urlscan.io logo urlscan.io
SecurityTrails logo

p7casinostar.com Open in urlscan Pro
172.67.215.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://covid19vacinestudies.com/
Effective URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6Jsu...
Submission Tags: falconsandbox
Submission: On October 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 16 domains to perform 48 HTTP transactions. The main IP is 172.67.215.115, located in United States and belongs to CLOUDFLARENET, US. The main domain is p7casinostar.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2021. Valid for: a year.
This is the only time p7casinostar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 96.126.123.244 63949 (LINODE-AP...)
1 151.101.194.137 54113 (FASTLY)
1 162.247.243.146 13335 (CLOUDFLAR...)
1 2 213.174.155.140 39572 (ADVANCEDH...)
3 172.67.215.115 13335 (CLOUDFLAR...)
20 172.67.222.90 13335 (CLOUDFLAR...)
1 142.250.184.202 15169 (GOOGLE)
2 104.16.19.94 13335 (CLOUDFLAR...)
1 104.21.87.208 13335 (CLOUDFLAR...)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 142.250.184.232 15169 (GOOGLE)
3 172.217.16.142 15169 (GOOGLE)
2 142.250.185.131 15169 (GOOGLE)
1 66.102.1.154 15169 (GOOGLE)
1 142.250.184.228 15169 (GOOGLE)
48 16
2    96.126.123.244 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li372-244.members.linode.com
covid19vacinestudies.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
2    213.174.155.140 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
rqentry.com
3    172.67.215.115 (United States)

ASN13335 (CLOUDFLARENET, US)
p7casinostar.com
20    172.67.222.90 (United States)

ASN13335 (CLOUDFLARENET, US)
www.p7campaign.com
1    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
2    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.21.87.208 (None, )

ASN13335 (CLOUDFLARENET, US)
www.help4casino.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
3    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net
www.google-analytics.com
2    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
1    66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net
stats.g.doubleclick.net
1    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
Domain Requested by
20 www.p7campaign.com p7casinostar.com
www.p7campaign.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 p7casinostar.com rqentry.com
p7casinostar.com
cdnjs.cloudflare.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com p7casinostar.com
2 rqentry.com covid19vacinestudies.com
2 covid19vacinestudies.com covid19vacinestudies.com
1 www.google.com p7casinostar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com p7casinostar.com
1 stackpath.bootstrapcdn.com p7casinostar.com
1 www.help4casino.com p7casinostar.com
1 fonts.googleapis.com p7casinostar.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com covid19vacinestudies.com
0 dev.visualwebsiteoptimizer.com Failed p7casinostar.com
48 16

This site contains links to these domains. Also see Links.

Domain
www.planet7casino.com
Subject Issuer Validity Valid
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-18 -
2022-08-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Frame ID: DE0BA08A9904A0FD32D329AC57BECA97
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Planet 7 - Big wins are waiting

Page URL History Show full URLs

  1. http://covid19vacinestudies.com/ Page URL
  2. http://rqentry.com/api/v1/px?xmlid=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp Page URL
  3. http://rqentry.com/api/v1/pxcheck?impId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp&minfo=eyJjb29r... HTTP 302
    https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Z... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js

Page Statistics

48
Requests

79 %
HTTPS

0 %
IPv6

16
Domains

16
Subdomains

16
IPs

2
Countries

3322 kB
Transfer

3893 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://covid19vacinestudies.com/ Page URL
  2. http://rqentry.com/api/v1/px?xmlid=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp Page URL
  3. http://rqentry.com/api/v1/pxcheck?impId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwiaWZyYW1lIjpmYWxzZSwiZGV2aWNlUGl4ZWxSYXRpbyI6MSwid25kTG9jSHJlZiI6Imh0dHA6Ly9ycWVudHJ5LmNvbS9hcGkvdjEvcHg/eG1saWQ9RmxQTmNXeUdJOFp6dnIxbnB5ZHFOYlVpUzN4NkpzdVoycVZPZnhWcCIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2V9 HTTP 302
    https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
covid19vacinestudies.com/ 		27 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://covid19vacinestudies.com/
Protocol
HTTP/1.1
Server
96.126.123.244 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li372-244.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash
46e01bb709cb0b7ca09ab8ddc0e60418d9571763222261b2bc073c062067ee19

