 KB
3 KB 24ms
21ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/59JQfnohhYqM2oI0wgOQoq/26fdfac0b667ea33c73f2145447f5cf1/ga.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0ab3d4ad2b0c990a9de580274dd61f2c4d4369f3b1d81a2ca1def837327bd24f

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546828
etag: "52ef383d695dcb79c5a345367acff73e"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2717
x-amz-cf-id: ktxsptnnWt8Ae7rq45KffmwEWQdWuUDmK2O1sRd0wgnRZzs0nnM0Sw==

GET
H2 200 leosafeplay.png
images.ctfassets.net/kijvoxi4q0zn/7o9AdRaiWWyKm2A0qWmi62/94f9d8aa5b81a09b5d64fedadfdf07bb/ 3 KB
4 KB 24ms
21ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/7o9AdRaiWWyKm2A0qWmi62/94f9d8aa5b81a09b5d64fedadfdf07bb/leosafeplay.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 617d2a8d89bbdbebbe32227d6a72072658bce3da4a04fc704044e92bff2f9106

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546828
etag: "7ebf07cbf623c5893084c393bbc9d588"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3552
x-amz-cf-id: F4SxM3U4w2XQa0nG58cDHp8FwgcIp-kc716xkd7NsIitxXbbxxOQnQ==

GET
H2 200 hotjar-150438.js Show response
static.hotjar.com/c/ 2 KB
1 KB 77ms
14ms Script
application/javascript 147.75.83.1
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-150438.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.1 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-23

Software

Resource Hash

d87b196a4f37389d20371d3af493fe6eb0982ed0fc4f2f3a7512d785bf51e7c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 05:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
etag: W/936afb93f87a4c9e1043c1e1a97b1a77
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=60
section-io-origin-time-seconds: 0.049
section-io-origin-status: 304
accept-ranges: bytes
section-io-id: 5593483ea4418cb50669f5e98abef983
content-length: 941

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 3113
date: Mon, 07 Jan 2019 04:49:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Mon, 07 Jan 2019 06:49:06 GMT

GET
DATA 200
OK truncated
/ 548 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e33f8f81b6ba762ee90e950a44b9d4cc2d581b50862db36dfa2fc7cb1ee1ef5

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 788 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd5de0cd31374f449cb6a66ebcf87b0d732a9fe3af8fe3dc4c4df1638b24040b

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccac1881f0aa30ce6e0b27faca92813dec7f738c9bc477de7f0ff3cd97d80e4d

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc3aa232da577d5cd0e40070a0cfce5bba8255e505e115c79cd6ab180b5c1e03

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1aa27217bcc70dcac6d0771b3691f0fb7cad2b3d789c9c5a68ae3343a8f8189

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a62f202a036f31afbe29957893501fd9788b8b7da68fd937f09a4748c80dfe24

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 178070bb42e889b14f1aaf839aeaa6ca553bd92ebd98c918f4f2f4ebda54f655

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 558 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7432ef865494c910726e0e9b7f4cd34d33ffd95a0804dfae8695872794a11e87

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1006 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c4e40525446376e67437bb87b5e547a5113d20ec4281de744b1f17beb18a388

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 593 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ade492e71a709b0ae66a7d625ab7114a519ad73726eb8d079510e5af293a8f2b

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff

Request headers

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a32cf4cbacae0c02bd7047d9cd93b4a95ae9bfde846b27699bd643c0909eed34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin: https://promo.leovegas.com

Response headers

date: Wed, 02 Jan 2019 16:00:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:04 GMT
server: sffe
age: 394853
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10752
x-xss-protection: 1; mode=block
expires: Thu, 02 Jan 2020 16:00:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin: https://promo.leovegas.com

Response headers

date: Tue, 18 Dec 2018 20:45:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 1673728
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10748
x-xss-protection: 1; mode=block
expires: Wed, 18 Dec 2019 20:45:31 GMT

GET
H2 200 Roboto-ExtraBlack.625fcf1e.ttf
promo.leovegas.com/static/ 41 KB
23 KB 7ms
6ms Font
application/x-font-ttf 2a03:b0c0:3:d0::d19:7001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/static/Roboto-ExtraBlack.625fcf1e.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d19:7001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

6a32e11a4c8e46e4b95553e27f336bc3ff424298cb36b814dd5f8b793a06ce8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /static/Roboto-ExtraBlack.625fcf1e.ttf
pragma: no-cache
cookie: visid_incap_1837241=WsEYfLtASsysZ6pE7dDnIGrmMlwAAAAAQUIPAAAAAADP40MEUPv7dSRbVi6Q7Dr5; incap_ses_767_1837241=4faeX96dhjeO0F0WHO+kCmrmMlwAAAAAzNiiKMq3Pn457pGImyCcSw==
origin: https://promo.leovegas.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Origin: https://promo.leovegas.com

