urlscan.io logo urlscan.io
SecurityTrails logo

promo.leovegas.com Open in urlscan Pro
2a03:b0c0:3:d0::d24:5001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://radiovisionsubliteratures.online/jp_pills/%E9%9B%BB%E8%BB%8A%E3%81%AB%E4%B9%97%E3%81%A3%E3%81%9F%E4%B8%8A%E3%80%81%E3%83%AD%E3%83...
Effective URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D1731...
Submission: On June 09 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 7 countries across 19 domains to perform 57 HTTP transactions. The main IP is 2a03:b0c0:3:d0::d24:5001, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is promo.leovegas.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 8th 2019. Valid for: 3 months.
This is the only time promo.leovegas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 54.77.241.62 16509 (AMAZON-02)
1 1 107.154.248.103 19551 (INCAPSULA)
1 1 52.17.181.235 16509 (AMAZON-02)
1 10 2a03:b0c0:3:d... 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
21 2600:9000:204... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 147.75.81.98 54825 (PACKET)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 52.58.227.222 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
6 37.157.6.252 198622 (ADFORM)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 147.75.205.49 54825 (PACKET)
1 91.228.74.254 27281 (QUANTCAST)
1 2a00:1288:84:... 203219 (YAHOO-AMA)
1 2600:9000:204... 16509 (AMAZON-02)
1 91.228.74.243 27281 (QUANTCAST)
2 54.87.114.117 14618 (AMAZON-AES)
57 19
1    2606:4700:30::6818:647c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
radiovisionsubliteratures.online
1    54.77.241.62 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-241-62.eu-west-1.compute.amazonaws.com
juumper.com
1    107.154.248.103 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.248.103.ip.incapdns.net
ads.leovegas.com
1    52.17.181.235 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-181-235.eu-west-1.compute.amazonaws.com
leo-promo-redirect-service.herokuapp.com
10    2a03:b0c0:3:d0::d24:5001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
promo.leovegas.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a02:26f0:6c00:181::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cdn.optimizely.com
21    2600:9000:2043:b600:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
images.ctfassets.net
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    147.75.81.98 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-30
static.hotjar.com
vars.hotjar.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    52.58.227.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-227-222.eu-central-1.compute.amazonaws.com
api.ipdata.co
5    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
6    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
track.adform.net
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    147.75.205.49 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-26
script.hotjar.com
1    91.228.74.254 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
1    2a00:1288:84:800::1002 (United Kingdom)

ASN203219 (YAHOO-AMA, NL)
s.yimg.com
1    2600:9000:2043:c600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    91.228.74.243 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
2    54.87.114.117 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-87-114-117.compute-1.amazonaws.com
errors.client.optimizely.com
Domain Requested by
21 images.ctfassets.net promo.leovegas.com
10 promo.leovegas.com 1 redirects radiovisionsubliteratures.online
promo.leovegas.com
6 track.adform.net radiovisionsubliteratures.online
track.adform.net
5 fonts.gstatic.com promo.leovegas.com
2 errors.client.optimizely.com cdn.optimizely.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 pixel.quantserve.com promo.leovegas.com
1 rules.quantcount.com secure.quantserve.com
1 s.yimg.com track.adform.net
1 secure.quantserve.com track.adform.net
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google.de promo.leovegas.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 api.ipdata.co radiovisionsubliteratures.online
1 static.hotjar.com www.googletagmanager.com
1 www.googletagmanager.com promo.leovegas.com
1 cdn.optimizely.com promo.leovegas.com
1 fonts.googleapis.com promo.leovegas.com
1 leo-promo-redirect-service.herokuapp.com 1 redirects
1 ads.leovegas.com 1 redirects
1 juumper.com 1 redirects
1 radiovisionsubliteratures.online
57 24
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-06-05 -
2020-06-04		 a year crt.sh
brand.leovegas.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-05-21 -
2019-08-13		 3 months crt.sh
cdn.optimizely.com
DigiCert ECC Secure Server CA		 2018-11-24 -
2020-02-23		 a year crt.sh
images.contentful.com
Amazon		 2019-04-06 -
2020-05-06		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-21 -
2019-08-13		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh
*.ipdata.co
Amazon		 2018-09-27 -
2019-10-27		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-05-21 -
2019-08-13		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2018-02-02 -
2019-10-02		 2 years crt.sh
www.google.de
Google Internet Authority G3		 2019-05-21 -
2019-08-13		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-06-03 -
2019-07-18		 a month crt.sh
errors.client.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-09-24 -
2020-09-28		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Frame ID: C5C1E8028AA83FCDD4ACE3C91F0E31F5
Requests: 66 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 074D540A2E5FE146B381538B9D147E5C
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=497538&lid=30500322&ctype=0&media=0&PageName=affiliates-sports-lp&rnd=1942393594&cpref=&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2faffiliates-sports%2f%3fqs%3dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630636%252526clickid%25253D17314%252D329861446%252526source%25253D2861%252526subid%25253D%252526pid%25253D3603898%252526bid%25253D13309
Frame ID: F3CFBD59A7845024FAAF0C6EF9127A6D
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=497538&lid=49848318&ctype=0&media=0&PageName=Sc_Ret&rnd=1295155821&cpref=&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2faffiliates-sports%2f%3fqs%3dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630636%252526clickid%25253D17314%252D329861446%252526source%25253D2861%252526subid%25253D%252526pid%25253D3603898%252526bid%25253D13309
Frame ID: 045445DD5961046398DA54C2402BE6BE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://radiovisionsubliteratures.online/jp_pills/%E9%9B%BB%E8%BB%8A%E3%81%AB%E4%B9%97%E3%81%A3%E3%81%9F%E4%B8%8A%E3%... Page URL
  2. http://juumper.com/?a=2861&c=17515&s1=&s2=_gotzha-casino-de-nAcTL-37_ba_t3bNnRP-3LiwdH4BR_e-eiA... HTTP 302
    https://ads.leovegas.com/redirect.aspx?pid=3603898&lpid=506&bid=13309&clickid=17314-329861446&source=... HTTP 301
    http://leo-promo-redirect-service.herokuapp.com/affiliates-sports?btag=658301_F6C203E164FE4CCD92616F14D4630636&clickid=17314... HTTP 301
    https://promo.leovegas.com/affiliates-sports?qs=btag%253D658301_F6C203E164FE4CCD92616F14D4630636%2526cl... HTTP 302
    https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^quantserve$/i
Overall confidence: 100%
Detected patterns
  • env /^YAHOO$/i
Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i