Request headers

Host
covid19vacinestudies.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
openresty/1.13.6.1
Date
Wed, 13 Oct 2021 19:14:29 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Language
Content-Language
de
Content-Encoding
gzip
Cookie set 1
covid19vacinestudies.com/mtm/async/.eJxdjMsOgjAURP-lS6xU40YkfIu5lEu5CX3YltrE-O8W0YXuzpzMzIMtntiFCcYZeBUKFvI4oke_hcmGeDWgsURpEw3HJoEkgyEuA2GopdXrWkp0sXQi5iimqGcOzs0kIZI1Iq9ml_-tnttbd6gbThoUCkg0fvCOv... 		75 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
http://covid19vacinestudies.com/mtm/async/.eJxdjMsOgjAURP-lS6xU40YkfIu5lEu5CX3YltrE-O8W0YXuzpzMzIMtntiFCcYZeBUKFvI4oke_hcmGeDWgsURpEw3HJoEkgyEuA2GopdXrWkp0sXQi5iimqGcOzs0kIZI1Iq9ml_-tnttbd6gbThoUCkg0fvCOvftaZxSvRPWunn8OAimDwx6znMAobFPXn7ZH9nwB9N9LOg:1majht:28R2QoBFC-So2xlHeJ8_xDs8so4/1
Requested by
Host: covid19vacinestudies.com
URL: http://covid19vacinestudies.com/
Protocol
HTTP/1.1
Server
96.126.123.244 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li372-244.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
covid19vacinestudies.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://covid19vacinestudies.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://covid19vacinestudies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:14:31 GMT
Server
openresty/1.13.6.1
Vary
Accept-Language
Content-Language
de
Set-Cookie
mtm_delivered=""; expires=Wed, 13-Oct-2021 20:14:31 GMT; Max-Age=3600; Path=/
Connection
close
Content-Type
text/html; charset=utf-8
Content-Length
75
nr-1211.min.js
js-agent.newrelic.com/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1211.min.js
Requested by
Host: covid19vacinestudies.com
URL: http://covid19vacinestudies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://covid19vacinestudies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R
content-encoding
gzip
etag
"3ad2268e635f4d033b0062f582c5b85a"
x-amz-request-id
AVTH4FS16E8233K7
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12477
x-amz-id-2
2tuSKKHgv0Gnez3uDvObk6hLwQ8iuD9gc7ol0THBhcBhUhhziKcdH9SFph396VEKpqK2bwfbwRs=
x-served-by
cache-hhn4073-HHN
last-modified
Mon, 27 Sep 2021 20:46:50 GMT
server
AmazonS3
x-timer
S1634152470.040326,VS0,VE0
date
Wed, 13 Oct 2021 19:14:30 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13459
0d385ba8a0
bam-cell.nr-data.net/1/ 		49 B
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/0d385ba8a0?a=31561968&v=1211.ba193a8&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXxNUA1c%3D&rst=464&ck=0&ref=http://covid19vacinestudies.com/&ap=2&be=374&fe=421&dc=419&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1634152469585,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:66,%22c%22:66,%22ce%22:193,%22rq%22:193,%22rp%22:341,%22rpe%22:342,%22dl%22:343,%22di%22:419,%22ds%22:419,%22de%22:420,%22dc%22:420,%22l%22:421,%22le%22:425%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1211.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://covid19vacinestudies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:14:30 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVRDwAIXFBUFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoHC1IAWXRMB05WAhtDUgAAAQZVUgBWAlYCUQRVBUBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
69dae429ff6fd6d5-FRA
px
rqentry.com/api/v1/ 		0
0
px
rqentry.com/api/v1/ 		1 KB
845 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rqentry.com/api/v1/px?xmlid=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Requested by
Host: covid19vacinestudies.com
URL: http://covid19vacinestudies.com/
Protocol
HTTP/1.1
Server
213.174.155.140 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f201de549dce10a38df4ae2bcb197daa75806c212083e377f33bf5f2e4cc85e0

Request headers

Host
rqentry.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://covid19vacinestudies.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://covid19vacinestudies.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Wed, 13 Oct 2021 19:14:31 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
ETag
W/"499-9JZhLTM7VOg5STDqOdcGbJy2BIw"
Content-Encoding
gzip
0d385ba8a0
bam-cell.nr-data.net/events/1/ 		0
0
0d385ba8a0
bam-cell.nr-data.net/jserrors/1/ 		0
0
0d385ba8a0
bam-cell.nr-data.net/events/1/ 		0
0
Primary Request /
p7casinostar.com/
Redirect Chain
  • http://rqentry.com/api/v1/pxcheck?impId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaX...
  • https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Requested by
Host: rqentry.com
URL: http://rqentry.com/api/v1/px?xmlid=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.215.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5f203f0e585cbe6d0c6295294dd6af0d91d7daac1d7c6d86b44b3182199c26