Response headers

x-nf-request-id: 84ae1e78-9103-4346-becd-014f841bdc3c-9897115
date: Mon, 07 Jan 2019 04:18:27 GMT
content-encoding: gzip
server: Netlify
age: 4952
etag: "6784df36e1e032fbfb3203203914be4f-ssl-df"
vary: Accept-Encoding
content-type: application/x-font-ttf
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 23107
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin: https://promo.leovegas.com

Response headers

date: Wed, 19 Dec 2018 07:34:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:47 GMT
server: sffe
age: 1634800
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10876
x-xss-protection: 1; mode=block
expires: Thu, 19 Dec 2019 07:34:19 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v18/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

556e09ad66d48078d2ea341eff36e93dafdb56fed15e9d92e052a7cb3910e2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin: https://promo.leovegas.com

Response headers

date: Fri, 21 Dec 2018 06:20:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:10 GMT
server: sffe
age: 1466418
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12368
x-xss-protection: 1; mode=block
expires: Sat, 21 Dec 2019 06:20:41 GMT

GET
H2 200 V6Ypw6efpoaSVmqGyBi5NJ.json Show response
cdn.optimizely.com/datafiles/ 4 KB
2 KB 23ms
10ms Fetch
text/javascript 2a02:26f0:6c00:19b::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/V6Ypw6efpoaSVmqGyBi5NJ.json

Requested by

Host: promo.leovegas.com
URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:19b::13b8 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ead8fb782159aef821427834daeb3af3b8181704cb5e1f5838ce87c4002d2930

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Origin: https://promo.leovegas.com

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: W9TnwjNfIgrhwOrxeQWR1X4ExrY1BwC0
content-encoding: gzip
etag: "bfb5ce96827071855d09fef621bf10a2"
x-amz-request-id: 48C080BAE7D1C04D
status: 200
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD, OPTIONS
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:19b::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 989
x-amz-id-2: qDDf6278BqFMM1iVcmeETFyicOcGH+0zSbZP3PfR0eU7q6rmaF/yCU/wzcKgvza2EHNtEtyOCPg=
last-modified: Thu, 03 Jan 2019 16:37:03 GMT
server: AmazonS3
date: Mon, 07 Jan 2019 05:40:59 GMT
access-control-max-age: 604800
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=118
access-control-allow-credentials: false
x-amz-meta-revision: 52
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 / Show response
track.adform.net/serving/scripts/trackpoint/async/ 76 KB
30 KB 763ms
58ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/scripts/trackpoint/async/
Requested by: Host: waybitz.com
URL: https://waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10/48
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 05:41:00 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
content-type: text/javascript; charset=utf-8
content-length: 30712
expires: Mon, 14 Jan 2019 05:41:00 GMT

GET
H2 403 / Show response
api.ipdata.co/ 242 B
436 B 105ms
59ms Fetch
application/json 52.28.139.186
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipdata.co/?api-key=f57a5807a806a30fca7a1097e6da2f6be45f127b40dd5b2fd5d1522b
Requested by: Host: waybitz.com
URL: https://waybitz.com/19812a224470dd1800/21997_1939247_13/3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10/48
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.139.186 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-139-186.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c0b1ac7771517e5cb3ad55591c29b1da860791154ce96edc4bcf0242744281ae

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Origin: https://promo.leovegas.com

Response headers

date: Mon, 07 Jan 2019 05:40:59 GMT
x-amzn-errortype: AccessDeniedException
x-amzn-requestid: d004abe6-123e-11e9-9a4b-cdc638ed057c
status: 403
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: THjw2G-xliAFUAA=
content-length: 242

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 14ms
14ms Image
image/gif 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j72&aip=1&a=1644569329&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526tracking%255Fvariable%25253D801702268%252526unique%255Ftransaction%255Fid%25253D470475%252526pid%25253D3596701%252526bid%25253D13186&dr=https%3A%2F%2Fwaybitz.com%2F19812a224470dd1800%2F21997_1939247_13%2F3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10%2F48&dp=%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526tracking%255Fvariable%25253D801702268%252526unique%255Ftransaction%255Fid%25253D470475%252526pid%25253D3596701%252526bid%25253D13186&ul=en-us&de=UTF-8&dt=Casino%20f%C3%BCr%20Mobilger%C3%A4te%20und%20Online-Casino%20-%20Spielen%20Sie%20Casino-Spiele%20online%20oder%20auf%20Ihrem%20Mobilger%C3%A4t%20%7C%20LeoVegas%20Casino&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ci=661653&cn=13186&cs=661653&cm=affiliate&_u=YEBAAEAB~&jid=1014426502&gjid=1396641562&cid=95781711.1546839660&tid=UA-25600410-30&_gid=525148873.1546839660&_r=1&gtm=2wgbc0WGS5KD&cd1=661653&cd3=3596701&cd4=leo&cd7=de&z=1482510801

