promo.leovegas.com Open in urlscan Pro
2a03:b0c0:3:e0::1b:1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ciniholland.nl/
Effective URL:
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%25...
Submission: On July 24 via api (July 24th 2020, 3:35:08 pm UTC) from US

Summary HTTP 45 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 21 domains to perform 45 HTTP transactions. The main IP is 2a03:b0c0:3:e0::1b:1, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is promo.leovegas.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 17th 2020. Valid for: 3 months.

This is the only time promo.leovegas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3030::ac43:d638	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.104.145.13 172.104.145.13	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	107.154.248.103 107.154.248.103	19551 (INCAPSULA) (INCAPSULA)
1 1	63.33.90.8 63.33.90.8	16509 (AMAZON-02) (AMAZON-02)
1 10	2a03:b0c0:3:e... 2a03:b0c0:3:e0::1b:1	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	143.204.208.70 143.204.208.70	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:214... 2600:9000:214f:8000:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1 5	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
1	107.154.248.168 107.154.248.168	19551 (INCAPSULA) (INCAPSULA)
1	13.35.254.81 13.35.254.81	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	143.204.201.105 143.204.201.105	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:9e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.213.87.164 52.213.87.164	16509 (AMAZON-02) (AMAZON-02)
1	34.251.85.64 34.251.85.64	16509 (AMAZON-02) (AMAZON-02)
1 3	3.127.51.194 3.127.51.194	16509 (AMAZON-02) (AMAZON-02)
6 8	18.158.16.100 18.158.16.100	16509 (AMAZON-02) (AMAZON-02)
4 4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	18.157.195.115 18.157.195.115	16509 (AMAZON-02) (AMAZON-02)
2 3	54.36.109.166 54.36.109.166	16276 (OVH) (OVH)
1 1	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.49.61.185 52.49.61.185	16509 (AMAZON-02) (AMAZON-02)
1	18.195.235.239 18.195.235.239	16509 (AMAZON-02) (AMAZON-02)
45	22

2 2606:4700:3030::ac43:d638 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ciniholland.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.145.13 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

172.104.145.13	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.248.103 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

ads.leovegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.90.8 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

leo-promo-redirect-service.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:b0c0:3:e0::1b:1 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

promo.leovegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.208.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d33wubrfki0l68.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:214f:8000:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.3.30 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.248.168 (United States)

ASN19551 (INCAPSULA, US)

www.leovegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)

videos.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)

tag.widespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:9e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.87.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

engine.widespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.85.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

userbeacon.widespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.127.51.194 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.158.16.100 (United States) 6 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.195.115 (United States)

ASN16509 (AMAZON-02, US)

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.36.109.166 (Germany) 2 redirects

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.52 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.61.185 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.235.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	leovegas.com 2 redirects ads.leovegas.com promo.leovegas.com www.leovegas.com	376 KB
9	ctfassets.net images.ctfassets.net videos.ctfassets.net	6 MB
8	bidswitch.net 6 redirects x.bidswitch.net	3 KB
6	adform.net 1 redirects track.adform.net s2.adform.net	39 KB
5	doubleclick.net 5 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	id5-sync.com 2 redirects id5-sync.com	4 KB
3	creative-serving.com 1 redirects ads.creative-serving.com	2 KB
3	widespace.com tag.widespace.com engine.widespace.com userbeacon.widespace.com	2 KB
3	google-analytics.com 1 redirects www.google-analytics.com	47 KB
3	cloudfront.net d33wubrfki0l68.cloudfront.net	388 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	8 KB
2	ciniholland.nl 2 redirects ciniholland.nl	934 B
1	justpremium.com match.justpremium.com	654 B
1	adnxs.com 1 redirects ib.adnxs.com	740 B
1	adscale.de ih.adscale.de	306 B
1	quantcount.com rules.quantcount.com	1 KB
1	google.de www.google.de	106 B
1	google.com 1 redirects www.google.com	178 B
1	googletagmanager.com www.googletagmanager.com	32 KB
1	herokuapp.com 1 redirects leo-promo-redirect-service.herokuapp.com	294 B
45	21

	Domain	Requested by
10	promo.leovegas.com	1 redirects
8	x.bidswitch.net	6 redirects
8	images.ctfassets.net	promo.leovegas.com
5	track.adform.net	1 redirects s2.adform.net
4	cm.g.doubleclick.net	4 redirects
3	id5-sync.com	2 redirects
3	ads.creative-serving.com	1 redirects
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
3	d33wubrfki0l68.cloudfront.net	promo.leovegas.com
2	dpm.demdex.net	1 redirects
2	ciniholland.nl	2 redirects
1	match.justpremium.com
1	ib.adnxs.com	1 redirects
1	ih.adscale.de
1	userbeacon.widespace.com	promo.leovegas.com
1	engine.widespace.com	promo.leovegas.com
1	pixel.quantserve.com	promo.leovegas.com
1	rules.quantcount.com	secure.quantserve.com
1	tag.widespace.com	track.adform.net
1	secure.quantserve.com	track.adform.net
1	videos.ctfassets.net	promo.leovegas.com
1	www.leovegas.com	d33wubrfki0l68.cloudfront.net
1	s2.adform.net	promo.leovegas.com
1	www.google.de	promo.leovegas.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	promo.leovegas.com
1	leo-promo-redirect-service.herokuapp.com	1 redirects
1	ads.leovegas.com	1 redirects
45	29

This site contains links to these domains. Also see Links.