Request headers

:method
GET
:authority
p7casinostar.com
:scheme
https
:path
/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://rqentry.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://rqentry.com/api/v1/px?xmlid=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VV2jBamKHKsrgNDQDuqjHFcP6EGOBwe3BfioHYJSK%2B%2Bp8AEuLOOZj1E4rAaulqGRFgY2hU9QNOqWwPqkNwJuF5Y5J%2FxlYNt87ufdHCVhKVDyMpDbWKrqQyuB7vRr6bqeWekQ"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69dae433c9fd4113-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Server
nginx/1.18.0 (Ubuntu)
Date
Wed, 13 Oct 2021 19:14:31 GMT
Content-Type
text/html; charset=utf-8
Content-Length
320
Connection
keep-alive
Access-Control-Allow-Origin
*
Location
https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Vary
Accept
jquery-latest.min.js
www.p7campaign.com/landing/50promos/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/js/jquery-latest.min.js
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"1762a-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CzwAYO4AfMGFiNtSO5npQCCE1H8Ct3bU8rj7aKI5UaqhBV06imU2D9lKS1Bdvejca%2B2wXXXVYL03Zk6EUZOMNwGe2HpTwtZxf%2BMN3BVpxU3GTO1BauIHlLyG3xjZyKaCUsp%2B3M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
69dae4351fc5413e-PRG
expires
Fri, 05 Nov 2021 13:07:54 GMT
slick.css
www.p7campaign.com/landing/50promos/slick/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/slick/slick.css
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"6f0-5cdaeace14000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMwrtOJ42BYEUtBANHsZozl9VE07F1gaMwXrfrsQgMxgQHhSptb%2BAZLHt9Jk8iWUrXLY%2FxM%2BVXcVhR0aNmwNZmhwJbV59mP3E288sfgLrzonvVGMf6k3qV4CLk%2FHE9OoVV2nb7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
69dae4350fc2413e-PRG
expires
Fri, 05 Nov 2021 13:07:54 GMT
slick-theme.css
www.p7campaign.com/landing/50promos/slick/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/slick/slick-theme.css
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"c49-5cdaeace14000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5dvGOopr1%2BU9j8bHbxBgsFU9mpdQ1I3fqFa%2Fd79EudcLUWseJYriGY6dbdBHcG3DcpVFzjKNquyZJEvSXBqKKZp%2Ft1cMkW4kHp2Q6wkvHVY39hSWC5oktaFfsBI4YlusBluba8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
69dae4351fc3413e-PRG
expires
Fri, 05 Nov 2021 13:07:54 GMT
master.css
www.p7campaign.com/landing/50promos/css/ 		136 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/css/master.css
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16d4a7b00597e66d9cdadf2ab472889d5bf3feb5650d92e7d60f17faa853c8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"2216f-5cdaeace14000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIkdGQMo8B0wuEZFzNyGbG8Apwd8YYOr15rxoriZNJfKXsovdwVWzxpp2uwhEZpPx%2FmAdyJBOxSDcYC03o6mgmaOzEIM%2BeUPie60ZRZcbVYg%2FYR7WyoU9tXMNUTKDXmmeoEW3xM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
69dae4351fc4413e-PRG
expires
Fri, 05 Nov 2021 13:07:54 GMT
css
fonts.googleapis.com/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,700,700i,900&display=swap
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
dc86da900c519b90310711875db25146c89c19d2a0cce51f94127298e485a9e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 19:14:31 GMT
server
ESF
date
Wed, 13 Oct 2021 19:14:31 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Wed, 13 Oct 2021 19:14:31 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2652838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27277
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TK6rwKIVQJ9l%2BCxnSda%2BNJMgYS%2FPM56A4y9eQZl1e8AgBWFxSP6%2FtNynUTmvdPOa9aHxXaHvYrN39VVBqw5a8OPhTL5GxSq4iWGW9DVDLbpj4v1wSsCbCq40scdqH%2F%2FM6FwJnGIO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69dae434d9c31776-FRA
expires