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jan 2019 05:40:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules-f05594485f7797d58b408b352f247d6e.js Show response
script.hotjar.com/ 399 KB
81 KB 58ms
20ms Script
application/javascript 147.75.32.173
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules-f05594485f7797d58b408b352f247d6e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-150438.js?sv=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.32.173 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-27

Software

Resource Hash

73780d51fa5c9aac80a714e7fa9b29b61910ecf2a891987653a05e82c61c6180

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 05:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 04 Jan 2019 10:50:13 GMT
access-control-allow-origin: *
etag: W/"f05594485f7797d58b408b352f247d6e"
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.042
content-length: 82184
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 3f8d9ef4df2647e197a5bf67b7529d3c
x-amz-version-id: SKy3ZSB504PHM9JYh8AGxm5A4VRYbaxD

GET
H2 200 DE_-_New_BoD-_LP_pop_up_paypal.png
images.ctfassets.net/kijvoxi4q0zn/1B5mtmyuEge4YyymckMo6C/805733bf8a4efb2bb936c07a803471bc/ 192 KB
192 KB 7ms
7ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/1B5mtmyuEge4YyymckMo6C/805733bf8a4efb2bb936c07a803471bc/DE_-_New_BoD-_LP_pop_up_paypal.png?w=635&h=210&q=50
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c27655230d3d38cff2a504b0286d5d583c4aca4ed6efb6bd5b493a1726f615b8

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:42:14 GMT
via: 1.1 varnish, 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546725
etag: "33422541f80cdcc02523c437530ebe28"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 196119
x-amz-cf-id: _GkJPnGaVEsLh2FNx9qk8rJM0GQNW2TvQ7bzZX4ItR6irfRU8cFMeQ==

GET
H2 200 DE_Casino_Desktop_.png
images.ctfassets.net/kijvoxi4q0zn/1oIrQIQwuQIQyA0G8AQyYC/c7c4194d3ff2e0981eef3b9ce9887bdf/ 3 MB
3 MB 13ms
13ms Image
image/png 2600:9000:200c:ae00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/1oIrQIQwuQIQyA0G8AQyYC/c7c4194d3ff2e0981eef3b9ce9887bdf/DE_Casino_Desktop_.png?w=1920&h=1080&q=50
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:ae00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0cbffceeee02084e8fdd49271f763d11f58d87eb1fc3e5d14b1cb30ef75dd552

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:42:45 GMT
via: 1.1 varnish, 1.1 a7cfc7facd5206ba992dff0c0b5504da.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4546694
etag: "bf9fc0dd573f475288f927cf19ce9792"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2680520
x-amz-cf-id: p7Kso5Up0UoRwpLyVg-eUNEWeW1WWHGuLk-VfNUAywWIGl-2W3U_sA==

GET
H2 200 rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
vars.hotjar.com/ Frame 5847 0
0 79ms
29ms Document
text/html 147.75.83.1
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-150438.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.83.1 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-23
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186

Response headers

status: 200
date: Mon, 07 Jan 2019 05:40:59 GMT
content-type: text/html
content-length: 857
cache-control: max-age=31536000
last-modified: Wed, 26 Dec 2018 17:42:40 GMT
x-amz-version-id: r21unyjRaeSnpbfdAFfXa49OG_A_M8ik
section-io-origin-status: 200
section-io-origin-time-seconds: 0.058
etag: W/"da10bd4908deb9e19dfde013ec3fe4ff"
content-encoding: gzip
accept-ranges: bytes
section-io-id: f768e380884cd443307a1e0bb71625da

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 18 KB
9 KB 30ms
29ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7C&ord=488902293244&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwaybitz.com%2F19812a224470dd1800%2F21997_1939247_13%2F3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10%2F48&ADFtpmode=2&loc=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d2a9f484221713647a0c202052e3c5cc9c8e4dba00b00e05e71797c5941461fc

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jan 2019 05:41:00 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 8758
expires: -1

GET
H2 200 / Show response
track.adform.net/wpf/v2/.la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... 3 KB
2 KB 36ms
28ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/wpf/v2/.la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2FrYelnbgPrabmOneNufuyPBDjaY2ftckuyPB884akHGOg4B36KEN.7F5CSV0odm_dhrxbuJjkWxv5iJ3A0KAGYiJ4q51bHb97ShraUW9zLz3YMJ5tFFg4K1kl1BNlY6RdWY5BNBtQT.clYIT3SvgMJgJ0Nc1lF4XVA4.L9.gJ.elF1VLf4.9dPgJ2MnGmRgJ2MnGmRgJ.c4elF1VLf4.ATjV.2E2/serving/trackpoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7c&ord=488902293244&Set1=en-US%7cen-US%7c1600x1200%7c24&CPref=https%3a%2f%2fwaybitz.com%2f19812a224470dd1800%2f21997_1939247_13%2f3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10%2f48&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526&catdt=0
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: fc75587b83043c51f0af11187835a5d60bf4b108dab02a20d1b2ef7a43bc7501

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jan 2019 05:41:00 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 1826
expires: -1