Domain
www.authorisation.mga.org.mt
secure.gamblingcommission.gov.uk
spillemyndigheden.dk
www.begambleaware.org
www.gamcare.org.uk
www.gamblersanonymous.org
www.leosafeplay.com

Subject Issuer	Validity	Valid
brand.leovegas.com Let's Encrypt Authority X3	`2020-06-17` - `2020-09-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
images.ctfassets.net Amazon	`2020-04-17` - `2021-05-17`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
www.leovegas.com DigiCert SHA2 Extended Validation Server CA	`2020-03-06` - `2022-06-02`	2 years	crt.sh
assets.ctfassets.net Amazon	`2020-04-16` - `2021-05-16`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.widespace.com Go Daddy Secure Certificate Authority - G2	`2019-01-30` - `2021-04-27`	2 years	crt.sh
*.creative-serving.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-27` - `2021-04-02`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adscale.de Amazon	`2020-06-05` - `2021-07-07`	a year	crt.sh
*.id5-sync.com Let's Encrypt Authority X3	`2020-06-30` - `2020-09-28`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
tracking.justpremium.com Amazon	`2019-12-24` - `2021-01-24`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Frame ID: DC577E5574125523FA81BDA4E26A1A80
Requests: 55 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=497538&lid=31340545&ctype=0&media=0&PageName=mc-casino-lp&rnd=1060978153&cpref=&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%3fqs%3dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid
Frame ID: CCE3CF038F92A9F861620932AEE50CC6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ciniholland.nl/ HTTP 301
https://ciniholland.nl/ HTTP 302
http://172.104.145.13:18001/in/casino_de/ HTTP 302
https://ads.leovegas.com/redirect.aspx?pid=3597305&bid=13186 HTTP 301
https://leo-promo-redirect-service.herokuapp.com/mc-casino/?btag=661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE&pid=3597305&bid=13186 HTTP 301
https://promo.leovegas.com/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3... HTTP 301
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%25... Page URL

Detected technologies

Netlify (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Netlify/i

Page Statistics

45
Requests

100 %
HTTPS

34 %
IPv6

21
Domains

29
Subdomains

22
IPs

6
Countries

7024 kB
Transfer

8812 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=EN&company=726b906b-4fe8-4cf9-9294-0a6a8a808d90&details=1

Search URL Search Domain Scan URL

URL: https://secure.gamblingcommission.gov.uk/PublicRegister/Search/Detail/39198

Search URL Search Domain Scan URL

URL: https://spillemyndigheden.dk/

Search URL Search Domain Scan URL

URL: https://www.begambleaware.org/

Search URL Search Domain Scan URL

URL: http://www.gamcare.org.uk/

Search URL Search Domain Scan URL

URL: http://www.gamblersanonymous.org/ga/

Search URL Search Domain Scan URL

URL: https://www.leosafeplay.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ciniholland.nl/ HTTP 301
https://ciniholland.nl/ HTTP 302
http://172.104.145.13:18001/in/casino_de/ HTTP 302
https://ads.leovegas.com/redirect.aspx?pid=3597305&bid=13186 HTTP 301
https://leo-promo-redirect-service.herokuapp.com/mc-casino/?btag=661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE&pid=3597305&bid=13186 HTTP 301
https://promo.leovegas.com/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186 HTTP 301
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=15681587&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid%25253D3597305%252526bid%25253D13186&dp=%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid%25253D3597305%252526bid%25253D13186&ul=en-us&de=UTF-8&dt=Casino%20f%C3%BCr%20Mobilger%C3%A4te%20und%20Online-Casino%20-%20Spielen%20Sie%20Casino-Spiele%20online%20oder%20auf%20Ihrem%20Mobilger%C3%A4t%20%7C%20LeoVegas%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=661767&cn=13186&cs=661767&cm=affiliate&_u=YEBAAEAB~&jid=1536633155&gjid=1639000437&cid=1810316889.1595604886&tid=UA-25600410-30&_gid=1924007900.1595604886&_r=1&gtm=2wg7f0WGS5KD&cd1=661767&cd3=3597305&cd4=leo&cd7=de&cd32=93&cd35=8&z=1814029976 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=1810316889.1595604886&jid=1536633155&_gid=1924007900.1595604886&gjid=1639000437&_v=j83&z=1814029976 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1810316889.1595604886&jid=1536633155&_v=j83&z=1814029976 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1810316889.1595604886&jid=1536633155&_v=j83&z=1814029976&slf_rd=1&random=467490442

Request Chain 30

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 47

https://ads.creative-serving.com/pixel?id=3151410&type=js HTTP 302
https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js

Request Chain 48

https://x.bidswitch.net/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=598 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=598 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=lYNY5ebASGuDPwv1r4R-mw== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEN2dwg-_89q2uO4sKhC1XXI&google_cver=1

Request Chain 49

https://x.bidswitch.net/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=405 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=405 HTTP 302
https://ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=958358e5-e6c0-486b-833f-0bf5af847e9b

Request Chain 50

https://x.bidswitch.net/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=876 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=876 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=lYNY5ebASGuDPwv1r4R-mw== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEN2dwg-_89q2uO4sKhC1XXI&google_cver=1

Request Chain 51

https://id5-sync.com/s/101/da13bb20-9a62-4f7e-bd3b-03b42c4e2cae/1.gif HTTP 302
https://id5-sync.com/c/101/101/1/1.gif?puid=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&gdpr=1&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/101/2/0/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/101/2/0/2.gif?puid=0&gdpr=1&gdpr_consent=

Request Chain 52

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm=&google_sc=&google_tc= HTTP 302
https://ads.creative-serving.com/gcm?google_gid=CAESEA1CHyJX3Cfi2nfAjegK3lk&google_cver=1

45 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
promo.leovegas.com/de/mc-casino/
Redirect Chain

http://ciniholland.nl/
https://ciniholland.nl/
http://172.104.145.13:18001/in/casino_de/
https://ads.leovegas.com/redirect.aspx?pid=3597305&bid=13186
https://leo-promo-redirect-service.herokuapp.com/mc-casino/?btag=661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE&pid=3597305&bid=13186
https://promo.leovegas.com/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186

110 KB
30 KB

333ms
332ms

Document
text/html

2a03:b0c0:3:e0::1b:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::1b:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

301243ca7f2c6b99614f494762e596fe5bb0d82fbff5bc0659f1b2fde25fd491

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: promo.leovegas.com
:scheme: https
:path: /de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3597305%2c%22BID%22%3a13186%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1595604884541)%5c%2f%22%2c%22CookieTag%22%3a%221318635973055320220128C20207241634%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%221750629618%7c1%22%7d%5d; visid_incap_1837241=2/fv64o7SfG8tu61h234UJP/Gl8AAAAAQUIPAAAAAACVjy/hxE8rwqHfbZkilARf; incap_ses_184_1837241=AKTHTVTAFxeqJLKfTrONApP/Gl8AAAAAou2+bUOWzmUrwuqsMxKuJA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: text/html; charset=UTF-8
date: Fri, 24 Jul 2020 15:34:45 GMT
etag: "2af177525ce31a866b444e1f94453262-ssl-df"
link: </webpack-runtime.js>; rel=preload; as=script, </framework.js>; rel=preload; as=script, </app.js>; rel=preload; as=script, </777cf710.js>; rel=preload; as=script, </c364518439500323cedce8212b83dc8324c2b9c2.js>; rel=preload; as=script, </component---src-templates-casino-index-js.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/de/mc-casino/page-data.json>; rel=preload; as=fetch; crossorigin
referrer-policy: same-origin
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-encoding: br
age: 0
server: Netlify
vary: Accept-Encoding
x-nf-request-id: 9ab28d63-6dd4-456b-a5b2-deadad305a1e-17850447