Page Statistics

57
Requests

100 %
HTTPS

57 %
IPv6

19
Domains

24
Subdomains

19
IPs

7
Countries

2206 kB
Transfer

3644 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://radiovisionsubliteratures.online/jp_pills/%E9%9B%BB%E8%BB%8A%E3%81%AB%E4%B9%97%E3%81%A3%E3%81%9F%E4%B8%8A%E3%80%81%E3%83%AD%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3/LOphL8fA2LLt/?step2=1&subid=ba_t3bNnRP-3LiwdH4BR_e-eiAg9wba3_tUITz Page URL
  2. http://juumper.com/?a=2861&c=17515&s1=&s2=_gotzha-casino-de-nAcTL-37_ba_t3bNnRP-3LiwdH4BR_e-eiAg9wba3_tUITz HTTP 302
    https://ads.leovegas.com/redirect.aspx?pid=3603898&lpid=506&bid=13309&clickid=17314-329861446&source=2861&subid= HTTP 301
    http://leo-promo-redirect-service.herokuapp.com/affiliates-sports?btag=658301_F6C203E164FE4CCD92616F14D4630636&clickid=17314-329861446&source=2861&subid=&pid=3603898&bid=13309 HTTP 301
    https://promo.leovegas.com/affiliates-sports?qs=btag%253D658301_F6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314-329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309 HTTP 302
    https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=2040816040&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Faffiliates-sports%2F%3Fqs%3Dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630636%252526clickid%25253D17314%252D329861446%252526source%25253D2861%252526subid%25253D%252526pid%25253D3603898%252526bid%25253D13309&dp=%2Fde%2Faffiliates-sports%2F%3Fqs%3Dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630636%252526clickid%25253D17314%252D329861446%252526source%25253D2861%252526subid%25253D%252526pid%25253D3603898%252526bid%25253D13309&ul=en-us&de=UTF-8&dt=Mobile%20casino%20and%20online%20casino%20-%20Play%20casino%20games%20in%20your%20mobile%20and%20online%20%7C%20LeoVegas%20Casino&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ci=658301&cn=13309&cs=658301&cm=affiliate&_u=YEBAAEAB~&jid=1112494907&gjid=1292121837&cid=19484923.1560121701&tid=UA-25600410-30&_gid=741716310.1560121701&_r=1&gtm=2wg5t2WGS5KD&cd1=658301&cd3=3603898&cd4=leo&cd7=de&cd32=67&z=1943863719 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=19484923.1560121701&jid=1112494907&_gid=741716310.1560121701&gjid=1292121837&_v=j76&z=1943863719 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=19484923.1560121701&jid=1112494907&_v=j76&z=1943863719 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=19484923.1560121701&jid=1112494907&_v=j76&z=1943863719&slf_rd=1&random=1646477834

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
radiovisionsubliteratures.online/jp_pills/%E9%9B%BB%E8%BB%8A%E3%81%AB%E4%B9%97%E3%81%A3%E3%81%9F%E4%B8%8A%E3%80%81%E3%83%AD%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3/LOphL8fA2LLt/ 		11 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://radiovisionsubliteratures.online/jp_pills/%E9%9B%BB%E8%BB%8A%E3%81%AB%E4%B9%97%E3%81%A3%E3%81%9F%E4%B8%8A%E3%80%81%E3%83%AD%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3/LOphL8fA2LLt/?step2=1&subid=ba_t3bNnRP-3LiwdH4BR_e-eiAg9wba3_tUITz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:647c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6714aa4a0087ff8683eeb1b5635c61150df821bdac11a1590a1900844632422

Request headers

:method
GET
:authority
radiovisionsubliteratures.online
:scheme
https
:path
/jp_pills/%E9%9B%BB%E8%BB%8A%E3%81%AB%E4%B9%97%E3%81%A3%E3%81%9F%E4%B8%8A%E3%80%81%E3%83%AD%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3/LOphL8fA2LLt/?step2=1&subid=ba_t3bNnRP-3LiwdH4BR_e-eiAg9wba3_tUITz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 09 Jun 2019 23:08:18 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=db598ebffa51c290142f6b150f77147f21560121698; expires=Mon, 08-Jun-20 23:08:18 GMT; path=/; domain=.radiovisionsubliteratures.online; HttpOnly
vary
Accept-Encoding User-Agent
cache-control
private, max-age=86400, no-transform
referrer-policy
no-referrer
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4e46c449efd8d6b5-FRA
content-encoding
br
Primary Request /
promo.leovegas.com/de/affiliates-sports/
Redirect Chain
  • http://juumper.com/?a=2861&c=17515&s1=&s2=_gotzha-casino-de-nAcTL-37_ba_t3bNnRP-3LiwdH4BR_e-eiAg9wba3_tUITz
  • https://ads.leovegas.com/redirect.aspx?pid=3603898&lpid=506&bid=13309&clickid=17314-329861446&source=2861&subid=
  • http://leo-promo-redirect-service.herokuapp.com/affiliates-sports?btag=658301_F6C203E164FE4CCD92616F14D4630636&clickid=17314-329861446&source=2861&subid=&pid=3603898&bid=13309
  • https://promo.leovegas.com/affiliates-sports?qs=btag%253D658301_F6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314-329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D1...
  • https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526b...
112 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Requested by
Host: radiovisionsubliteratures.online
URL: https://radiovisionsubliteratures.online/jp_pills/%E9%9B%BB%E8%BB%8A%E3%81%AB%E4%B9%97%E3%81%A3%E3%81%9F%E4%B8%8A%E3%80%81%E3%83%AD%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3/LOphL8fA2LLt/?step2=1&subid=ba_t3bNnRP-3LiwdH4BR_e-eiAg9wba3_tUITz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
68fa23cfbed5577268426097c67709d854278bb487b347602f76594b3f66949e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
promo.leovegas.com
:scheme
https
:path
/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
cookie
visid_incap_1837241=uua16wciRM6NZb5iWYVNomKR/VwAAAAAQUIPAAAAAAC36Xynx2knqtyFZejejE3L; incap_ses_1092_1837241=UnD+e92xDU1hDPtYj5AnD2KR/VwAAAAAj3yBw2ILOp0KF7T9IRhboA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
public, max-age=0, must-revalidate
content-type
text/html; charset=UTF-8
date
Sun, 09 Jun 2019 23:08:19 GMT
etag
"1b69e9a06bec513729a3a2b884bff12a-ssl-df"
strict-transport-security
max-age=31536000
content-encoding
gzip
age
0
server
Netlify
vary
Accept-Encoding
x-nf-request-id
6a4e8bd8-6f56-4e30-a556-f489e0abf136-14617545