GET
H2 200 /
track.adform.net/serving/container/ Frame B47D 0
0 30ms
29ms Document
text/html 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/container/?pm=497538&lid=31340545&ctype=0&media=0&PageName=mc-casino-lp&rnd=1941872976&cpref=https%3a%2f%2fwaybitz.com%2f19812a224470dd1800%2f21997_1939247_13%2f3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10%2f48&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526tracking%255Fvariable%25253D801702268%252526unique%255Ftransaction%255Fid%25253D470475%252526pid%25253D3596701%252526bid%25253D13186
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: track.adform.net
:scheme: https
:path: /serving/container/?pm=497538&lid=31340545&ctype=0&media=0&PageName=mc-casino-lp&rnd=1941872976&cpref=https%3a%2f%2fwaybitz.com%2f19812a224470dd1800%2f21997_1939247_13%2f3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10%2f48&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526tracking%255Fvariable%25253D801702268%252526unique%255Ftransaction%255Fid%25253D470475%252526pid%25253D3596701%252526bid%25253D13186
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
accept-encoding: gzip, deflate, br
cookie: cid=-5750631979060554274,0,0,0,0; uid=-5750631979060554274
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186

Response headers

status: 200
server: nginx
date: Mon, 07 Jan 2019 05:41:00 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 12 KB
6 KB 76ms
8ms Script
application/x-javascript 18.184.40.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/wpf/v2/.la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2FrYelnbgPrabmOneNufuyPBDjaY2ftckuyPB884akHGOg4B36KEN.7F5CSV0odm_dhrxbuJjkWxv5iJ3A0KAGYiJ4q51bHb97ShraUW9zLz3YMJ5tFFg4K1kl1BNlY6RdWY5BNBtQT.clYIT3SvgMJgJ0Nc1lF4XVA4.L9.gJ.elF1VLf4.9dPgJ2MnGmRgJ2MnGmRgJ.c4elF1VLf4.ATjV.2E2/serving/trackpoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7c&ord=488902293244&Set1=en-US%7cen-US%7c1600x1200%7c24&CPref=https%3a%2f%2fwaybitz.com%2f19812a224470dd1800%2f21997_1939247_13%2f3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10%2f48&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526&catdt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.40.88 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-184-40-88.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 05:41:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07-Jan-2019 05:41:00 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Mon, 14 Jan 2019 05:41:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
5 KB 109ms
41ms Script
application/javascript 2a00:1288:7c:800::4001
YAHOO-ULS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: track.adform.net
URL: https://track.adform.net/wpf/v2/.la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2FrYelnbgPrabmOneNufuyPBDjaY2ftckuyPB884akHGOg4B36KEN.7F5CSV0odm_dhrxbuJjkWxv5iJ3A0KAGYiJ4q51bHb97ShraUW9zLz3YMJ5tFFg4K1kl1BNlY6RdWY5BNBtQT.clYIT3SvgMJgJ0Nc1lF4XVA4.L9.gJ.elF1VLf4.9dPgJ2MnGmRgJ2MnGmRgJ.c4elF1VLf4.ATjV.2E2/serving/trackpoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7c&ord=488902293244&Set1=en-US%7cen-US%7c1600x1200%7c24&CPref=https%3a%2f%2fwaybitz.com%2f19812a224470dd1800%2f21997_1939247_13%2f3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10%2f48&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526&catdt=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:7c:800::4001 , United Kingdom, ASN43428 (YAHOO-ULS, GB),

Reverse DNS

Software

ATS /

Resource Hash

bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 05:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Accept-Encoding
content-length: 4111
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Oct 2018 11:15:54 GMT
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
via: http/1.1 spdc0031.pbp.ir2.yahoo.com (ApacheTrafficServer), https/1.1 e11.ycpi.lob.yahoo.com (ApacheTrafficServer [cMsSf ])
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges: bytes

GET
H2 200 rules-p-qv3RqfmexMYyL.js Show response
rules.quantcount.com/ 741 B
1 KB 55ms
7ms Script
application/x-javascript 2600:9000:200c:c000:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-qv3RqfmexMYyL.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:c000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3cb39e0ced352a1ba59a392589953e3ad7a1520a6e92fd65b9e676c48ecdad48

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 04:46:23 GMT
via: 1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
last-modified: Tue, 29 May 2018 13:38:10 GMT
server: AmazonS3
age: 3314
etag: "8f941d23a1f316fadd6bc7fb6b5233f2"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 741
x-amz-cf-id: Xd7jzmmKeCX9v2elpPi93EWeBykSSB9P0NziK_eLuN4xjRZc4ptEVQ==