Redirect headers

status: 301
cache-control: public, max-age=0, must-revalidate
content-length: 120
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: text/plain; charset=utf-8
date: Fri, 24 Jul 2020 15:34:45 GMT
location: /de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
age: 1
server: Netlify
x-nf-request-id: 9ab28d63-6dd4-456b-a5b2-deadad305a1e-17850319

GET
H2 200 webpack-runtime.js Show response
promo.leovegas.com/ 3 KB
1 KB 10ms
7ms Script
application/javascript 2a03:b0c0:3:e0::1b:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/webpack-runtime.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::1b:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

4c3e06fcc6026a364704152a93465419926adc16909cfb0ebac9453d114eee96

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 9ab28d63-6dd4-456b-a5b2-deadad305a1e-17850629
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "f5428bb442160e3e8451ea934270ea50-ssl-df"
age: 265
status: 200
strict-transport-security: max-age=31536000
content-length: 1223
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Fri, 24 Jul 2020 15:30:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 framework.js Show response
promo.leovegas.com/ 126 KB
38 KB 26ms
24ms Script
application/javascript 2a03:b0c0:3:e0::1b:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/framework.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::1b:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

11e8a65724727f8d85f6e67b2898ec44667603de266f8852c7fc61380a4ba333

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 9ab28d63-6dd4-456b-a5b2-deadad305a1e-17850630
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "3bc58f1020ec8bffb0981bf22fb8ac42-ssl-df"
age: 265
status: 200
strict-transport-security: max-age=31536000
content-length: 38541
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Fri, 24 Jul 2020 15:30:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 app.js Show response
promo.leovegas.com/ 93 KB
29 KB 31ms
29ms Script
application/javascript 2a03:b0c0:3:e0::1b:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::1b:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

b783b614ffb61bb44fd33d308b589fbb3ab4ad85747fae9d1e4a4e1a5235b1e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 9ab28d63-6dd4-456b-a5b2-deadad305a1e-17850631
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "2315d9b8ed7b382e7d0a224761667e8d-ssl-df"
age: 265
status: 200
strict-transport-security: max-age=31536000
content-length: 29536
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Fri, 24 Jul 2020 15:30:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 777cf710.js Show response
promo.leovegas.com/ 76 KB
26 KB 31ms
29ms Script
application/javascript 2a03:b0c0:3:e0::1b:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/777cf710.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::1b:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

7e9669692a3c8131fd1832f6b332e26e5315d650969a3ef3a5adb6fca49294d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 9ab28d63-6dd4-456b-a5b2-deadad305a1e-17850632
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "b4af12175dd72bff9822c24d9a9d08fe-ssl-df"
age: 265
status: 200
strict-transport-security: max-age=31536000
content-length: 26374
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Fri, 24 Jul 2020 15:30:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 c364518439500323cedce8212b83dc8324c2b9c2.js Show response
promo.leovegas.com/ 780 KB
242 KB 14ms
12ms Script
application/javascript 2a03:b0c0:3:e0::1b:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/c364518439500323cedce8212b83dc8324c2b9c2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::1b:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

a0c6c9b3eab1092b0b993b7af6abd09cb360014fd491fa4d5fd348db21c0b990

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 9ab28d63-6dd4-456b-a5b2-deadad305a1e-17850633
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "892242bc7033b6ca6bdda3be581aa51b-ssl-df"
age: 265
status: 200
strict-transport-security: max-age=31536000
content-length: 247140
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Fri, 24 Jul 2020 15:30:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 component---src-templates-casino-index-js.js Show response
promo.leovegas.com/ 6 KB
2 KB 9ms
8ms Script
application/javascript 2a03:b0c0:3:e0::1b:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/component---src-templates-casino-index-js.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::1b:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

c67f8547ec37c4fa19328d6d8b85bb36a232c9d3c38a132acb7b7e9c0615261b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 9ab28d63-6dd4-456b-a5b2-deadad305a1e-17850634
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "6d7054ad2c1f78f578151be27b95121b-ssl-df"
age: 265
status: 200
strict-transport-security: max-age=31536000
content-length: 2304
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Fri, 24 Jul 2020 15:30:20 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 app-data.json
promo.leovegas.com/page-data/ 50 B
204 B 8ms
6ms Other
application/json 2a03:b0c0:3:e0::1b:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/page-data/app-data.json

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::1b:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

6a68ef60950d7d1ff241af0fd145023ac999f238d775621baa53d6ae7fa69b58

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Origin: https://promo.leovegas.com

Response headers

x-nf-request-id: 9ab28d63-6dd4-456b-a5b2-deadad305a1e-17850635
content-security-policy: frame-ancestors 'self' https://optimize.google.com
x-content-type-options: nosniff
age: 341
status: 200
date: Fri, 24 Jul 2020 15:29:04 GMT
content-length: 50
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "c92dcabdf025188bc445b75a2e57c2f6-ssl"
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 page-data.json
promo.leovegas.com/page-data/de/mc-casino/ 14 KB
6 KB 29ms
28ms Other
application/json 2a03:b0c0:3:e0::1b:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/page-data/de/mc-casino/page-data.json

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:e0::1b:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

63538a58bc76e0ae43710257fdb1220ecddfc87faca028052686d77a89ff5c8f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Origin: https://promo.leovegas.com

Response headers

x-nf-request-id: 9ab28d63-6dd4-456b-a5b2-deadad305a1e-17850636
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
x-content-type-options: nosniff
age: 265
status: 200
vary: Accept-Encoding
content-length: 6347
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Fri, 24 Jul 2020 15:30:21 GMT
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
etag: "96e8a77e6609f428be498529eb4ac133-ssl-df"
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 92 KB
32 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD

Requested by

Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddc3d8369dbb3b49b38fbc8180a4cb9ca8ba32576049589f815e94973e5fc030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 15:34:45 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32265
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jul 2020 15:34:45 GMT

GET
H2 200 leovegas-casino-logo-367bf0deb4e013be3595f5a913451492.svg
d33wubrfki0l68.cloudfront.net/b97e58b8dc4e1fc21cd8ff756380dd9c12c3ba28/b5d8e/static/ 12 KB
6 KB 125ms
36ms Image
image/svg+xml 143.204.208.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/b97e58b8dc4e1fc21cd8ff756380dd9c12c3ba28/b5d8e/static/leovegas-casino-logo-367bf0deb4e013be3595f5a913451492.svg
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Netlify /
Resource Hash: ce6756a7c10ff1f8be82a1e4e94a18bb8e68c2f19df87df9cb8168c6dda2fd5a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: fad96cf2-e177-4c18-ab0e-f079c7443aa5-12729919
date: Mon, 13 Apr 2020 12:47:41 GMT
content-encoding: gzip
age: 8822824
x-cache: Hit from cloudfront
status: 200
content-length: 5532
access-control-allow-origin: *
server: Netlify
etag: 29273d95e679aff422fc1f35bed7a7112f85beac-df
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: GfqtkJEYMKriDNOKFMu0BrNHq9DZIvtio9e81xFWxd-EL5RzFalAow==

GET
H2 200 applepay.png
images.ctfassets.net/kijvoxi4q0zn/5fAzQuERh4KWhLdzerXt8T/0c844bbb38fc0d46d484a70606383036/ 4 KB
4 KB 33ms
15ms Image
image/png 2600:9000:214f:8000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/5fAzQuERh4KWhLdzerXt8T/0c844bbb38fc0d46d484a70606383036/applepay.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:8000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: ff0abbe78f7491c5fcec8a61fc9d0e61c36da4b91826afe60236065b68bcfde0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 09:34:34 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Thu, 03 Oct 2019 07:46:17 GMT
server: Contentful Images API
age: 21827
etag: "f2f94d27e26e6144f3b7aeea4105d9bd"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 3665
x-amz-cf-id: TxSni0EKBKIq4ljW9RAC8n0_hhYsb_-a2451ICJo6DEiVVivRHb7zA==

GET
H2 200 sofortklarna.png
images.ctfassets.net/kijvoxi4q0zn/2CAIGpcyAQ6UGC2c00EOIw/b4e98e832fe525ce78bfbda0833264e5/ 6 KB
6 KB 35ms
17ms Image
image/png 2600:9000:214f:8000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/2CAIGpcyAQ6UGC2c00EOIw/b4e98e832fe525ce78bfbda0833264e5/sofortklarna.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:8000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b14a7f9c486e98dee1363e7fe513bfb4a1f85cccd620aa93f9492c9b1669c70d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:41:58 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Fri, 10 Aug 2018 11:49:14 GMT
server: Contentful Images API
age: 61004
etag: "594c21590f36927ee691ddb66fa9ba0e"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 5744
x-amz-cf-id: rgZvasL-ppWux79XaC7_tafdRkpoZhIhu3HduMczJ0WA7Y25HS0eIw==

GET
H2 200 Trustly_Tuv-2.png
images.ctfassets.net/kijvoxi4q0zn/5sdxGe4ZqUvNnK5ko7izet/0894eec06f86d90ef22617837d8ade22/ 161 KB
161 KB 37ms
19ms Image
image/png 2600:9000:214f:8000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/5sdxGe4ZqUvNnK5ko7izet/0894eec06f86d90ef22617837d8ade22/Trustly_Tuv-2.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:8000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: cb161a4f6a97c9db3ed2aa1816123c5952a4483ddd4a9574f3bdaee2ac8ca090

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 07:13:44 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 15:48:25 GMT
server: Contentful Images API
age: 52885
etag: "762b9457233e21809bbd58d0075e3dc7"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 164793
x-amz-cf-id: TPf0xYi3gi82QF_8xaF9e8RyGzmDduPo_UGp0-rPNyMTlVRIvM7ChQ==

GET
H2 200 paysafe.png
images.ctfassets.net/kijvoxi4q0zn/41nin6pA92SG2EO06iaYEO/76548fa568856af2df611d3fdaa5b9a0/ 2 KB
3 KB 50ms
32ms Image
image/png 2600:9000:214f:8000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/41nin6pA92SG2EO06iaYEO/76548fa568856af2df611d3fdaa5b9a0/paysafe.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:8000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 21bb3c933ccc576c2f6d75e583fbb2bcaac5e37c71ed4644754cdaab692bf74a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 20:39:55 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jul 2018 13:49:34 GMT
server: Contentful Images API
age: 68132
etag: "62f2a79a770caf4f38e58fd5c4a91f5f"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 2453
x-amz-cf-id: FQXB8Pg4JRJOb_HqBe1RtHT_UtwRGT6tbzvdUYKA3W8oDxVKX1SyoA==

GET
H2 200 skrill.png
images.ctfassets.net/kijvoxi4q0zn/c9n7WDRBqosmIY4E2ugQa/7c26eb0f1c21cdd89d87720931f56e3d/ 2 KB
3 KB 50ms
33ms Image
image/png 2600:9000:214f:8000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/c9n7WDRBqosmIY4E2ugQa/7c26eb0f1c21cdd89d87720931f56e3d/skrill.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:8000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 145f3844ee4625769479e42ed319920f5e1d65350ce8798bf44c899ef0034793

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 14:37:10 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jul 2018 13:49:54 GMT
server: Contentful Images API
age: 3607
etag: "b68c991eb7ce56009d8cf05ffccbc54f"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 2476
x-amz-cf-id: gJxsvWggWPLYU2z0fROuv4r3MLARqKa-52JMm7c1LWk4-nHWdXsxMg==

GET
H2 200 neteller.png
images.ctfassets.net/kijvoxi4q0zn/5BDClCPzlCK06wcmCgwiIK/809768fb004de199cf7c9e94386691ae/ 3 KB
3 KB 55ms
38ms Image
image/png 2600:9000:214f:8000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/5BDClCPzlCK06wcmCgwiIK/809768fb004de199cf7c9e94386691ae/neteller.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:8000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 21b0443189f0b628070b7b4fae484173a0edb5c031136340a6935b6b9c0eb73b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 22:56:20 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jul 2018 13:51:38 GMT
server: Contentful Images API
age: 60469
etag: "5274c381b9bb26fb04edf7e4aa0cb3bd"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 2893
x-amz-cf-id: D6gMtQwKbi2cq_HWJMX1cuD-FdUneatTnbrgHty_gVS-dLohUMzomA==