Redirect headers

status
302
cache-control
public, max-age=0, must-revalidate
content-length
199
content-type
text/plain; charset=utf-8
date
Sun, 09 Jun 2019 23:08:19 GMT
location
/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
age
0
server
Netlify
x-nf-request-id
6a4e8bd8-6f56-4e30-a556-f489e0abf136-14617517
component---src-layouts-index-js-3faf9cb11a3fe3932c88.js
promo.leovegas.com/ 		1 KB
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/component---src-layouts-index-js-3faf9cb11a3fe3932c88.js
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
54953395dac8b47e71618606ef68ac4159638b1cd6d71b1b82b8d0cabeba7c05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
6a4e8bd8-6f56-4e30-a556-f489e0abf136-14617619
date
Sun, 09 Jun 2019 22:11:44 GMT
content-encoding
gzip
server
Netlify
age
3395
etag
"e314fb5b67f72aa012ee4dfc5830bd17-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
625
component---src-templates-sports-index-js-7b01d9c9706bd22dcdbb.js
promo.leovegas.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/component---src-templates-sports-index-js-7b01d9c9706bd22dcdbb.js
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
8980a626ad206f6e863df9fe3b1cc40eca3da4499791f4d380208a0cfd1b0760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
6a4e8bd8-6f56-4e30-a556-f489e0abf136-14617620
date
Sun, 09 Jun 2019 22:14:12 GMT
content-encoding
gzip
server
Netlify
age
3247
etag
"d6da9fdbd2caed560016730a93f71089-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1306
path---de-affiliates-sports-21e29804dea631f95853.js
promo.leovegas.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/path---de-affiliates-sports-21e29804dea631f95853.js
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
082efd3ff44b4804066ce529593ec497eef70d201c9d8eea93dbf567d3e2a523
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
6a4e8bd8-6f56-4e30-a556-f489e0abf136-14617621
date
Sun, 09 Jun 2019 22:15:17 GMT
content-encoding
gzip
server
Netlify
age
3183
etag
"a27205743583d0d839af8c2e48c061e8-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
8772
app-829a3fa056e17eeb952b.js
promo.leovegas.com/ 		88 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/app-829a3fa056e17eeb952b.js
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
b4ad4b1798f605d7e166a5ca5397d618b3fe6d6c461c48856dfcf884193e1407
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
6a4e8bd8-6f56-4e30-a556-f489e0abf136-14617623
date
Sun, 09 Jun 2019 22:11:44 GMT
content-encoding
gzip
server
Netlify
age
3395
etag
"dda6f612252b6b9a2dada03620f5fba7-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
11754
commons-0cc8e558f7595133a5f9.js
promo.leovegas.com/ 		713 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/commons-0cc8e558f7595133a5f9.js
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
981c057e0cfd15c3e5b1853bbf865735c47100f723ac68a18db1e80c7cfceb19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
6a4e8bd8-6f56-4e30-a556-f489e0abf136-14617628
date
Sun, 09 Jun 2019 22:11:44 GMT
content-encoding
gzip
server
Netlify
age
3395
etag
"2d2bdafdf0138327e9901dde2f148f93-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
211139
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
8bb3ebcf4cca106320d0a41f42ef0a791f75518d3f0216d46915f51b73e67091
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 09 Jun 2019 23:08:20 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 09 Jun 2019 23:08:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 09 Jun 2019 23:08:20 GMT
9430800627.js
cdn.optimizely.com/js/ 		273 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/9430800627.js
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
56c0991ebc43b18ddb9e50c64d519e535dfb3fc72118d972a4ac6ec697eaca26
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
_0PF_XYAyGZYJLV3XV7uKaLddi5yyY.o
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
5DC03E6EE43F2DF2
status
200
date
Sun, 09 Jun 2019 23:08:20 GMT
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
x-akamai-ro-ghost-path
2.22.50.190,dlr-not-sent:already-encoded-by-ro
content-length
78413
x-amz-id-2
lk3D80SzBtAyHgcHwSy6ZKsZwcaS1Ic5PsIyARWH5/TbxXFwdexzkTl5Y93uqyUJbQ1ssp85WgU=
last-modified
Thu, 06 Dec 2018 02:12:43 GMT
server
Akamai Resource Optimizer
etag
"2cc84b815246c6031884845a72875975"
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
2651
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
leovegas-casino-logo.367bf0de.svg
promo.leovegas.com/static/ 		12 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.leovegas.com/static/leovegas-casino-logo.367bf0de.svg
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
ce6756a7c10ff1f8be82a1e4e94a18bb8e68c2f19df87df9cb8168c6dda2fd5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
6a4e8bd8-6f56-4e30-a556-f489e0abf136-14617630
date
Sun, 09 Jun 2019 22:11:44 GMT
content-encoding
gzip
server
Netlify
age
3395
etag
"e22766ec110e48144fe3105d28f58b47-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
5532
sofortklarna.png
images.ctfassets.net/kijvoxi4q0zn/2CAIGpcyAQ6UGC2c00EOIw/b4e98e832fe525ce78bfbda0833264e5/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/2CAIGpcyAQ6UGC2c00EOIw/b4e98e832fe525ce78bfbda0833264e5/sofortklarna.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
b14a7f9c486e98dee1363e7fe513bfb4a1f85cccd620aa93f9492c9b1669c70d

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Nov 2018 14:40:32 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
17828869
etag
"594c21590f36927ee691ddb66fa9ba0e"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
5744
x-amz-cf-id
29QXsZ9JiKRZWBAdUrRQNSSn9QUEDbKK1lsAPAq6Cy-roLyykMb8Bg==
visa.png
images.ctfassets.net/kijvoxi4q0zn/3ViLoK5xpS4ewO4S0uCyey/5d6f669d7115ef736e8249079161d49a/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/3ViLoK5xpS4ewO4S0uCyey/5d6f669d7115ef736e8249079161d49a/visa.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
273960782964d6c98b7784d94eef99d63d8bf70c80a48a3d77da0c8191989c39

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Apr 2019 14:42:00 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
4868781
etag
"3564f544731f0c9e221f694ab9a1975e"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
3630
x-amz-cf-id
cqQBiU3kg2TWLVsXFWPetWJVXvrHUDGSVhoY77QfevC6OtQdwKNRHQ==
paysafe.png
images.ctfassets.net/kijvoxi4q0zn/41nin6pA92SG2EO06iaYEO/76548fa568856af2df611d3fdaa5b9a0/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/41nin6pA92SG2EO06iaYEO/76548fa568856af2df611d3fdaa5b9a0/paysafe.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
21bb3c933ccc576c2f6d75e583fbb2bcaac5e37c71ed4644754cdaab692bf74a

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 17 Apr 2019 00:06:25 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
4662116
etag
"62f2a79a770caf4f38e58fd5c4a91f5f"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
2453
x-amz-cf-id
1t9GjT5lL0JQR9gER54k8HsAKY6DnNL9X6PsHyKrRNf0eBVpOal7QQ==
trustly.png
images.ctfassets.net/kijvoxi4q0zn/4ZgGhzEvv2ACeAACUQUWKA/8ef5a9eef0ff01ed2aba14e77ba09db4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/4ZgGhzEvv2ACeAACUQUWKA/8ef5a9eef0ff01ed2aba14e77ba09db4/trustly.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
db5448c194812ce8efad1c59985d077940ff131ebfba8d0f3232791136589ae2

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 10 May 2019 20:57:54 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
2599827
etag
"e6c9bee5471fa317b7298fce8ebe5e5b"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
3157
x-amz-cf-id
YCP7ESR3TUnGog3kHh0OjpD1oSifvdB-GdQ5-ShgnWrKnE9AGGJDLA==
skrill.png
images.ctfassets.net/kijvoxi4q0zn/c9n7WDRBqosmIY4E2ugQa/7c26eb0f1c21cdd89d87720931f56e3d/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/c9n7WDRBqosmIY4E2ugQa/7c26eb0f1c21cdd89d87720931f56e3d/skrill.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
145f3844ee4625769479e42ed319920f5e1d65350ce8798bf44c899ef0034793

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 15:44:56 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
4778605
etag
"b68c991eb7ce56009d8cf05ffccbc54f"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
2476
x-amz-cf-id
7LLrBm1iJGyA92KzJYnv8HsqIiPPbGr2w7vMQcqiLDWQun65-W6WCg==
neteller.png
images.ctfassets.net/kijvoxi4q0zn/5BDClCPzlCK06wcmCgwiIK/809768fb004de199cf7c9e94386691ae/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/5BDClCPzlCK06wcmCgwiIK/809768fb004de199cf7c9e94386691ae/neteller.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
21b0443189f0b628070b7b4fae484173a0edb5c031136340a6935b6b9c0eb73b

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 Mar 2019 22:39:25 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
6395336
etag
"5274c381b9bb26fb04edf7e4aa0cb3bd"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
2893
x-amz-cf-id
1nLJBs1hfLOkXrzyAcXck15yzXVv8j0UugJpOSAusvY4Sq_SkIifHQ==
paypal.png
images.ctfassets.net/kijvoxi4q0zn/5mV9JttLd6KUmokSUsGg0c/2b440f40bc4ae963f4b8bdb8d8a5ad31/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/5mV9JttLd6KUmokSUsGg0c/2b440f40bc4ae963f4b8bdb8d8a5ad31/paypal.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
a662b48f5c2363b832340eb5288af5df0ac51cdb4231785c0df2e18b335c959f