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
449 B 109ms
31ms Script
application/x-javascript 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&d=Mon%2C%2007%20Jan%202019%2005%3A41%3A00%20GMT&n=0&b=Casino%20f%C3%BCr%20Mobilger%C3%A4te%20und%20Online-Casino%20-%20Spielen%20Sie%20Casino-Spiele%20online%20oder%20auf%20Ihrem%20Mobilger%C3%A4t%20%7C%20LeoVegas%20Casino&.yp=10064881&f=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526tracking%255Fvariable%25253D801702268%252526unique%255Ftransaction%255Fid%25253D470475%252526pid%25253D3596701%252526bid%25253D13186&e=https%3A%2F%2Fwaybitz.com%2F19812a224470dd1800%2F21997_1939247_13%2F3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10%2F48&enc=UTF-8

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 05:41:00 GMT
via: http/1.1 spdc0034.pbp.ir2.yahoo.com (ApacheTrafficServer)
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Mon, 07 Jan 2019 05:41:00 GMT

GET
H/1.1 200
OK pixel;r=1966398292;labels=_fp.event.Homepage;rf=0;a=p-qv3RqfmexMYyL;url=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526trac...
pixel.quantserve.com/ 35 B
479 B 117ms
19ms Image
image/gif 35.176.35.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1966398292;labels=_fp.event.Homepage;rf=0;a=p-qv3RqfmexMYyL;url=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255F77571B059F524C35BFC514E8A616EC7D%252526tracking%255Fvariable%25253D801702268%252526unique%255Ftransaction%255Fid%25253D470475%252526pid%25253D3596701%252526bid%25253D13186;ref=https%3A%2F%2Fwaybitz.com%2F19812a224470dd1800%2F21997_1939247_13%2F3749_377842611_0_0_0_1371539_48_1282_9953_1939247_10%2F48;fpan=1;fpa=P0-1496499867-1546839660865;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1546839660865;tzo=0;ogl=
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.35.233 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-176-35-233.eu-west-2.compute.amazonaws.com
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 05:41:00 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
410 B 428ms
102ms XHR
text/plain 52.0.221.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9430800627.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.221.2 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-221-2.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://promo.leovegas.com
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 07 Jan 2019 05:41:02 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://promo.leovegas.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
244 B 101ms
101ms XHR
text/plain 52.0.221.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.221.2 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-221-2.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
Origin: https://promo.leovegas.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://promo.leovegas.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Mon, 07 Jan 2019 05:41:02 GMT
Content-Type: text/plain

GET
H/1.1

200
OK

pixel Show response
ads.creative-serving.com/ul_cb/
Redirect Chain

https://ads.creative-serving.com/pixel?id=3151410&type=js
https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js

1 KB
2 KB

24ms
24ms

Script
text/javascript

104.155.76.175
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.76.175 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 175.76.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c24066879fa26553f7582af14d9c501f95adbf1de83dd1a06ec56a7905fe49ec

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 05:41:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 1530
Content-Type: text/javascript

Redirect headers

Location: https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js
Date: Mon, 07 Jan 2019 05:41:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

google_sync_status
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=90e9bd12-b8f3-40ea-8952-c051fff3fb42&ssp=&expires=30&user_group=2&cb=544
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=kgOfDPYjRY6tgZ0KteVEMw==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEFU3p16yCUtFmv83YxlfB9s&google_cver=1

43 B
346 B

33ms
23ms

Image
image/gif

18.153.11.2
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEFU3p16yCUtFmv83YxlfB9s&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.11.2 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-153-11-2.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 05:41:10 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 43

Redirect headers

pragma: no-cache
date: Mon, 07 Jan 2019 05:41:10 GMT
server: HTTP server (unknown)
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEFU3p16yCUtFmv83YxlfB9s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 316
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=90e9bd12-b8f3-40ea-8952-c051fff3fb42&ssp=&expires=30&user_group=2&cb=426
https://us-u.openx.net/w/1.0/sd?id=537072968&val=92039f0c-f623-458e-ad81-9d0ab5e54433

43 B
256 B

40ms
20ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=92039f0c-f623-458e-ad81-9d0ab5e54433
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jan 2019 05:41:10 GMT
server: OXGW/16.117.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 07 Jan 2019 05:41:10 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: //us-u.openx.net/w/1.0/sd?id=537072968&val=92039f0c-f623-458e-ad81-9d0ab5e54433
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=90e9bd12-b8f3-40ea-8952-c051fff3fb42&ssp=&expires=30&user_group=2&cb=977
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=92039f0c-f623-458e-ad81-9d0ab5e54433

49 B
509 B

91ms
18ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=92039f0c-f623-458e-ad81-9d0ab5e54433

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 05:41:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 07 Jan 2019 05:41:10 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=92039f0c-f623-458e-ad81-9d0ab5e54433
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1 200
OK match
ad.360yield.com/ 43 B
721 B 12ms
10ms Image
image/gif 52.29.212.156
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=79&external_user_id=90e9bd12-b8f3-40ea-8952-c051fff3fb42
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.212.156 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-212-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 05:41:10 GMT
Server: nginx
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H/1.1

200
OK

gcm
ads.creative-serving.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc
https://ads.creative-serving.com/gcm?google_gid=CAESEAber3-sAulxmm6oAaD_i5w&google_cver=1