Mon, 03 Oct 2022 19:14:31 GMT
jstz.min.js
cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.6/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.6/jstz.min.js
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebcb35563ab0d4a54fd83891e6e3629594237feb45e88ad023d3e329363cf273
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
232473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3385
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ece-2f2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcNw1RnX388ywlhjluw%2BSWcTq76zehsFEBrwCUyr3nUFiCxuPXOKqMwBv8kXh%2BVwmKQxcMWDE1Q4XFaO%2BvzJq7AaB3IIPy43OVobuWyiUfS9y%2Fagnwjw%2FKYelnIOkW68Bci5Khii"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69dae434d9c41776-FRA
expires
Mon, 03 Oct 2022 19:14:31 GMT
logo.svg
www.p7campaign.com/landing/50promos/images/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/logo.svg
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0581ef33673de56f695a329b338c18d854cfbdae351d3e3d5ef089e3d419eb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53725
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"20bf-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9OLJi7T1zZx%2B8OYesRLAQ3ICdKOGINivU8W%2FYxIh7ccaYCyQMQX7hIsXwyzTlypSwCJbtz%2BrXg%2FfZePzZqHef96pTgWF7pjI1c4vy6vTORFW2lVO0FHbjjNc6qk1XLy6Fmxe5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
69dae435ae0d2774-PRG
expires
Thu, 14 Oct 2021 04:19:06 GMT
cash-bandits-3.png
www.p7campaign.com/landing/50promos/images/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/cash-bandits-3.png
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0acc00c676455118b2ceb6f77db9b66785951c549b9f0866f507a657e8390be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40512
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"9e40-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMmtlKdyvzN4KAo47C0TJzAOeGSdBH9TyLfqiwhQCLVjH50BFpOyuObYwAgE3gHDonSJ548P2Qj5A6%2BLbmL1JDFgMpr%2F4xx%2FjEGwrTun6VAUgnirb3eOkFEMQFMnDROua%2F1yy0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae435ae0f2774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
cashbandits3.gif
www.p7campaign.com/landing/50promos/images/ 		915 KB
916 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/cashbandits3.gif
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
968482c9b036325cbac386e91aa57146245de6aeb1b3adcb4d693c043f99326d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
937222
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"e4d06-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7DBdSutmVOFD%2FNDpImmqh5L%2FDZxfqzufPt%2BIh8mEMT%2BMksbZtpVmMsWceAQf9aggLPZEu%2FP5Nl0BHx9iR1zcWdOFrLJBMeCS3dOm9zrt3YCV%2FvFT6BGx%2F8qSrbxY%2FKrRuEK%2F68%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae435ae112774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
diamond-fiesta.png
www.p7campaign.com/landing/50promos/images/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/diamond-fiesta.png
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb9e9b6bcb1fa0273607ab85fa5c4819f5eb87895c656f1d08fd1a5171a31b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
56655
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"dd4f-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzYKeLrKC8JRK2Bw0a28lsqpS5jTnwHsOmF0KYBc8efBbX0qd3xTW1i9QGcTEpRd%2FVKMuQfSaPZBhaHNl829y7P7UWXCGs4JCORapw9nEIjxXUK0jdIK69pTuEZTUjsO2%2BJgCWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae435ae122774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
diamondfiesta.gif
www.p7campaign.com/landing/50promos/images/ 		893 KB
894 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/diamondfiesta.gif
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14bc852ac34d2384221813cd5facff7b97dfe25581186fde7d0537084508b641