GET
H2 200 muchbetter.png
images.ctfassets.net/kijvoxi4q0zn/6yfaHmr92639QNJORJpNzx/2a484641a584e6a25b5afbdda83fac61/ 8 KB
8 KB 18ms
18ms Image
image/png 2600:9000:214f:8000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/6yfaHmr92639QNJORJpNzx/2a484641a584e6a25b5afbdda83fac61/muchbetter.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:8000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 46a27f94467663b145c20012a640f58cd0167911d9a8330ccc399a205a323e1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 07:32:15 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Thu, 03 Oct 2019 07:45:58 GMT
server: Contentful Images API
age: 85888
etag: "44af0959532af0b396537fa2bbdde90a"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 7950
x-amz-cf-id: fGpu3GQwbboGjRlR7gBcmG9fDGrQuqAaFhCm_awceT6iOmaafoV1oA==

GET
H2 200 aeb2e81dbd6ab80c18349249a82f9c597fc253ae.js Show response
d33wubrfki0l68.cloudfront.net/bundles/ 1 MB
359 KB 136ms
55ms Script
application/javascript 143.204.208.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33wubrfki0l68.cloudfront.net/bundles/aeb2e81dbd6ab80c18349249a82f9c597fc253ae.js
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Netlify /
Resource Hash: 635c54c43835529629ad76ac084f7b8ac8995015f36be5b74f0d460e357d09bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 9ab28d63-6dd4-456b-a5b2-deadad305a1e-17541940
date: Fri, 24 Jul 2020 15:24:23 GMT
content-encoding: gzip
age: 622
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
server: Netlify
etag: 7fe81c8387346481eb220e8bee23cafca1304d46-df
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: c8cI_HEENKDj3Kzb5OSmYrPFCAUMdD9-2idRxL8lO3NmR4bmmyA5Xw==

GET
DATA 200
OK truncated
/ 559 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b977f319e664c19de6479bd20df7182597f529cafad30c106f1392f589312ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccac1881f0aa30ce6e0b27faca92813dec7f738c9bc477de7f0ff3cd97d80e4d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc3aa232da577d5cd0e40070a0cfce5bba8255e505e115c79cd6ab180b5c1e03

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1aa27217bcc70dcac6d0771b3691f0fb7cad2b3d789c9c5a68ae3343a8f8189

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a62f202a036f31afbe29957893501fd9788b8b7da68fd937f09a4748c80dfe24

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 558 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7432ef865494c910726e0e9b7f4cd34d33ffd95a0804dfae8695872794a11e87

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1006 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c4e40525446376e67437bb87b5e547a5113d20ec4281de744b1f17beb18a388

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 593 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ade492e71a709b0ae66a7d625ab7114a519ad73726eb8d079510e5af293a8f2b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 roboto-extrablack-625fcf1eb91d0f28698b2b3308daaa35.ttf
d33wubrfki0l68.cloudfront.net/68636b1eb1091578c44bba8d8aa0444ff12e4b57/903fa/static/ 41 KB
23 KB 122ms
51ms Font
application/font-sfnt 143.204.208.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33wubrfki0l68.cloudfront.net/68636b1eb1091578c44bba8d8aa0444ff12e4b57/903fa/static/roboto-extrablack-625fcf1eb91d0f28698b2b3308daaa35.ttf
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Netlify /
Resource Hash: 6a32e11a4c8e46e4b95553e27f336bc3ff424298cb36b814dd5f8b793a06ce8a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://promo.leovegas.com

Response headers

x-nf-request-id: e0cdcf50-3a16-459e-8809-303726d896b1-14487291
date: Wed, 06 May 2020 07:09:58 GMT
content-encoding: gzip
age: 6855887
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
server: Netlify
etag: bd6759b4b17eff0ab0314764b3928a3b1573f4b4-df
vary: Accept-Encoding
content-type: application/font-sfnt
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: yUpEZn9AsYkC80Js6OVjo1wyreUHxf9vF0HedDJx2t-iyFsNovzpiA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 4746
date: Fri, 24 Jul 2020 14:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 24 Jul 2020 16:15:39 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=15681587&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3B...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=1810316889.1595604886&jid=1536633155&_gid=1924007900.1595604886&gjid=1639000437&_v=j83&z=1814029976
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1810316889.1595604886&jid=1536633155&_v=j83&z=1814029976
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1810316889.1595604886&jid=1536633155&_v=j83&z=1814029976&slf_rd=1&random=467490442

42 B
106 B

17ms
17ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1810316889.1595604886&jid=1536633155&_v=j83&z=1814029976&slf_rd=1&random=467490442

Requested by

Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 15:34:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Jul 2020 15:34:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1810316889.1595604886&jid=1536633155&_v=j83&z=1814029976&slf_rd=1&random=467490442
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

78 KB
28 KB

60ms
19ms

Script
application/x-javascript

37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 49db29c192d6483c1a023d885acfd928678347cdec9c208d7f78a949c9cf3458

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 15:34:46 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 12:14:55 GMT
server: nginx
etag: W/"5f070a3f-13780"
x-cache-status: HIT
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

status: 301
date: Fri, 24 Jul 2020 15:34:46 GMT
server: nginx
location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 set-affiliate-domain-cookie
www.leovegas.com/ 0
0 585ms
434ms Fetch
application/json 107.154.248.168
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leovegas.com/set-affiliate-domain-cookie?btag=661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE&pid=3597305&bid=13186&clickid=undefined&subid=undefined&lobby=casino
Requested by: Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/bundles/aeb2e81dbd6ab80c18349249a82f9c597fc253ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.248.168 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ATCH_-_New_BoD_-_LP_pop_up.png
images.ctfassets.net/kijvoxi4q0zn/3XtQZkFw7Yg4uoQE8uMkoI/e5fd59d70c8e464a255c116cc439aae4/ 191 KB
191 KB 9ms
8ms Image
image/png 2600:9000:214f:8000:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/3XtQZkFw7Yg4uoQE8uMkoI/e5fd59d70c8e464a255c116cc439aae4/ATCH_-_New_BoD_-_LP_pop_up.png?w=635&h=210&q=50
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:8000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: d86df079f0b6629337bd9b94f8ff18a8b9feba0d99f5861b551b8a074174f741