43 B
615 B

22ms
22ms

Image
image/gif

104.155.76.175
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/gcm?google_gid=CAESEAber3-sAulxmm6oAaD_i5w&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.76.175 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 175.76.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 05:41:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 07 Jan 2019 05:41:10 GMT
server: HTTP server (unknown)
location: https://ads.creative-serving.com/gcm?google_gid=CAESEAber3-sAulxmm6oAaD_i5w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 290
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK info
uip.semasio.net/platform161/1/ 42 B
579 B 31ms
30ms Image
image/gif 77.66.11.200
NGDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uip.semasio.net/platform161/1/info?sType=sync&sExtCookieId=90e9bd12-b8f3-40ea-8952-c051fff3fb42&sInitiator=external
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 77.66.11.200 , Denmark, ASN16245 (NGDC, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 05:41:10 GMT
Frontend-ID: 1
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin: *
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 42
Routing-Server-ID: 1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 204
No Content usermatch.gif
beacon.krxd.net/ 0
453 B 140ms
30ms Image
text/plain 54.247.82.85
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=platform161&partner_uid=90e9bd12-b8f3-40ea-8952-c051fff3fb42
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.82.85 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-82-85.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 05:41:11 GMT
Cache-Control: private, no-cache, no-store
X-Request-Time: D=86 t=1546839671
Connection: keep-alive
X-Served-By: beacon-n023-dub.krxd.net
P3P: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK rum
dsum-sec.casalemedia.com/ 43 B
942 B 26ms
25ms Image
image/gif 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=172&external_user_id=90e9bd12-b8f3-40ea-8952-c051fff3fb42
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 05:41:10 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 07 Jan 2019 05:41:10 GMT

GET
H2 200 sd
eu-u.openx.net/w/1.0/ 43 B
256 B 19ms
17ms Image
image/gif 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=539091136&val=90e9bd12-b8f3-40ea-8952-c051fff3fb42
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jan 2019 05:41:10 GMT
server: OXGW/16.117.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

2.gif
id5-sync.com/c/101/2/0/
Redirect Chain

https://id5-sync.com/s/101/90e9bd12-b8f3-40ea-8952-c051fff3fb42/1.gif
https://secure.adnxs.com/getuid?https://id5-sync.com/c/101/2/0/2.gif?puid=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F101%2F2%2F0%2F2.gif%3Fpuid%3D%24UID
https://id5-sync.com/c/101/2/0/2.gif?puid=798986433573422149

43 B
1 KB

18ms
18ms

Image
image/gif

54.36.123.231
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id5-sync.com/c/101/2/0/2.gif?puid=798986433573422149
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.123.231 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS: s03.id5-sync.com
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 05:41:10 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
Transfer-Encoding: chunked
P3P: CP="CAO PSA OUR"

Redirect headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 05:41:13 GMT
AN-X-Request-Uuid: 2ccdee61-7527-42ca-b1ea-0b534568b430
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://id5-sync.com/c/101/2/0/2.gif?puid=798986433573422149
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 246.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.166:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=393426&dpuuid=90e9bd12-b8f3-40ea-8952-c051fff3fb42
dpm.demdex.net/ 42 B
769 B 35ms
34ms Image
image/gif 52.16.89.247
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=393426&dpuuid=90e9bd12-b8f3-40ea-8952-c051fff3fb42
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.89.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-16-89-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v013-011a4fc4b.edge-irl1.demdex.com 5.45.0.20181217095029 3ms
Pragma: no-cache
X-TID: XQ+l88TJSNk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p161
match.justpremium.com/match/ 43 B
215 B 132ms
40ms Image
image/gif 52.16.169.117
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/p161?ex_uid=90e9bd12-b8f3-40ea-8952-c051fff3fb42
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.169.117 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-16-169-117.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5F77571B059F524C35BFC514E8A616EC7D%2526tracking%5Fvariable%253D801702268%2526unique%5Ftransaction%5Fid%253D470475%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 07 Jan 2019 05:41:11 GMT
content-length: 43
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mathtag.com/	1970-01-18 22:23:51	Name: mt_misc Value: mt_bt:1
.leovegas.com/	1970-01-19 06:25:11	Name: visid_incap_1837241 Value: WsEYfLtASsysZ6pE7dDnIGrmMlwAAAAAQUIPAAAAAADP40MEUPv7dSRbVi6Q7Dr5
.mathtag.com/	1970-01-19 07:06:34	Name: uuidc Value: 1dHXlMihdGG7CB0pEWaVbEm+1ccATLUSltHxEIBmidCbr41JmwdR46W/cE6r3CohZtsuH/sWxSy9Bvwhsi7eNvDmy4EQmjYtPPmZN94a18c=
.mathtag.com/	1970-01-18 22:23:51	Name: mt_mop Value: 9:1546839661
.adform.net/	1970-01-18 23:07:03	Name: uid Value: -5750631979060554274
.leovegas.com/	1970-01-19 15:11:51	Name: _ga Value: GA1.2.95781711.1546839660
.mathtag.com/	1970-01-19 07:06:34	Name: uuid Value: c2ab5c32-e055-4900-9e7e-b8d614f9a55b
track.adform.net/	1970-01-18 23:07:03	Name: cid Value: -5750631979060554274,0,0,0,0
.leovegas.com/	1970-01-18 21:40:39	Name: _gat_UA-25600410-30 Value: 1
.leovegas.com/	1970-01-19 07:05:08	Name: __qca Value: P0-1496499867-1546839660865
.leovegas.com/	1969-12-31 23:59:59	Name: incap_ses_767_1837241 Value: 4faeX96dhjeO0F0WHO+kCmrmMlwAAAAAzNiiKMq3Pn457pGImyCcSw==
.leovegas.com/	1970-01-18 21:42:06	Name: _gid Value: GA1.2.525148873.1546839660