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 19:37:27 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
3036653
etag
"ce7c0914c695d29b08d6e444955b561c"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
3832
x-amz-cf-id
SKblVqpKhxAUc8DxKHnM_cYPXUOEK0lhxgIHzS3l83oRoNEy_yUjRA==
football.8065fdb2.svg
promo.leovegas.com/static/ 		61 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.leovegas.com/static/football.8065fdb2.svg
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
cec401499a3c913bf415641d34c25c13b4d76521e48284adfd476d0935cb3be7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
6a4e8bd8-6f56-4e30-a556-f489e0abf136-14617653
date
Sun, 09 Jun 2019 22:14:12 GMT
content-encoding
gzip
server
Netlify
age
3248
etag
"0474be35cd6ac519aff62ad25b95f200-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
47488
gtm.js
www.googletagmanager.com/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
440ce324a127b30d2ba0ed907ef4158c4ed24ed3c7bc91ef1285079b4e9683ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 09 Jun 2019 23:08:20 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 06:09:29 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24674
x-xss-protection
0
expires
Sun, 09 Jun 2019 23:08:20 GMT
footballBg2.png
images.ctfassets.net/kijvoxi4q0zn/3jUxaQSiCIOWWu2ueKqcSm/98a96ba561becf4409d2e359a54c7b55/ 		761 KB
762 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/3jUxaQSiCIOWWu2ueKqcSm/98a96ba561becf4409d2e359a54c7b55/footballBg2.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
e0f2c9d27596e2ef403b30f1684b75b7925318d55345a2035b8124e40f4244e1

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 May 2019 00:14:45 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
1119215
etag
"cc46ae783ccd27a273b6fd810395e62d"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
779525
x-amz-cf-id
bwueROjXAdQgJO3u0woCj6NLOAZa81WGYCPH9GZrN1LHVpSXZ9iPQw==
tennisFr.png
images.ctfassets.net/kijvoxi4q0zn/t5yrTgC6zYAwkamyagWoI/2ca09627b9b44098981f6cba79755a9d/ 		453 KB
454 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/t5yrTgC6zYAwkamyagWoI/2ca09627b9b44098981f6cba79755a9d/tennisFr.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
72fe6a94d5d3635d71f298797a1777880d33c5e6e7d5af1ffe0771f711c44e6d

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 21 May 2019 18:03:14 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
1659907
etag
"a9d753bae06c9332ca310dc49670f4d3"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
464348
x-amz-cf-id
etPf0xiIwGQ4R3tiWxpH2IN1cWxAnOTbFOHnwwYC4GshgPl45cu6_Q==
mga.png
images.ctfassets.net/kijvoxi4q0zn/2Uc4dcnb0cUSEgUqKeYmk8/5549d2a0745b2483ea3e5fbea1422682/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/2Uc4dcnb0cUSEgUqKeYmk8/5549d2a0745b2483ea3e5fbea1422682/mga.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
2ede25a0ac2405841be39bb212ab00eb1db622ae8c06a6cbfa1f21cc20a94bf6

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 17 Apr 2019 00:09:16 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
4661945
etag
"9f179ffc68cc8efa5a8dc6d543c42f10"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
3665
x-amz-cf-id
owI7gg87evCnL8RK640tWM2z422WW92dlVYiaRStZM0D6_x0TOeJ8A==
gambling-commission.png
images.ctfassets.net/kijvoxi4q0zn/4Nb9hNN54c4S0oiCUa4ESm/c6602fe3b62546091d35592a4273c530/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/4Nb9hNN54c4S0oiCUa4ESm/c6602fe3b62546091d35592a4273c530/gambling-commission.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5ffe45acf226a47230a5c69a51c1675b02ec885015106de4af29eec99961fc0a

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 17 Apr 2019 00:06:25 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
4662116
etag
"19e7e8eaf95d3d620d7824eae5b3ab8b"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
5888
x-amz-cf-id
KgfN3ZjXVktpGD78MynGABQFQBsbz54BLBStqNWk2khfRxehgL1yWw==
license3.png
images.ctfassets.net/kijvoxi4q0zn/1QrpFMgzA4ea8gYcOmus4q/4f46552fd36bb194b222f0b6c252154a/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/1QrpFMgzA4ea8gYcOmus4q/4f46552fd36bb194b222f0b6c252154a/license3.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
a63d3c65ea6fb8f61859c63e4f4b966c2ffaca62733d62064acf7fcc82d0b5e8

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Apr 2019 16:08:20 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
4863600
etag
"0b78d1564ae1add09bba65d11ed32bc7"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
6324
x-amz-cf-id
yX2WaGorsNuFguXCfZOz_R3vhYimSfUA9eicG15hssrFLdCdQpnZIg==
eu.png
images.ctfassets.net/kijvoxi4q0zn/2nPMd5FgoYGmgmQic6QcoK/41fbb4126551a01649fc1c471864cdd8/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/2nPMd5FgoYGmgmQic6QcoK/41fbb4126551a01649fc1c471864cdd8/eu.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
b855baad3ab0ad04962f7f418073e6a433589e52c45c9077e82d0786077e6329

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 17 Apr 2019 00:06:25 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
4662116
etag
"3345ac39791029391aba953adb6c54e8"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
3664
x-amz-cf-id
E6GKuOt3BF687kRz7JpIkTSZFBi26W69aR4i8cal6oMSZSDpNc12pg==
begambleaware.png
images.ctfassets.net/kijvoxi4q0zn/4n5itn9bJeauCqAYGIYEc8/54f339e439f7b365d8a19824aefafbb5/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/4n5itn9bJeauCqAYGIYEc8/54f339e439f7b365d8a19824aefafbb5/begambleaware.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
02920491695411e238e7fbc665cb602f6f314db84721495b6d5c10b452fc9e59

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 21 May 2019 00:46:57 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
1722084
etag
"3c8fe3f2334e33daa00c0aac5ad53975"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
5187
x-amz-cf-id
EYQ0-4ij70m20PGvmnrurBumAKoOGxHLS2w_MGu-9ZZ0neeUYn1h_Q==
gamcare.png
images.ctfassets.net/kijvoxi4q0zn/62kAEz4BsAEqeaCI2ciGss/6e22bf0f1696b261eeddf0a5916cfd40/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/62kAEz4BsAEqeaCI2ciGss/6e22bf0f1696b261eeddf0a5916cfd40/gamcare.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
6e1587a49a2d4640c0936ab3c7b63bc37d4186b4033ecefd256bc7c1f982bb9f

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 17 Apr 2019 00:06:25 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
4662116
etag
"ad6b57b26bbacb687f3603f27855ecc6"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
2783
x-amz-cf-id
NLkwbzyoPQVbVV3_HHm6Aq7v_Ue_ds8nueW_mxUr-QZ-C0h_BeFVng==
ga.png
images.ctfassets.net/kijvoxi4q0zn/59JQfnohhYqM2oI0wgOQoq/26fdfac0b667ea33c73f2145447f5cf1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/59JQfnohhYqM2oI0wgOQoq/26fdfac0b667ea33c73f2145447f5cf1/ga.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0ab3d4ad2b0c990a9de580274dd61f2c4d4369f3b1d81a2ca1def837327bd24f