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 01:07:41 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Sun, 14 Jun 2020 11:35:00 GMT
server: Contentful Images API
age: 52362
etag: "001445646bef1dfb3ca9bfb58528304d"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 195184
x-amz-cf-id: cBHpmjgfUcOt3CPRUXi3KxcVD4Q0E6nxhbKpQ1q0VCrSlF3EH024Aw==

GET
H2 206 Desktop_DE_0620.mp4
videos.ctfassets.net/kijvoxi4q0zn/5VRXq5n6w0VDt9AbIgWFEp/0e987a4a9780373015620b64a617eee5/ 6 MB
6 MB 124ms
50ms Media
video/mp4 13.35.254.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos.ctfassets.net/kijvoxi4q0zn/5VRXq5n6w0VDt9AbIgWFEp/0e987a4a9780373015620b64a617eee5/Desktop_DE_0620.mp4
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0442438ad8e1ee4816808781d51ad8092097047b6b472c288269c449f8be97d

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: ahDjpX0aJ0gwDpX4Dc4o8zbHfIqzI0Kd
via: 1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
etag: "f59b3ddf4ecac2cb93dcf6f53dd30050-2"
age: 84427
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 206
x-amz-replication-status: COMPLETED
Content-Length: 5879030
Content-Range: bytes 0-5879029/5879030
last-modified: Fri, 29 May 2020 09:24:12 GMT
server: AmazonS3
date: Thu, 23 Jul 2020 16:11:44 GMT
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: _4fwrMrpZjajfcXxOQmFEirRvGbHeJBgQ-N0TOwweapxICQfKSx5dg==

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 74 KB
29 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NZW9CHB&t=gtm86&cid=1810316889.1595604886&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be05a418e06a8a23ed894b7bdef4d99acbd6e0cd9a38637ea9e2f3851288286f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 15:34:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29384
x-xss-protection: 0
expires: Fri, 24 Jul 2020 15:34:46 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 18 KB
9 KB 21ms
21ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7C&ord=855181112123&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%3Fqs%3Dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

16fe01d3aff38c939e34723a2d7387f0c1a1df6913adcad59448b26940df9b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 15:34:46 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 8868
expires: -1

GET
H2 200 / Show response
track.adform.net/wpf/v2/.ta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRP... 2 KB
2 KB 28ms
28ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/wpf/v2/.ta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kkveara3g9Rk4xf7_OLgiPFMtrs1OeyjaY2FrYelnbgPrabmOneNufuyPBDjaY2ftckuyPBB2SCX0iakJrNk7FxTc3dIRhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtLB.5B0KBHb91Re4JDvnEoWUW0vqCSFQ_01kKJA237lY5BSma5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF1VLf4.90PgJ.huy.7w4/serving/trackpoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7c&ord=855181112123&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%3fqs%3dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid&catdt=0

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6370b6cf319d3812c28979e8ce9c170e282bce73ea58d79680f50fde43e87395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 15:34:46 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1183
expires: -1

GET
H2 200 /
track.adform.net/serving/container/ Frame CCE3 0
0 22ms
22ms Document
text/html 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/container/?pm=497538&lid=31340545&ctype=0&media=0&PageName=mc-casino-lp&rnd=1060978153&cpref=&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%3fqs%3dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: track.adform.net
:scheme: https
:path: /serving/container/?pm=497538&lid=31340545&ctype=0&media=0&PageName=mc-casino-lp&rnd=1060978153&cpref=&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%3fqs%3dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=-4867890442641159065
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Fri, 24 Jul 2020 15:34:46 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 11ms
9ms Script
application/x-javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: track.adform.net
URL: https://track.adform.net/wpf/v2/.ta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kkveara3g9Rk4xf7_OLgiPFMtrs1OeyjaY2FrYelnbgPrabmOneNufuyPBDjaY2ftckuyPBB2SCX0iakJrNk7FxTc3dIRhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtLB.5B0KBHb91Re4JDvnEoWUW0vqCSFQ_01kKJA237lY5BSma5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF1VLf4.90PgJ.huy.7w4/serving/trackpoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7c&ord=855181112123&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%3fqs%3dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid&catdt=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 15:34:46 GMT
content-encoding: gzip
last-modified: Fri, 24-Jul-2020 15:34:46 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Fri, 31 Jul 2020 15:34:46 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 264 B
704 B 22ms
21ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=Sc_Ret&ADFdivider=%7C&ord=437566178683&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%3Fqs%3Dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ee768b1764d4990baa4732858ca2c0da04c9971a3d62e442f7dcf72ffe5fcfa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 15:34:46 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 297
expires: -1

GET
H2 200 tag.js Show response
tag.widespace.com/t/ 698 B
1 KB 417ms
36ms Script
text/javascript 143.204.201.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.widespace.com/t/tag.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/wpf/v2/.ta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kkveara3g9Rk4xf7_OLgiPFMtrs1OeyjaY2FrYelnbgPrabmOneNufuyPBDjaY2ftckuyPBB2SCX0iakJrNk7FxTc3dIRhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtLB.5B0KBHb91Re4JDvnEoWUW0vqCSFQ_01kKJA237lY5BSma5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF1VLf4.90PgJ.huy.7w4/serving/trackpoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7c&ord=855181112123&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%3fqs%3dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid&catdt=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.201.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec5faa3f77c5e7ff0b43a16d8ac93f6c3a6ed1d742479250dab671071d8f9cda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 22 Jul 2020 00:40:03 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified: Thu, 31 Aug 2017 15:17:19 GMT
server: AmazonS3
age: 226649
etag: "ceb450facd0ce4be2b5624bcc5affcba"
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: public, max-age=259200
x-amz-cf-pop: FRA53-C1
content-length: 698
x-amz-cf-id: e79mRtCYeifFII0W7etSJFaeQrxiO6XkthhjHISkm_0slrOnzd9P1Q==

GET
H2 200 rules-p-qv3RqfmexMYyL.js Show response
rules.quantcount.com/ 914 B
1 KB 28ms
10ms Script
application/x-javascript 2600:9000:2057:9e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-qv3RqfmexMYyL.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ab9ed0744611d8f0343da4b94847994eeb56dfe17ea90163e3ffcce0a9ac550