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 05:40:59 GMT+0000 (Coordinated Universal Time) OPTIMIZELY: Skipping JSON schema validation.
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 05:40:59 GMT+0000 (Coordinated Universal Time) DECISION_SERVICE: Feature feat-countdown is not attached to any experiments.
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 05:40:59 GMT+0000 (Coordinated Universal Time) DECISION_SERVICE: User GA1.2.95781711.1546839660 is not in any experiment on the feature feat-countdown.
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 05:40:59 GMT+0000 (Coordinated Universal Time) DECISION_SERVICE: User GA1.2.95781711.1546839660 does not meet conditions to be in experiment 12254991910.
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 05:40:59 GMT+0000 (Coordinated Universal Time) DECISION_SERVICE: User GA1.2.95781711.1546839660 is not in rollout of feature feat-countdown.
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 05:40:59 GMT+0000 (Coordinated Universal Time) OPTIMIZELY: Feature feat-countdown is not enabled for user GA1.2.95781711.1546839660.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.creative-serving.com
ads.leovegas.com
api.ipdata.co
beacon.krxd.net
cdn.optimizely.com
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
errors.client.optimizely.com
eu-u.openx.net
fitnessnatural.eu
fonts.googleapis.com
fonts.gstatic.com
id5-sync.com
images.ctfassets.net
leo-promo-redirect-service.herokuapp.com
match.justpremium.com
pixel.quantserve.com
promo.leovegas.com
rules.quantcount.com
s.yimg.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
sp.analytics.yahoo.com
static.hotjar.com
sync.go.sonobi.com
track.adform.net
uip.semasio.net
us-u.openx.net
vars.hotjar.com
waybitz.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
104.155.76.175
107.154.248.103
147.75.32.173
147.75.83.1
173.241.240.143
178.162.133.149
18.153.11.2
18.184.40.88
185.227.149.193
188.125.66.33
2.18.234.21
216.58.206.2
2600:9000:200c:ae00:12:94b3:c380:93a1
2600:9000:200c:c000:6:44e3:f8c0:93a1
2a00:1288:7c:800::4001
2a00:1450:4001:808::200a
2a00:1450:4001:819::2008
2a00:1450:4001:81f::2003
2a00:1450:4001:821::200e
2a02:26f0:6c00:183::13b8
2a02:26f0:6c00:19b::13b8
2a03:b0c0:3:d0::d19:7001
35.176.35.233
37.157.4.41
37.252.172.39
52.0.221.2
52.16.169.117
52.16.89.247
52.17.252.251
52.28.139.186
52.29.212.156
54.247.82.85
54.36.123.231
77.66.11.200
91.209.70.15
02920491695411e238e7fbc665cb602f6f314db84721495b6d5c10b452fc9e59
08e42927e76b886ce64a51477622fc7ad9ea89acc9f9c1c18f2130d789020328
0ab3d4ad2b0c990a9de580274dd61f2c4d4369f3b1d81a2ca1def837327bd24f
0c48b773fbf650a8222bc9b7beaaff31923a67e2adc29f42e15ac46c677d85cc
0cbffceeee02084e8fdd49271f763d11f58d87eb1fc3e5d14b1cb30ef75dd552
145f3844ee4625769479e42ed319920f5e1d65350ce8798bf44c899ef0034793
16987eaef0f4c447416e90e00afdd5790d8cef420e9b30cbca79624b6b4e6720
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
178070bb42e889b14f1aaf839aeaa6ca553bd92ebd98c918f4f2f4ebda54f655
21b0443189f0b628070b7b4fae484173a0edb5c031136340a6935b6b9c0eb73b
21bb3c933ccc576c2f6d75e583fbb2bcaac5e37c71ed4644754cdaab692bf74a
273960782964d6c98b7784d94eef99d63d8bf70c80a48a3d77da0c8191989c39
2c4e40525446376e67437bb87b5e547a5113d20ec4281de744b1f17beb18a388
2ede25a0ac2405841be39bb212ab00eb1db622ae8c06a6cbfa1f21cc20a94bf6
3cb39e0ced352a1ba59a392589953e3ad7a1520a6e92fd65b9e676c48ecdad48
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556e09ad66d48078d2ea341eff36e93dafdb56fed15e9d92e052a7cb3910e2e9