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 11 May 2019 19:47:03 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
2517678
etag
"52ef383d695dcb79c5a345367acff73e"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
2717
x-amz-cf-id
1nZwVouK8QPzpQtH6AT7snMx3au1rZ4f2ecF7SggbGJrxXAy-Xng8g==
leosafeplay.png
images.ctfassets.net/kijvoxi4q0zn/7o9AdRaiWWyKm2A0qWmi62/94f9d8aa5b81a09b5d64fedadfdf07bb/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/7o9AdRaiWWyKm2A0qWmi62/94f9d8aa5b81a09b5d64fedadfdf07bb/leosafeplay.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
617d2a8d89bbdbebbe32227d6a72072658bce3da4a04fc704044e92bff2f9106

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Apr 2019 16:16:13 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
4863128
etag
"7ebf07cbf623c5893084c393bbc9d588"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
3552
x-amz-cf-id
njIQ0bBGJ1DFTHThGcgJMR4hLVBznfAKMn2RdrbmyuNTRFAXVeBI5Q==
truncated
/ 		458 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aacc0897e48ed590fe77a36dd3f5955190875a49c59e747ba1e52f4cb1ded946

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc3aa232da577d5cd0e40070a0cfce5bba8255e505e115c79cd6ab180b5c1e03

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1aa27217bcc70dcac6d0771b3691f0fb7cad2b3d789c9c5a68ae3343a8f8189

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28b327479fc92c6e4aa23ab63bbe09ba1b2891c8e243d3e67b9d50645a30ff5c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b555cc9812a2ba616ec226aa1aed139c1d14056b5b45912a96d8592ce2b7e9b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a567486c778f6d3e9fb053b295bd0ff042c02038b5751034f8555403b392aa7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		558 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7432ef865494c910726e0e9b7f4cd34d33ffd95a0804dfae8695872794a11e87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
hotjar-150438.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-150438.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.81.98 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-30
Software
openresty /
Resource Hash
9c3e62ebae0f76f01b326ee08854d24cb1b744e364d9e37da3b34c56743fa674
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 09 Jun 2019 23:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
32
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1544
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/d8582d2db59111cba2806d387281c848
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.070
accept-ranges
bytes
section-io-id
0dc04a91a384a3812706a56c5be1835d
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
5745
date
Sun, 09 Jun 2019 21:32:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Sun, 09 Jun 2019 23:32:35 GMT
/
api.ipdata.co/ 		242 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipdata.co/?api-key=f57a5807a806a30fca7a1097e6da2f6be45f127b40dd5b2fd5d1522b
Requested by
Host: radiovisionsubliteratures.online
URL: https://radiovisionsubliteratures.online/jp_pills/%E9%9B%BB%E8%BB%8A%E3%81%AB%E4%B9%97%E3%81%A3%E3%81%9F%E4%B8%8A%E3%80%81%E3%83%AD%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3/LOphL8fA2LLt/?step2=1&subid=ba_t3bNnRP-3LiwdH4BR_e-eiAg9wba3_tUITz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.227.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-227-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c0b1ac7771517e5cb3ad55591c29b1da860791154ce96edc4bcf0242744281ae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Origin
https://promo.leovegas.com

Response headers

date
Sun, 09 Jun 2019 23:08:20 GMT
x-amzn-errortype
AccessDeniedException
x-amzn-requestid
7911ee65-8b0b-11e9-be4f-3bbe0cf5ce4b
status
403
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
bCOnrFGiliAFh0Q=
content-length
242
truncated
/ 		1006 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c4e40525446376e67437bb87b5e547a5113d20ec4281de744b1f17beb18a388

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
footballBg1.png
images.ctfassets.net/kijvoxi4q0zn/X8QEFkL4UUWQOQwAA4Ska/d541cd1580aeac982c85e885bb20f40e/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/X8QEFkL4UUWQOQwAA4Ska/d541cd1580aeac982c85e885bb20f40e/footballBg1.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
9c8d52aff3e79d98e8f33238ea2cd3ff7061b16404711f1a073bf1d0f2430a27

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 13 May 2019 22:30:38 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
2335063
etag
"84bb6b3cfd14b26dd4ab4c06aeaa4114"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
124534
x-amz-cf-id
3Xu2puCb49kAF2BGtghp1YWFCBsBHQn7qF2csR6P3LHB8qqnNfCBSQ==
tennisBg.png
images.ctfassets.net/kijvoxi4q0zn/2ZOPgj03MQssAOwgKgAouc/7401f1ad2ecf6a598f8f30758a8ee990/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/2ZOPgj03MQssAOwgKgAouc/7401f1ad2ecf6a598f8f30758a8ee990/tennisBg.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0ec1e257d8486bd0ea37d51ce6bb81b41e17b1c1b086a8ee59cc564a04987d89

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 01:23:44 GMT
via
1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
3102277
etag
"35f49c3a0a31d22603d78f2fb167dbb8"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
28753
x-amz-cf-id
XbTuWGemXljLGa67f6Jyt_AEJb4Xm7uFwNbR7GH1ab0kcALJmdFuFA==
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e49e887ef32c78d7af28a9a9e956f5d940a234a6128b88674567ecad2437c6a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60cf0d5b11f0aaa2967cffb91d6f600d5aade7c0e5516784c79c76ebcc36677a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin
https://promo.leovegas.com

Response headers

date
Fri, 31 May 2019 19:47:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:58 GMT
server
sffe
age
789654
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11012
x-xss-protection
0
expires
Sat, 30 May 2020 19:47:26 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin
https://promo.leovegas.com

Response headers

date
Sun, 02 Jun 2019 21:32:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
610547
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Mon, 01 Jun 2020 21:32:33 GMT
Roboto-ExtraBlack.625fcf1e.ttf
promo.leovegas.com/static/ 		41 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/static/Roboto-ExtraBlack.625fcf1e.ttf
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d24:5001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
6a32e11a4c8e46e4b95553e27f336bc3ff424298cb36b814dd5f8b793a06ce8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Origin
https://promo.leovegas.com

Response headers

x-nf-request-id
6a4e8bd8-6f56-4e30-a556-f489e0abf136-14617717
date
Sun, 09 Jun 2019 22:11:45 GMT
content-encoding
gzip
server
Netlify
age
3395
etag
"6784df36e1e032fbfb3203203914be4f-ssl-df"
vary
Accept-Encoding
content-type
application/x-font-ttf
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
23107
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin
https://promo.leovegas.com

Response headers

date
Sun, 02 Jun 2019 21:49:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:42 GMT
server
sffe
age
609548
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Mon, 01 Jun 2020 21:49:12 GMT
KFOjCnqEu92Fr1Mu51TLBCc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v19/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOjCnqEu92Fr1Mu51TLBCc6CsTYl4BO.woff2
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c0cef4e89609c1c120413ce18839213409fbb223c214dc75a69e4f678b6385c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin
https://promo.leovegas.com

Response headers

date
Sat, 01 Jun 2019 21:24:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:21 GMT
server
sffe
age
697402
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12652
x-xss-protection
0
expires
Sun, 31 May 2020 21:24:58 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v19/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d630df8a89d2ec3c590c3b036b610c60fda3df53b3a4c81f3a9e5c94a0de5929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin
https://promo.leovegas.com