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 24 Jul 2020 15:09:23 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Tue, 15 Oct 2019 08:49:10 GMT
server: AmazonS3
age: 1524
etag: "df68c6cf604f6bb845eaebca281b8631"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 914
x-amz-cf-id: KuGAk4dFIhhUNVfj2wfZFFXzQnXaGirPcfsQhprYbEA5GalWDZBR9g==

GET
H2 200 pixel;r=732065789;labels=_fp.event.Homepage;rf=0;a=p-qv3RqfmexMYyL;url=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%3Fqs%3Dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid%25253D35...
pixel.quantserve.com/ 35 B
372 B 9ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=732065789;labels=_fp.event.Homepage;rf=0;a=p-qv3RqfmexMYyL;url=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%3Fqs%3Dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid%25253D3597305%252526bid%25253D13186;fpan=1;fpa=P0-880724559-1595604886414;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=leovegas.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1595604886414;tzo=-120;ogl=

Requested by

Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 15:34:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200 wid.gif
engine.widespace.com/map/engine/ 45 B
422 B 201ms
49ms Image
image/gif 52.213.87.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engine.widespace.com/map/engine/wid.gif
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.213.87.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 15:34:46 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Content-Length: 45
Vary: Origin
Content-Type: image/gif

GET
H/1.1 200
OK tags
userbeacon.widespace.com/userbeacon/v1/ 37 B
210 B 217ms
50ms Image
image/gif 34.251.85.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://userbeacon.widespace.com/userbeacon/v1/tags?data=%7B%22beaconUUIDs%22%3A%5B%22fb8d87dc-98c4-4c5c-9577-0369828908df%22%5D%7D&v=1595604886786
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino?qs=btag%253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%2526pid%253D3597305%2526bid%253D13186
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.85.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.2 / Undertow 1
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 15:34:47 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: Undertow 1
Content-Length: 37
Content-Type: image/gif

GET
H/1.1

200
OK

pixel Show response
ads.creative-serving.com/ul_cb/
Redirect Chain

https://ads.creative-serving.com/pixel?id=3151410&type=js
https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js

870 B
1 KB

34ms
34ms

Script
text/javascript

3.127.51.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.51.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0f45c97d188f71b28f2d57864655186a90a0d3b24325a550168e3c64a7d8cc86

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 15:34:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 870
Content-Type: text/javascript

Redirect headers

Location: https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js
Date: Fri, 24 Jul 2020 15:34:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

google_sync_status
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=598
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=598
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=lYNY5ebASGuDPwv1r4R-mw==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEN2dwg-_89q2uO4sKhC1XXI&google_cver=1

43 B
212 B

34ms
34ms

Image
image/gif

18.158.16.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEN2dwg-_89q2uO4sKhC1XXI&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.16.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 24 Jul 2020 15:34:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Fri, 24 Jul 2020 15:34:56 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEN2dwg-_89q2uO4sKhC1XXI&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sium
ih.adscale.de/adscale-ih/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=405
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=405
https://ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=958358e5-e6c0-486b-833f-0bf5af847e9b

49 B
306 B

123ms
37ms

Image
image/gif

18.157.195.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=958358e5-e6c0-486b-833f-0bf5af847e9b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.195.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 24 Jul 2020 15:34:56 GMT
server: Apache-Coyote/1.1
content-type: image/gif
content-length: 49
p3p: CP=NOI PSA OUR

Redirect headers

status: 302
date: Fri, 24 Jul 2020 15:34:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=958358e5-e6c0-486b-833f-0bf5af847e9b
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

google_sync_status
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=876
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&ssp=&expires=30&user_group=2&cb=876
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=lYNY5ebASGuDPwv1r4R-mw==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEN2dwg-_89q2uO4sKhC1XXI&google_cver=1

43 B
212 B

33ms
33ms

Image
image/gif

18.158.16.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEN2dwg-_89q2uO4sKhC1XXI&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.16.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 24 Jul 2020 15:34:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Fri, 24 Jul 2020 15:34:56 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEN2dwg-_89q2uO4sKhC1XXI&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

2.gif
id5-sync.com/c/101/2/0/
Redirect Chain

https://id5-sync.com/s/101/da13bb20-9a62-4f7e-bd3b-03b42c4e2cae/1.gif
https://id5-sync.com/c/101/101/1/1.gif?puid=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae&gdpr=1&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/101/2/0/2.gif?puid=$UID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/101/2/0/2.gif?puid=0&gdpr=1&gdpr_consent=

43 B
1 KB

37ms
36ms

Image
image/gif

54.36.109.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/101/2/0/2.gif?puid=0&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.166 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 15:34:56 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Pragma: no-cache
Date: Fri, 24 Jul 2020 15:34:57 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid: f3b5b952-0ae2-4c72-b2a6-73744d95b144
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://id5-sync.com/c/101/2/0/2.gif?puid=0&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae

42 B
915 B

52ms
52ms

Image
image/gif

52.49.61.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.61.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v075-032eea933.edge-irl1.demdex.com 5.74.0.20200706134429 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: /bM76Hq9R+k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: dmgTtzo2SRk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p161
match.justpremium.com/match/ 43 B
654 B 103ms
33ms Image
image/gif 18.195.235.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/p161?ex_uid=da13bb20-9a62-4f7e-bd3b-03b42c4e2cae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.235.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 24 Jul 2020 15:34:56 GMT
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

gcm
ads.creative-serving.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm=&google_sc=&google_tc=
https://ads.creative-serving.com/gcm?google_gid=CAESEA1CHyJX3Cfi2nfAjegK3lk&google_cver=1