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
914792
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"df568-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLfrG9OGFqahooch03RZSbfyRWMVjIbymFmkPcT1kOD7D17%2FoKfyj7RmMJ9YNckn95L6nrUnSMzqvxhQjHWuHFoQNY7Hvboo7z1x1V4eh1gjaK1Wk7cpZdkEFO3HQTMKjRVwcZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae435ae142774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
ic-wins.png
www.p7campaign.com/landing/50promos/images/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/ic-wins.png
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
993866005050291730122ad1c8d4439b48e1923eac017e3ab2539020be9d91d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38024
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"9488-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWxzxhuOVuzfMIQwBaOUtsLN8%2Fg%2FwENHAmgXKQzSuod8TH2upGEj%2FgKIdFBKco9E3jJ56rBNbFNeKFCIyCb8ZQe50Zrp1EG5aSsNBvQCIObDbfNA2AOEduS%2FC%2F5pFNbua215%2B6g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae435be152774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
icwins.gif
www.p7campaign.com/landing/50promos/images/ 		738 KB
738 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/icwins.gif
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d696bf8a573805ae4fa078055fb8f7369fd2a132ab6f51792f585522115782

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
755336
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"b8688-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMX1Cxwg4lA9rWASN9c3FcictmKqukDtnzzw2WzkWMzqdkZhXjJHAAoiVOLUZqtxS8VwLUSccuxMHoYU5zPzBIs4g1d0MiI8fDe7SYFK80aZ9KP0qfviIprpsaqJi3F4EqlRcPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae435be172774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
cash-bandits-3.jpg
www.p7campaign.com/landing/50promos/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/cash-bandits-3.jpg
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e1c0db50c75d197012de74fd3fcd517b1f706bfd3160e7cda13227a690dbb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18119
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"46c7-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z44Y3pp6rh3V7WnVvNDSFN21CdXD427EHp6Zt709Stmf4T2DFeYrMOHW92p2WwpMHbsD2%2BM9Nzl83r9%2F5PqcxZ%2FvL0JSb5PUTtr1Hwxm58hRT7Wr1EC7f7VRPs6TUSg5l9ta0IQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae435be182774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
diamond-fiesta.jpg
www.p7campaign.com/landing/50promos/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/diamond-fiesta.jpg
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0da5a734710c3fd1d63d3a6efcbbef73d8318e96a1700c4b7cc75718fe04c18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24484
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"5fa4-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DM4OtcJIS1x67h08U0PDqt8wrx9YXc4fAle7foItz8xCVpc3AjGnrc1U3ZsgAhI5npTWuxqFSb8wwE4lSD9J6EZ39Zxz%2FXxPxVtQcl5qUHY%2BA7LEKiTAL7c0%2FZu0xDZElXnpgFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae435be1a2774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
ic-wins.jpg
www.p7campaign.com/landing/50promos/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/ic-wins.jpg
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06784c975d99d8278a47b1b312ea757ba52496dc8cef9034f134ffbaa95b834

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19329
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"4b81-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AQ0ued8NdC7mh07XeLSljP%2BHlZpBwEMMXFuSY5AXpIesyyCoSeSHPisF1tqg%2FqLUatSsZeg%2FgFR%2Fu9mCyBqwqfeb8DSVJUbilIvqD5P2ll7WqD9E2f%2BHxXaAYj2eHG5%2BlR8oFI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae435be1c2774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
payment-methods-us.svg
www.help4casino.com/payment-methods/ 		39 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.help4casino.com/payment-methods/payment-methods-us.svg
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.87.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda358cfd9f7f904ef04f12dc41ec94c275bc8cd9cefecea24462b42d4f07d54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21365
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 13 Oct 2021 12:58:49 GMT
server
cloudflare
etag
W/"9a2f-5ce3b85ef5440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zMMcyyXC%2Bxf68SwJITaMQ%2F1DnHPoPRBuFa%2Fsu%2BRlV64hIbPW2M6HvEmg1NytDWh%2F805Njm4fyWacXVXPKgRaOHIF5QfySWsgjPlMC02WWqvSycxbiYnW8DOfMIw51TAMHCAm73R"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
69dae4362f0bf9d2-PRG
expires
Thu, 14 Oct 2021 13:18:27 GMT
close.png
www.p7campaign.com/landing/50promos/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/close.png
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7da654e8fe1bf6902c450e284df241a067416530ba83d1ee6d1e712010133d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1952
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"7a0-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J26foZWJdXLiZgmEW7yj%2FPtQjcBa8zpVzO%2BnnOwP8P1kcLuI6%2BOBdC1x0lVZCO9%2Bfgv1nLQwMdd%2B%2F7yclaHHrs0F63c8iRbCpyO9yOJ95U0X2%2Fujrs7M1bPl%2B5KG3sTFPGivEaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae435be1e2774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://p7casinostar.com/
Origin
https://p7casinostar.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
4081
cdn-cachedat
2021-08-02 21:50:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
07e5cdf58f888e830ac120e1912d693d
cf-ray
69dae4356c6b4dca-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
slick.min.js
www.p7campaign.com/landing/50promos/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/slick/slick.min.js
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"a76f-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXqoyd6gM10csijQ2m2Uzot1AXJqw9INjRZmW3EBAcPni53RlIODeZH%2F29EZn22KlDxOTOK%2B7YXbC4LsXaY9G2%2BPF1EHRALSKVx1HOIkIsULU%2F%2BnFlvDLdcDMbyIRWy5B3M9xH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
69dae4357fdf413e-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
master.js
www.p7campaign.com/landing/50promos/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.p7campaign.com/landing/50promos/js/master.js
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9fc6e799796018389da15bcc8a166a94ef615890a0bb8e611694629331fef2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626796
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"797-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K38jPhCM9%2FrYM9m3yY8B9CKaX5pGI3q8rSd0sGAon0r%2FWjR92z3LUVktPzt75fLRDS7aA3xfnccp1PErbJv2sUd39TBFm%2FVfr6Mjpiw9U41%2BZz1ROk74deXZMnZhfGh2O551cMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
69dae435ae0b2774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
gtm.js
www.googletagmanager.com/ 		115 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNNC8T8
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9644abd53aaf39f743ec9fa9da4c2c7b373515be902aea0f08037f15cbd23a59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43321
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Oct 2021 19:14:32 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		0
0
/
p7casinostar.com/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5f203f0e585cbe6d0c6295294dd6af0d91d7daac1d7c6d86b44b3182199c26