Response headers

date
Sat, 01 Jun 2019 04:49:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:43 GMT
server
sffe
age
757125
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12688
x-xss-protection
0
expires
Sun, 31 May 2020 04:49:35 GMT
/
track.adform.net/serving/scripts/trackpoint/async/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/scripts/trackpoint/async/
Requested by
Host: radiovisionsubliteratures.online
URL: https://radiovisionsubliteratures.online/jp_pills/%E9%9B%BB%E8%BB%8A%E3%81%AB%E4%B9%97%E3%81%A3%E3%81%9F%E4%B8%8A%E3%80%81%E3%83%AD%E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3/LOphL8fA2LLt/?step2=1&subid=ba_t3bNnRP-3LiwdH4BR_e-eiAg9wba3_tUITz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 09 Jun 2019 23:08:20 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
content-type
text/javascript; charset=utf-8
content-length
30712
expires
Sun, 16 Jun 2019 23:08:20 GMT
truncated
/ 		455 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d96d76e44b7df672f50aafe779bbc6ac17076ebb0f710aa82c90b00aef543de

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=2040816040&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Faffiliates-sports%2F%3Fqs%3Dbtag%25253D658301%255FF6C203E164FE4CC...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=19484923.1560121701&jid=1112494907&_gid=741716310.1560121701&gjid=1292121837&_v=j76&z=1943863719
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=19484923.1560121701&jid=1112494907&_v=j76&z=1943863719
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=19484923.1560121701&jid=1112494907&_v=j76&z=1943863719&slf_rd=1&random=1646477834
42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=19484923.1560121701&jid=1112494907&_v=j76&z=1943863719&slf_rd=1&random=1646477834
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jun 2019 23:08:21 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Jun 2019 23:08:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=19484923.1560121701&jid=1112494907&_v=j76&z=1943863719&slf_rd=1&random=1646477834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LP-popup-StarFestival-CA.jpg
images.ctfassets.net/kijvoxi4q0zn/5I5v0ufdxSgKwIQEiyu0M6/2688c2dbb5c9117e7a4a390fdd760c99/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/5I5v0ufdxSgKwIQEiyu0M6/2688c2dbb5c9117e7a4a390fdd760c99/LP-popup-StarFestival-CA.jpg?w=635&h=210&q=50
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
c53d0f19ba0d7ad843c0e3c33f773de363405f41e3f201c0057c9cd49eed352d

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 11 May 2019 19:47:14 GMT
via
1.1 varnish, 1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
2517666
etag
"3c9ae8123b791a4b05096530a9c8aacb"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
16382
x-amz-cf-id
Fih7O0lJkbRuIAmaUtjdpdmZkhetipx7wqFNbSMUuS_YG28fKn_4zA==
background-de-sport.jpg
images.ctfassets.net/kijvoxi4q0zn/43pWyRTegO2lHING5CQCQY/7909a6011ecebc88b6b9f7da403b7475/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/43pWyRTegO2lHING5CQCQY/7909a6011ecebc88b6b9f7da403b7475/background-de-sport.jpg?w=1920&h=1080&q=50
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:b600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
56e3b023b1099ad4afa51bd4d535bdcd4f9221bd2acee6da751747f14c522445

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 01:18:22 GMT
via
1.1 varnish, 1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront)
server
Contentful Images API
age
3102598
etag
"09b87b0005fea80e9d545a341413f23c"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA54
access-control-allow-origin
*
content-length
95125
x-amz-cf-id
6SpVipmyQhsI2F6T0vyrj4zsiUyKSyR_6U9Vh8nLEkGWYMBCQLwUug==
modules.7bea54effcde4abf81b9.js
script.hotjar.com/ 		423 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.7bea54effcde4abf81b9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-150438.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.205.49 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-26
Software
/
Resource Hash
9dfc624089eb1877ebf5053a2171e94c252c47a30e3140cb7f58047aafc7668f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 09 Jun 2019 23:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Jun 2019 14:38:01 GMT
access-control-allow-origin
*
etag
W/"dc51cd6099cfe0527a70dfbb814e1e72"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.043
section-io-origin-status
200
accept-ranges
bytes
section-io-id
4e815ff1c66998b4c20762712c1201f3
content-length
89958
/
track.adform.net/Serving/TrackPoint/ 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=affiliates-sports-lp&ADFdivider=%7C&ord=571681684260&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Faffiliates-sports%2F%3Fqs%3Dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
ae171664eae0d000d514976661cd657a7fbe3d6489c872a65eb923a6797dd332

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jun 2019 23:08:20 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
8831
expires
-1
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 074D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-150438.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.81.98 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-30
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309

Response headers

status
200
date
Sun, 09 Jun 2019 23:08:21 GMT
content-type
text/html
content-length
967
cache-control
max-age=31536000
last-modified
Tue, 30 Apr 2019 14:57:42 GMT
section-io-origin-status
200
section-io-origin-time-seconds
0.042
etag
W/"90f3a29ef7448451db5af955688970d7"
content-encoding
gzip
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
8b001f899884fb28b3728d5aa8affe52
/
track.adform.net/wpf/v2/.la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/.la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBC2TDf6DTlfTPU8bDdYejftckuyPBDjaY2ftckZZLQ084akJk11XmZ7F4ik.uJtHoqvynx9MsFyxYM914Ve_clrJ5v2.2ilmX6QStHjsTfxGUTlfe2Rc7L1eWNNW5BNlYiJklY5B5Rhj.JNldj1DxqAeL9.gJ0Nc1lF4XVA4.L9.KNc0FAKXV4JhL90ftctDL90ftctDL9.J1pNc0FAKXV4jMk.CBP/serving/trackpoint/?pm=497538&ADFPageName=affiliates-sports-lp&ADFdivider=%7c&ord=571681684260&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2faffiliates-sports%2f%3fqs%3dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630&catdt=0
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
76906e5219c0b07a9e6f42f88e2a30c0f52f50da439f0d1e446f5bb08cd07dd6

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jun 2019 23:08:21 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
1311
expires
-1
/
track.adform.net/serving/container/ Frame F3CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/container/?pm=497538&lid=30500322&ctype=0&media=0&PageName=affiliates-sports-lp&rnd=1942393594&cpref=&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2faffiliates-sports%2f%3fqs%3dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630636%252526clickid%25253D17314%252D329861446%252526source%25253D2861%252526subid%25253D%252526pid%25253D3603898%252526bid%25253D13309
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
track.adform.net
:scheme
https
:path
/serving/container/?pm=497538&lid=30500322&ctype=0&media=0&PageName=affiliates-sports-lp&rnd=1942393594&cpref=&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2faffiliates-sports%2f%3fqs%3dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630636%252526clickid%25253D17314%252D329861446%252526source%25253D2861%252526subid%25253D%252526pid%25253D3603898%252526bid%25253D13309
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
accept-encoding
gzip, deflate, br
cookie
cid=-7901281893036675429,0,0,0,0; uid=-7901281893036675429
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309