56c0991ebc43b18ddb9e50c64d519e535dfb3fc72118d972a4ac6ec697eaca26
5e33f8f81b6ba762ee90e950a44b9d4cc2d581b50862db36dfa2fc7cb1ee1ef5
5ffe45acf226a47230a5c69a51c1675b02ec885015106de4af29eec99961fc0a
617d2a8d89bbdbebbe32227d6a72072658bce3da4a04fc704044e92bff2f9106
6a32e11a4c8e46e4b95553e27f336bc3ff424298cb36b814dd5f8b793a06ce8a
6e1587a49a2d4640c0936ab3c7b63bc37d4186b4033ecefd256bc7c1f982bb9f
73780d51fa5c9aac80a714e7fa9b29b61910ecf2a891987653a05e82c61c6180
7432ef865494c910726e0e9b7f4cd34d33ffd95a0804dfae8695872794a11e87
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a32cf4cbacae0c02bd7047d9cd93b4a95ae9bfde846b27699bd643c0909eed34
a62f202a036f31afbe29957893501fd9788b8b7da68fd937f09a4748c80dfe24
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
a63d3c65ea6fb8f61859c63e4f4b966c2ffaca62733d62064acf7fcc82d0b5e8
a662b48f5c2363b832340eb5288af5df0ac51cdb4231785c0df2e18b335c959f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ade492e71a709b0ae66a7d625ab7114a519ad73726eb8d079510e5af293a8f2b
ae42dac54a6274ba896e594084b86d586253f896f85d6a80cef866e408741095
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14a7f9c486e98dee1363e7fe513bfb4a1f85cccd620aa93f9492c9b1669c70d
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b855baad3ab0ad04962f7f418073e6a433589e52c45c9077e82d0786077e6329
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
bdbdaa27de2d1f6e9650f196686208978a6ea0ab129b3b391af85db099b2a527
c0b1ac7771517e5cb3ad55591c29b1da860791154ce96edc4bcf0242744281ae
c24066879fa26553f7582af14d9c501f95adbf1de83dd1a06ec56a7905fe49ec
c27655230d3d38cff2a504b0286d5d583c4aca4ed6efb6bd5b493a1726f615b8
c6f0594bf4cb64b488de1ff8e21b4cc1e808a8b23ad5cd99bb53df0fd817ca98
ccac1881f0aa30ce6e0b27faca92813dec7f738c9bc477de7f0ff3cd97d80e4d
ce6756a7c10ff1f8be82a1e4e94a18bb8e68c2f19df87df9cb8168c6dda2fd5a
d2a9f484221713647a0c202052e3c5cc9c8e4dba00b00e05e71797c5941461fc
d638522ee69bf4b6b86fe37164570c5cc7952af7eec5d9aceb59954bb0228ffc
d728b708242502dd3038371bdfebd020587b1dea3d1a71b1257ff3a851eaf55a
d87b196a4f37389d20371d3af493fe6eb0982ed0fc4f2f3a7512d785bf51e7c5
db5448c194812ce8efad1c59985d077940ff131ebfba8d0f3232791136589ae2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b74ea28e08ec3cfc168a3d8179d4b528514e6ddd2f87af11797d126e507a6a
ead8fb782159aef821427834daeb3af3b8181704cb5e1f5838ce87c4002d2930
eccce4d3d8f23b6d31ca45a26dc910311dd9425b8667e9f5c5c11a05d791e33d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1aa27217bcc70dcac6d0771b3691f0fb7cad2b3d789c9c5a68ae3343a8f8189
f2902780cf44600bf868dd9ec81ba7862abec95b97cff8651762bf1a8b90dfb8
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559
fae617ff3d9cfb3000f1490e3317dd74dac1869fe5b673db2850e3b5ddcf46ca
fc3aa232da577d5cd0e40070a0cfce5bba8255e505e115c79cd6ab180b5c1e03
fc75587b83043c51f0af11187835a5d60bf4b108dab02a20d1b2ef7a43bc7501
fd5de0cd31374f449cb6a66ebcf87b0d732a9fe3af8fe3dc4c4df1638b24040b

promo.leovegas.com Open in urlscan Pro 2a03:b0c0:3:d0::d19:7001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

29 %IPv6

30 Domains

36 Subdomains

31 IPs

10 Countries

3625 kBTransfer

5049 kBSize

12 Cookies

7 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promo.leovegas.com Open in urlscan Pro
2a03:b0c0:3:d0::d19:7001 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

29 %
IPv6

30
Domains

36
Subdomains

31
IPs

10
Countries

3625 kB
Transfer

5049 kB
Size

12
Cookies

67 HTTP transactions
11 data transactions