Request headers

:path
/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
p7casinostar.com
referer
https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1OPFF8a6DUH4tverJgbZ8IrvYuep710nqjoK0V%2FV4PXQE%2BNllRrKU2l1vEjbaKgeUVM8ssOQ7Z8sORFXhOmiMViaQ1qqNTa2WBj7ID7AlW0O0zGagQddVRBBSF%2BK0VcRGt9"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
69dae4367d1a410d-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
p7casinostar.com/ 		46 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.215.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2685c17872b8a11ee5aec1963c73d3ae94c3d8714a3a2bba4d2c4bf390b77f0

Request headers

sec-fetch-mode
cors
origin
https://p7casinostar.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
content-length
49
:path
/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
p7casinostar.com
referer
https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 13 Oct 2021 19:14:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9Fe2fEg3%2BTDeSvoRLqp2dC3EBkuX%2BazY7aCTYV1IHa3A%2BQdZNlAw7%2B%2BfXXWrQpvKTPGZKG4%2Bgab6Sde2MdtNT3cexbAin0rgGIjcB9voqWwVBJ%2Bzr9oQl8VttKTg5uhPLPa"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
69dae4367d19410d-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNNC8T8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Sep 2021 21:34:48 GMT
server
Golfe2
age
4406
date
Wed, 13 Oct 2021 18:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Wed, 13 Oct 2021 20:01:06 GMT
js
www.google-analytics.com/gtm/ 		99 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-T6PKRG2&t=gtm4&cid=916681744.1634152472
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Google Tag Manager /
Resource Hash
e31e164916dc38431e35706895d056f887f8c45debb372336815de4e3a05aba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39050
x-xss-protection
0
expires
Wed, 13 Oct 2021 19:14:32 GMT
bg.jpg
www.p7campaign.com/landing/50promos/images/ 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/bg.jpg
Requested by
Host: www.p7campaign.com
URL: https://www.p7campaign.com/landing/50promos/css/master.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa31ade1cee68723f8ce07569d4f18653c93fd96b473f62d46e7613e2f5b30eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.p7campaign.com/landing/50promos/css/master.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
177004
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"2b36c-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z74VSMkYn%2B2%2BB6Inyv69YSJGLxwi1uTF%2FF5V6n9cQeq410mVTblOZpREIPks8Fu57a9cpEDBA3NZvipCAphqspD0jvXEGNW%2FXu6hb%2Bxd4eHS3VF0OuKYijvz2jtRLt4eMuYhYvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae438aef12774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
jackpot.png
www.p7campaign.com/landing/50promos/images/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/jackpot.png
Requested by
Host: www.p7campaign.com
URL: https://www.p7campaign.com/landing/50promos/css/master.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4672303954bbb49c9b9602045a711184abc2062387dc6e1a3c854f969003f04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.p7campaign.com/landing/50promos/css/master.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
626797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
92689
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
"16a11-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BqNHjMQYe3cOLUppk1zg2PSgiUfOxvOZD0N%2FRCoXjQTVD7nPs6pNuOMr9AwTnnuBmSJ5mNJ%2B0sekolMi%2FDD4lAyod%2Be4W6RNNXVbPpNJTOZzhYmebGLbRHU4ggA6La0FLv%2B9Lw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69dae438aef22774-PRG
expires
Fri, 05 Nov 2021 13:07:55 GMT
dollar.svg
www.p7campaign.com/landing/50promos/images/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.p7campaign.com/landing/50promos/images/dollar.svg
Requested by
Host: www.p7campaign.com
URL: https://www.p7campaign.com/landing/50promos/css/master.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8c7437e3f2f2dea0f45b53835d0cdf3c0450e6ef6944b4310b3e02d22a60ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.p7campaign.com/landing/50promos/css/master.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:14:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53725
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 12:56:32 GMT
server
cloudflare
etag