43 B
300 B

34ms
33ms

Image
image/gif

3.127.51.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/gcm?google_gid=CAESEA1CHyJX3Cfi2nfAjegK3lk&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.51.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 15:34:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 24 Jul 2020 15:34:56 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.creative-serving.com/gcm?google_gid=CAESEA1CHyJX3Cfi2nfAjegK3lk&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://track.adform.net/wpf/v2/.ta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kkveara3g9Rk4xf7_OLgiPFMtrs1OeyjaY2FrYelnbgPrabmOneNufuyPBDjaY2ftckuyPBB2SCX0iakJrNk7FxTc3dIRhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtLB.5B0KBHb91Re4JDvnEoWUW0vqCSFQ_01kKJA237lY5BSma5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF1VLf4.90PgJ.huy.7w4/serving/trackpoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7c&ord=855181112123&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%3fqs%3dbtag%25253D661767_46EC3DDF1A6E4A309977D4BBE7F3BEEE%252526pid&catdt=0(Line 40) Message:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.creative-serving.com
ads.leovegas.com
ciniholland.nl
cm.g.doubleclick.net
d33wubrfki0l68.cloudfront.net
dpm.demdex.net
engine.widespace.com
ib.adnxs.com
id5-sync.com
ih.adscale.de
images.ctfassets.net
leo-promo-redirect-service.herokuapp.com
match.justpremium.com
pixel.quantserve.com
promo.leovegas.com
rules.quantcount.com
s2.adform.net
secure.quantserve.com
stats.g.doubleclick.net
tag.widespace.com
track.adform.net
userbeacon.widespace.com
videos.ctfassets.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.leovegas.com
x.bidswitch.net
107.154.248.103
107.154.248.168
13.35.254.81
143.204.201.105
143.204.208.70
172.104.145.13
172.217.23.98
18.157.195.115
18.158.16.100
18.195.235.239
185.33.221.52
2600:9000:2057:9e00:6:44e3:f8c0:93a1
2600:9000:214f:8000:12:94b3:c380:93a1
2606:4700:3030::ac43:d638
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:816::200e
2a00:1450:4001:81d::2004
2a00:1450:400c:c00::9b
2a03:b0c0:3:e0::1b:1
3.127.51.194
34.251.85.64
37.157.2.248
37.157.3.30
52.213.87.164
52.49.61.185
54.36.109.166
63.33.90.8
0f45c97d188f71b28f2d57864655186a90a0d3b24325a550168e3c64a7d8cc86
11e8a65724727f8d85f6e67b2898ec44667603de266f8852c7fc61380a4ba333
145f3844ee4625769479e42ed319920f5e1d65350ce8798bf44c899ef0034793
16fe01d3aff38c939e34723a2d7387f0c1a1df6913adcad59448b26940df9b7c
21b0443189f0b628070b7b4fae484173a0edb5c031136340a6935b6b9c0eb73b
21bb3c933ccc576c2f6d75e583fbb2bcaac5e37c71ed4644754cdaab692bf74a
2c4e40525446376e67437bb87b5e547a5113d20ec4281de744b1f17beb18a388
301243ca7f2c6b99614f494762e596fe5bb0d82fbff5bc0659f1b2fde25fd491
3ab9ed0744611d8f0343da4b94847994eeb56dfe17ea90163e3ffcce0a9ac550
46a27f94467663b145c20012a640f58cd0167911d9a8330ccc399a205a323e1d
49db29c192d6483c1a023d885acfd928678347cdec9c208d7f78a949c9cf3458
4c3e06fcc6026a364704152a93465419926adc16909cfb0ebac9453d114eee96
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
63538a58bc76e0ae43710257fdb1220ecddfc87faca028052686d77a89ff5c8f
635c54c43835529629ad76ac084f7b8ac8995015f36be5b74f0d460e357d09bc
6370b6cf319d3812c28979e8ce9c170e282bce73ea58d79680f50fde43e87395
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a32e11a4c8e46e4b95553e27f336bc3ff424298cb36b814dd5f8b793a06ce8a
6a68ef60950d7d1ff241af0fd145023ac999f238d775621baa53d6ae7fa69b58
7432ef865494c910726e0e9b7f4cd34d33ffd95a0804dfae8695872794a11e87
7b977f319e664c19de6479bd20df7182597f529cafad30c106f1392f589312ad
7e9669692a3c8131fd1832f6b332e26e5315d650969a3ef3a5adb6fca49294d6
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a0442438ad8e1ee4816808781d51ad8092097047b6b472c288269c449f8be97d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c6c9b3eab1092b0b993b7af6abd09cb360014fd491fa4d5fd348db21c0b990
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a62f202a036f31afbe29957893501fd9788b8b7da68fd937f09a4748c80dfe24
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ade492e71a709b0ae66a7d625ab7114a519ad73726eb8d079510e5af293a8f2b
b14a7f9c486e98dee1363e7fe513bfb4a1f85cccd620aa93f9492c9b1669c70d
b783b614ffb61bb44fd33d308b589fbb3ab4ad85747fae9d1e4a4e1a5235b1e2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be05a418e06a8a23ed894b7bdef4d99acbd6e0cd9a38637ea9e2f3851288286f
c67f8547ec37c4fa19328d6d8b85bb36a232c9d3c38a132acb7b7e9c0615261b
cb161a4f6a97c9db3ed2aa1816123c5952a4483ddd4a9574f3bdaee2ac8ca090
ccac1881f0aa30ce6e0b27faca92813dec7f738c9bc477de7f0ff3cd97d80e4d
ce6756a7c10ff1f8be82a1e4e94a18bb8e68c2f19df87df9cb8168c6dda2fd5a
d86df079f0b6629337bd9b94f8ff18a8b9feba0d99f5861b551b8a074174f741
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddc3d8369dbb3b49b38fbc8180a4cb9ca8ba32576049589f815e94973e5fc030
ec5faa3f77c5e7ff0b43a16d8ac93f6c3a6ed1d742479250dab671071d8f9cda
ee768b1764d4990baa4732858ca2c0da04c9971a3d62e442f7dcf72ffe5fcfa9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1aa27217bcc70dcac6d0771b3691f0fb7cad2b3d789c9c5a68ae3343a8f8189
fc3aa232da577d5cd0e40070a0cfce5bba8255e505e115c79cd6ab180b5c1e03
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ff0abbe78f7491c5fcec8a61fc9d0e61c36da4b91826afe60236065b68bcfde0

promo.leovegas.com Open in urlscan Pro 2a03:b0c0:3:e0::1b:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

34 %IPv6

21 Domains

29 Subdomains

22 IPs

6 Countries

7024 kBTransfer

8812 kBSize

0 Cookies

7 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

promo.leovegas.com Open in urlscan Pro
2a03:b0c0:3:e0::1b:1 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

34 %
IPv6

21
Domains

29
Subdomains

22
IPs

6
Countries

7024 kB
Transfer

8812 kB
Size

0
Cookies

45 HTTP transactions
11 data transactions