Response headers

status
200
server
nginx
date
Sun, 09 Jun 2019 23:08:21 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
content-encoding
gzip
expires
-1
vary
Accept-Encoding
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/wpf/v2/.la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBC2TDf6DTlfTPU8bDdYejftckuyPBDjaY2ftckZZLQ084akJk11XmZ7F4ik.uJtHoqvynx9MsFyxYM914Ve_clrJ5v2.2ilmX6QStHjsTfxGUTlfe2Rc7L1eWNNW5BNlYiJklY5B5Rhj.JNldj1DxqAeL9.gJ0Nc1lF4XVA4.L9.KNc0FAKXV4JhL90ftctDL90ftctDL9.J1pNc0FAKXV4jMk.CBP/serving/trackpoint/?pm=497538&ADFPageName=affiliates-sports-lp&ADFdivider=%7c&ord=571681684260&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2faffiliates-sports%2f%3fqs%3dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630&catdt=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.254 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 09 Jun 2019 23:08:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09-Jun-2019 23:08:21 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Sun, 16 Jun 2019 23:08:21 GMT
ytc.js
s.yimg.com/wi/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/wpf/v2/.la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBC2TDf6DTlfTPU8bDdYejftckuyPBDjaY2ftckZZLQ084akJk11XmZ7F4ik.uJtHoqvynx9MsFyxYM914Ve_clrJ5v2.2ilmX6QStHjsTfxGUTlfe2Rc7L1eWNNW5BNlYiJklY5B5Rhj.JNldj1DxqAeL9.gJ0Nc1lF4XVA4.L9.KNc0FAKXV4JhL90ftctDL90ftctDL9.J1pNc0FAKXV4jMk.CBP/serving/trackpoint/?pm=497538&ADFPageName=affiliates-sports-lp&ADFdivider=%7c&ord=571681684260&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2faffiliates-sports%2f%3fqs%3dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630&catdt=0
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:84:800::1002 , United Kingdom, ASN203219 (YAHOO-AMA, NL),
Reverse DNS
Software
ATS /
Resource Hash
0ec54a58d35ac36a9f5917750661e0addae1fd94087ede2bb0fcb26d781be049
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 09 Jun 2019 22:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
610
x-amz-server-side-encryption
AES256
status
200
content-length
4448
strict-transport-security
max-age=15552000
x-amz-request-id
5EB5DC8FF830364C
x-amz-id-2
63to6o2LRAN3pUO79aft+/OqjVM9wQ0sz565yhrISuLIXsQckNpxgTTiTq2NymxMa+0spRbnB/o=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sun, 05 Jul 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 31 May 2019 22:18:05 GMT
server
ATS
etag
"1d72561a5f66715aa4a2babd0b8987c9-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
x-amz-version-id
Dh6yBlFuV3eUpSuznZOxayGIozmAPxNs
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges
bytes
content-type
application/javascript
/
track.adform.net/Serving/TrackPoint/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=Sc_Ret&ADFdivider=%7C&ord=401126600405&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Faffiliates-sports%2F%3Fqs%3Dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
6d18c35d9a22c03d372d2bc307dbfae9456815b51f8b91b8adfcbc5555a441b0

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jun 2019 23:08:21 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
878
expires
-1
/
track.adform.net/serving/container/ Frame 0454 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/container/?pm=497538&lid=49848318&ctype=0&media=0&PageName=Sc_Ret&rnd=1295155821&cpref=&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2faffiliates-sports%2f%3fqs%3dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630636%252526clickid%25253D17314%252D329861446%252526source%25253D2861%252526subid%25253D%252526pid%25253D3603898%252526bid%25253D13309
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
track.adform.net
:scheme
https
:path
/serving/container/?pm=497538&lid=49848318&ctype=0&media=0&PageName=Sc_Ret&rnd=1295155821&cpref=&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2faffiliates-sports%2f%3fqs%3dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630636%252526clickid%25253D17314%252D329861446%252526source%25253D2861%252526subid%25253D%252526pid%25253D3603898%252526bid%25253D13309
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
accept-encoding
gzip, deflate, br
cookie
cid=-7901281893036675429,0,0,0,0; uid=-7901281893036675429
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309

Response headers

status
200
server
nginx
date
Sun, 09 Jun 2019 23:08:21 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
content-encoding
gzip
expires
-1
vary
Accept-Encoding
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
rules-p-qv3RqfmexMYyL.js
rules.quantcount.com/ 		741 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-qv3RqfmexMYyL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:c600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3cb39e0ced352a1ba59a392589953e3ad7a1520a6e92fd65b9e676c48ecdad48

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 09 Jun 2019 22:39:35 GMT
via
1.1 1d32f672764a20290d04a16248d04c57.cloudfront.net (CloudFront)
last-modified
Tue, 29 May 2018 13:38:10 GMT
server
AmazonS3
age
1729
etag
"8f941d23a1f316fadd6bc7fb6b5233f2"
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA54
accept-ranges
bytes
content-length
741
x-amz-cf-id
xnmh5ircG-8OKbDGWkiM5OoumeHB3WoNYuoDZNJtzIKQEdqOmfVc1g==
pixel;r=1290394148;labels=_fp.event.Homepage;rf=0;a=p-qv3RqfmexMYyL;url=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Faffiliates-sports%2F%3Fqs%3Dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630636%25...
pixel.quantserve.com/ 		35 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1290394148;labels=_fp.event.Homepage;rf=0;a=p-qv3RqfmexMYyL;url=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Faffiliates-sports%2F%3Fqs%3Dbtag%25253D658301%255FF6C203E164FE4CCD92616F14D4630636%252526clickid%25253D17314%252D329861446%252526source%25253D2861%252526subid%25253D%252526pid%25253D3603898%252526bid%25253D13309;fpan=1;fpa=P0-2077750024-1560121701289;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1560121701289;tzo=0;ogl=
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.243 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jun 2019 23:08:21 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
log
errors.client.optimizely.com/ 		13 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9430800627.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.114.117 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-87-114-117.compute-1.amazonaws.com
Software
/
Resource Hash
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method
POST
Origin
https://promo.leovegas.com
Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Sun, 09 Jun 2019 23:08:21 GMT
Allow
POST,OPTIONS
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://promo.leovegas.com
Access-Control-Max-Age
1800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Content-Length
13
log
errors.client.optimizely.com/ 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.114.117 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-87-114-117.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.leovegas.com/de/affiliates-sports/?qs=btag%253D658301%5FF6C203E164FE4CCD92616F14D4630636%2526clickid%253D17314%2D329861446%2526source%253D2861%2526subid%253D%2526pid%253D3603898%2526bid%253D13309
Origin
https://promo.leovegas.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://promo.leovegas.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Sun, 09 Jun 2019 23:08:21 GMT
Content-Type
text/plain

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer object| google_tag_manager undefined| _ function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga string| DATALAYER_OBJECT_NAME function| referrerOverride function| sendCampaignData function| initNewOptimizelyIntegration function| initOptimizelyIntegration object| webpackManifest function| webpackJsonp object| __core-js_shared__ object| core object| ___history object| ___emitter object| asyncRequires object| ___loader function| matchPath function| ___push function| ___replace function| ___navigateTo object| _crypto function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| _adftrack object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| Adform object| KJUR object| adf object| fortyone object| _qevents object| dotq object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf function| quantserve function| __qc object| ezt object| _qoptions

9 Cookies

Domain/Path Name / Value
.adform.net/ Name: uid
Value: -7901281893036675429
.adform.net/ Name: __qca
Value: P0-1308631542-1560121701390
track.adform.net/ Name: cid
Value: -7901281893036675429,0,0,0,0
.leovegas.com/ Name: _gat_UA-25600410-30
Value: 1
.leovegas.com/ Name: __qca
Value: P0-2077750024-1560121701289
.leovegas.com/ Name: _ga
Value: GA1.2.19484923.1560121701
.leovegas.com/ Name: incap_ses_1092_1837241
Value: UnD+e92xDU1hDPtYj5AnD2KR/VwAAAAAj3yBw2ILOp0KF7T9IRhboA==
.leovegas.com/ Name: _gid
Value: GA1.2.741716310.1560121701
.leovegas.com/ Name: visid_incap_1837241
Value: uua16wciRM6NZb5iWYVNomKR/VwAAAAAQUIPAAAAAAC36Xynx2knqtyFZejejE3L