W/"e88-5cdaeace14000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iX6Au7rC9Y%2ByGmKg5QkyCNoLv%2F%2FyvPfsEv%2FOwaXj7HIY4UfD7JUURuJnCGuDSpVtmzH1qz%2Fip4ZYq6GpXISQHtpWjAji04lQ2MCurw%2FgM1ZzmLqL%2FkJU5FuGagD6NUGxNkQlmqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
69dae438aef32774-PRG
expires
Thu, 14 Oct 2021 04:19:07 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,700,700i,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://p7casinostar.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 04:06:08 GMT
x-content-type-options
nosniff
age
140904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Oct 2022 04:06:08 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,700,700i,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://p7casinostar.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 03:54:04 GMT
x-content-type-options
nosniff
age
141628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Oct 2022 03:54:04 GMT
marcopolo.woff
www.p7campaign.com/landing/50promos/fonts/ 		0
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1946587419&t=pageview&_s=1&dl=https%3A%2F%2Fp7casinostar.com%2F%3Fcid%3D%257B%257BclickId%257D%257D%26subid%3D61bf01330ccf8a2c81ab15e27%26clickId%3DFlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp&dr=http%3A%2F%2Frqentry.com%2F&ul=en-us&de=UTF-8&dt=Planet%207%20-%20Big%20wins%20are%20waiting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAC~&jid=1943593670&gjid=884887836&cid=916681744.1634152472&tid=UA-16512093-3&_gid=1327377863.1634152472&_r=1&gtm=2wgab0NNNC8T8&tc=x&z=1242731588
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://p7casinostar.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:14:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://p7casinostar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-16512093-3&cid=916681744.1634152472&jid=1943593670&gjid=884887836&_gid=1327377863.1634152472&_u=aGDACEACRAAAAC~&z=275341998
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://p7casinostar.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Oct 2021 19:14:32 GMT
content-type
text/plain
access-control-allow-origin
https://p7casinostar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-16512093-3&cid=916681744.1634152472&jid=1943593670&_u=aGDACEACRAAAAC~&z=778019605
Requested by
Host: p7casinostar.com
URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p7casinostar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:14:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
marcopolo.woff2
www.p7campaign.com/landing/50promos/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rqentry.com
URL
http://rqentry.com/api/v1/px?xmlid=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Domain
bam-cell.nr-data.net
URL
https://bam-cell.nr-data.net/events/1/0d385ba8a0?a=31561968&v=1211.ba193a8&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXxNUA1c%3D&rst=1792&ck=0&ref=http://covid19vacinestudies.com/
Domain
bam-cell.nr-data.net
URL
https://bam-cell.nr-data.net/jserrors/1/0d385ba8a0?a=31561968&v=1211.ba193a8&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXxNUA1c%3D&rst=1793&ck=0&ref=http://covid19vacinestudies.com/
Domain
bam-cell.nr-data.net
URL
https://bam-cell.nr-data.net/events/1/0d385ba8a0?a=31561968&v=1211.ba193a8&to=NlVXNhBWW0IEAEENXQ8fcxcMVEFYCg0aEEAAVlMLAVpaRQoRGwVCEUMbFAtEXEU6EVoRRgRCGxQLUkJCXxNUA1c%3D&rst=1794&ck=0&ref=http://covid19vacinestudies.com/
Domain
dev.visualwebsiteoptimizer.com
URL
http://dev.visualwebsiteoptimizer.com/j.php?a=278486&u=https%3A%2F%2Fp7casinostar.com%2F%3Fcid%3D%257B%257BclickId%257D%257D%26subid%3D61bf01330ccf8a2c81ab15e27%26clickId%3DFlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp&r=0.22909040141099424
Domain
www.p7campaign.com
URL
https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff
Domain
www.p7campaign.com
URL
https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff2

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| dataLayer function| $ function| jQuery object| _vwo_code number| settings_timer number| _vwo_settings_timer object| jstz object| bootstrap function| copyToClipboard number| ValueJackpot object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| google_optimize object| x string| x1 string| x2

4 Cookies

Domain/Path Name / Value
covid19vacinestudies.com/ Name: mtm_delivered
Value: ""
.p7casinostar.com/ Name: _ga
Value: GA1.2.916681744.1634152472
.p7casinostar.com/ Name: _gid
Value: GA1.2.1327377863.1634152472
.p7casinostar.com/ Name: _gat_UA-16512093-3
Value: 1

5 Console Messages

Source Level URL
Text
security error URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp(Line 34)
Message:
Mixed Content: The page at 'https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp' was loaded over HTTPS, but requested an insecure script 'http://dev.visualwebsiteoptimizer.com/j.php?a=278486&u=https%3A%2F%2Fp7casinostar.com%2F%3Fcid%3D%257B%257BclickId%257D%257D%26subid%3D61bf01330ccf8a2c81ab15e27%26clickId%3DFlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp&r=0.22909040141099424'. This request has been blocked; the content must be served over HTTPS.
javascript error URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Message:
Access to font at 'https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff' from origin 'https://p7casinostar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://p7casinostar.com/?cid=%7B%7BclickId%7D%7D&subid=61bf01330ccf8a2c81ab15e27&clickId=FlPNcWyGI8Zzvr1npydqNbUiS3x6JsuZ2qVOfxVp
Message:
Access to font at 'https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff2' from origin 'https://p7casinostar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.p7campaign.com/landing/50promos/fonts/marcopolo.woff2
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
cdnjs.cloudflare.com
covid19vacinestudies.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
p7casinostar.com
rqentry.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.help4casino.com
www.p7campaign.com
bam-cell.nr-data.net
dev.visualwebsiteoptimizer.com
rqentry.com
www.p7campaign.com
104.16.19.94
104.18.10.207
104.21.87.208
142.250.184.202
142.250.184.228
142.250.184.232
142.250.185.131
151.101.194.137
162.247.243.146
172.217.16.142
172.67.215.115
172.67.222.90
213.174.155.140
66.102.1.154
96.126.123.244
01d696bf8a573805ae4fa078055fb8f7369fd2a132ab6f51792f585522115782
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
14bc852ac34d2384221813cd5facff7b97dfe25581186fde7d0537084508b641
46e01bb709cb0b7ca09ab8ddc0e60418d9571763222261b2bc073c062067ee19
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b
4e5f203f0e585cbe6d0c6295294dd6af0d91d7daac1d7c6d86b44b3182199c26
4fb9e9b6bcb1fa0273607ab85fa5c4819f5eb87895c656f1d08fd1a5171a31b2
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9644abd53aaf39f743ec9fa9da4c2c7b373515be902aea0f08037f15cbd23a59
968482c9b036325cbac386e91aa57146245de6aeb1b3adcb4d693c043f99326d
993866005050291730122ad1c8d4439b48e1923eac017e3ab2539020be9d91d7
aa31ade1cee68723f8ce07569d4f18653c93fd96b473f62d46e7613e2f5b30eb
bda358cfd9f7f904ef04f12dc41ec94c275bc8cd9cefecea24462b42d4f07d54
c0581ef33673de56f695a329b338c18d854cfbdae351d3e3d5ef089e3d419eb8
c0acc00c676455118b2ceb6f77db9b66785951c549b9f0866f507a657e8390be
c2685c17872b8a11ee5aec1963c73d3ae94c3d8714a3a2bba4d2c4bf390b77f0
c4672303954bbb49c9b9602045a711184abc2062387dc6e1a3c854f969003f04
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
ce8c7437e3f2f2dea0f45b53835d0cdf3c0450e6ef6944b4310b3e02d22a60ae
d0da5a734710c3fd1d63d3a6efcbbef73d8318e96a1700c4b7cc75718fe04c18
d7da654e8fe1bf6902c450e284df241a067416530ba83d1ee6d1e712010133d3
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc86da900c519b90310711875db25146c89c19d2a0cce51f94127298e485a9e6
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e31e164916dc38431e35706895d056f887f8c45debb372336815de4e3a05aba9
e9fc6e799796018389da15bcc8a166a94ef615890a0bb8e611694629331fef2b
ebcb35563ab0d4a54fd83891e6e3629594237feb45e88ad023d3e329363cf273
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06784c975d99d8278a47b1b312ea757ba52496dc8cef9034f134ffbaa95b834
f16d4a7b00597e66d9cdadf2ab472889d5bf3feb5650d92e7d60f17faa853c8b
f201de549dce10a38df4ae2bcb197daa75806c212083e377f33bf5f2e4cc85e0
f6e1c0db50c75d197012de74fd3fcd517b1f706bfd3160e7cda13227a690dbb5
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3