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.leovegas.com
api.ipdata.co
cdn.optimizely.com
errors.client.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
images.ctfassets.net
juumper.com
leo-promo-redirect-service.herokuapp.com
pixel.quantserve.com
promo.leovegas.com
radiovisionsubliteratures.online
rules.quantcount.com
s.yimg.com
script.hotjar.com
secure.quantserve.com
static.hotjar.com
stats.g.doubleclick.net
track.adform.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
107.154.248.103
147.75.205.49
147.75.81.98
2600:9000:2043:b600:12:94b3:c380:93a1
2600:9000:2043:c600:6:44e3:f8c0:93a1
2606:4700:30::6818:647c
2a00:1288:84:800::1002
2a00:1450:4001:809::2003
2a00:1450:4001:814::200e
2a00:1450:4001:817::2003
2a00:1450:4001:818::2008
2a00:1450:4001:820::2004
2a00:1450:4001:821::200a
2a00:1450:400c:c08::9b
2a02:26f0:6c00:181::13b8
2a03:b0c0:3:d0::d24:5001
37.157.6.252
52.17.181.235
52.58.227.222
54.77.241.62
54.87.114.117
91.228.74.243
91.228.74.254
02920491695411e238e7fbc665cb602f6f314db84721495b6d5c10b452fc9e59
082efd3ff44b4804066ce529593ec497eef70d201c9d8eea93dbf567d3e2a523
0ab3d4ad2b0c990a9de580274dd61f2c4d4369f3b1d81a2ca1def837327bd24f
0ec1e257d8486bd0ea37d51ce6bb81b41e17b1c1b086a8ee59cc564a04987d89
0ec54a58d35ac36a9f5917750661e0addae1fd94087ede2bb0fcb26d781be049
145f3844ee4625769479e42ed319920f5e1d65350ce8798bf44c899ef0034793
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
21b0443189f0b628070b7b4fae484173a0edb5c031136340a6935b6b9c0eb73b
21bb3c933ccc576c2f6d75e583fbb2bcaac5e37c71ed4644754cdaab692bf74a
273960782964d6c98b7784d94eef99d63d8bf70c80a48a3d77da0c8191989c39
28b327479fc92c6e4aa23ab63bbe09ba1b2891c8e243d3e67b9d50645a30ff5c
2c4e40525446376e67437bb87b5e547a5113d20ec4281de744b1f17beb18a388
2ede25a0ac2405841be39bb212ab00eb1db622ae8c06a6cbfa1f21cc20a94bf6
3cb39e0ced352a1ba59a392589953e3ad7a1520a6e92fd65b9e676c48ecdad48
3e49e887ef32c78d7af28a9a9e956f5d940a234a6128b88674567ecad2437c6a
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
440ce324a127b30d2ba0ed907ef4158c4ed24ed3c7bc91ef1285079b4e9683ef
54953395dac8b47e71618606ef68ac4159638b1cd6d71b1b82b8d0cabeba7c05
56c0991ebc43b18ddb9e50c64d519e535dfb3fc72118d972a4ac6ec697eaca26
56e3b023b1099ad4afa51bd4d535bdcd4f9221bd2acee6da751747f14c522445
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d96d76e44b7df672f50aafe779bbc6ac17076ebb0f710aa82c90b00aef543de
5ffe45acf226a47230a5c69a51c1675b02ec885015106de4af29eec99961fc0a
60cf0d5b11f0aaa2967cffb91d6f600d5aade7c0e5516784c79c76ebcc36677a
617d2a8d89bbdbebbe32227d6a72072658bce3da4a04fc704044e92bff2f9106
68fa23cfbed5577268426097c67709d854278bb487b347602f76594b3f66949e
6a32e11a4c8e46e4b95553e27f336bc3ff424298cb36b814dd5f8b793a06ce8a
6d18c35d9a22c03d372d2bc307dbfae9456815b51f8b91b8adfcbc5555a441b0
6e1587a49a2d4640c0936ab3c7b63bc37d4186b4033ecefd256bc7c1f982bb9f
72fe6a94d5d3635d71f298797a1777880d33c5e6e7d5af1ffe0771f711c44e6d
7432ef865494c910726e0e9b7f4cd34d33ffd95a0804dfae8695872794a11e87
76906e5219c0b07a9e6f42f88e2a30c0f52f50da439f0d1e446f5bb08cd07dd6
7b555cc9812a2ba616ec226aa1aed139c1d14056b5b45912a96d8592ce2b7e9b
8980a626ad206f6e863df9fe3b1cc40eca3da4499791f4d380208a0cfd1b0760
8bb3ebcf4cca106320d0a41f42ef0a791f75518d3f0216d46915f51b73e67091
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
981c057e0cfd15c3e5b1853bbf865735c47100f723ac68a18db1e80c7cfceb19
9a567486c778f6d3e9fb053b295bd0ff042c02038b5751034f8555403b392aa7
9c3e62ebae0f76f01b326ee08854d24cb1b744e364d9e37da3b34c56743fa674
9c8d52aff3e79d98e8f33238ea2cd3ff7061b16404711f1a073bf1d0f2430a27
9dfc624089eb1877ebf5053a2171e94c252c47a30e3140cb7f58047aafc7668f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
a63d3c65ea6fb8f61859c63e4f4b966c2ffaca62733d62064acf7fcc82d0b5e8
a662b48f5c2363b832340eb5288af5df0ac51cdb4231785c0df2e18b335c959f
aacc0897e48ed590fe77a36dd3f5955190875a49c59e747ba1e52f4cb1ded946
ae171664eae0d000d514976661cd657a7fbe3d6489c872a65eb923a6797dd332
b14a7f9c486e98dee1363e7fe513bfb4a1f85cccd620aa93f9492c9b1669c70d
b4ad4b1798f605d7e166a5ca5397d618b3fe6d6c461c48856dfcf884193e1407
b6714aa4a0087ff8683eeb1b5635c61150df821bdac11a1590a1900844632422
b855baad3ab0ad04962f7f418073e6a433589e52c45c9077e82d0786077e6329
c0b1ac7771517e5cb3ad55591c29b1da860791154ce96edc4bcf0242744281ae
c0cef4e89609c1c120413ce18839213409fbb223c214dc75a69e4f678b6385c7
c53d0f19ba0d7ad843c0e3c33f773de363405f41e3f201c0057c9cd49eed352d
ce6756a7c10ff1f8be82a1e4e94a18bb8e68c2f19df87df9cb8168c6dda2fd5a
cec401499a3c913bf415641d34c25c13b4d76521e48284adfd476d0935cb3be7
d630df8a89d2ec3c590c3b036b610c60fda3df53b3a4c81f3a9e5c94a0de5929
db5448c194812ce8efad1c59985d077940ff131ebfba8d0f3232791136589ae2
e0f2c9d27596e2ef403b30f1684b75b7925318d55345a2035b8124e40f4244e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1aa27217bcc70dcac6d0771b3691f0fb7cad2b3d789c9c5a68ae3343a8f8189
fc3aa232da577d5cd0e40070a0cfce5bba8255e505e115c79cd6ab180b5c1e03