login.chumbacasino.com Open in urlscan Pro
13.35.253.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://go2.vgw.co/dc/I_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3maWDzo6f29XlDJs78EEgF...
Effective URL:
https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=Lo...
Submission: On February 19 via api (February 19th 2020, 3:51:00 am UTC) from BE

Summary HTTP 48 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 28 domains to perform 48 HTTP transactions. The main IP is 13.35.253.70, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is login.chumbacasino.com.
TLS certificate: Issued by Amazon on January 8th 2020. Valid for: a year.

This is the only time login.chumbacasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.237.104.64 103.237.104.64	53580 (MARKETO) (MARKETO)
13	13.35.253.70 13.35.253.70	16509 (AMAZON-02) (AMAZON-02)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2 2	2001:4860:480... 2001:4860:4802:38::75	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::75	15169 (GOOGLE) (GOOGLE)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	52.41.199.229 52.41.199.229	16509 (AMAZON-02) (AMAZON-02)
1 1	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
1	3.232.102.204 3.232.102.204	14618 (AMAZON-AES) (AMAZON-AES)
1	64.202.112.127 64.202.112.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1 2	185.33.223.210 185.33.223.210	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:1a00:6:ea06:d140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
48	27

1 103.237.104.64 (Australia)

ASN53580 (MARKETO, US)

go2.vgw.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.35.253.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-70.fra6.r.cloudfront.net

login.chumbacasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::75 (United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::75 (United States)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.41.199.229 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-199-229.us-west-2.compute.amazonaws.com

prformc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.102.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-102-204.compute-1.amazonaws.com

pe.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.210 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:1a00:6:ea06:d140:93a1 (United States)

ASN16509 (AMAZON-02, US)

chumbacasino.cdn.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	chumbacasino.com login.chumbacasino.com	252 KB
4	google-analytics.com 2 redirects www.google-analytics.com	46 KB
3	nr-data.net bam.nr-data.net	629 B
3	everesttech.net 2 redirects rtd-tm.everesttech.net sync-tm.everesttech.net	875 B
3	doubleclick.net 3 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	gstatic.com fonts.gstatic.com	26 KB
3	facebook.net connect.facebook.net	153 KB
2	facebook.com 1 redirects www.facebook.com	680 B
2	prismic.io chumbacasino.cdn.prismic.io	2 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	yimg.com s.yimg.com	5 KB
2	google.de www.google.de	218 B
2	google.com 2 redirects www.google.com	375 B
2	fullstory.com fullstory.com rs.fullstory.com	64 KB
1	atdmt.com cx.atdmt.com	431 B
1	twitter.com analytics.twitter.com	652 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	t.co t.co	449 B
1	simpli.fi tag.simpli.fi	865 B
1	outbrain.com amplifypixel.outbrain.com	314 B
1	intentiq.com pe.intentiq.com	525 B
1	turn.com 1 redirects r.turn.com	639 B
1	prformc.com prformc.com	237 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleapis.com fonts.googleapis.com	722 B
1	googletagmanager.com www.googletagmanager.com	33 KB
1	fontawesome.com use.fontawesome.com	13 KB
1	vgw.co go2.vgw.co	966 B
48	28

	Domain	Requested by
13	login.chumbacasino.com	go2.vgw.co login.chumbacasino.com
4	www.google-analytics.com	2 redirects login.chumbacasino.com
3	bam.nr-data.net	login.chumbacasino.com
3	fonts.gstatic.com	login.chumbacasino.com
3	connect.facebook.net	login.chumbacasino.com
2	www.facebook.com	1 redirects login.chumbacasino.com
2	chumbacasino.cdn.prismic.io	login.chumbacasino.com
2	rtd-tm.everesttech.net	2 redirects
2	secure.adnxs.com	1 redirects login.chumbacasino.com
2	s.yimg.com	login.chumbacasino.com
2	www.google.de	login.chumbacasino.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
1	cx.atdmt.com
1	analytics.twitter.com	login.chumbacasino.com
1	js-agent.newrelic.com	login.chumbacasino.com
1	t.co	login.chumbacasino.com
1	rs.fullstory.com	login.chumbacasino.com
1	sync-tm.everesttech.net	login.chumbacasino.com
1	cm.g.doubleclick.net	1 redirects
1	tag.simpli.fi	login.chumbacasino.com
1	amplifypixel.outbrain.com	login.chumbacasino.com
1	pe.intentiq.com	login.chumbacasino.com
1	r.turn.com	1 redirects
1	prformc.com	login.chumbacasino.com
1	static.ads-twitter.com	login.chumbacasino.com
1	fullstory.com	login.chumbacasino.com
1	fonts.googleapis.com	login.chumbacasino.com
1	www.googletagmanager.com	login.chumbacasino.com
1	use.fontawesome.com	login.chumbacasino.com
1	go2.vgw.co
48	31

This site contains links to these domains. Also see Links.

Domain
www.chumbacasino.com
www.authorisation.mga.org.mt
rgf.org.mt
cgaa.info

Subject Issuer	Validity	Valid
*.chumbacasino.com Amazon	`2020-01-08` - `2021-02-08`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.fullstory.com COMODO RSA Domain Validation Secure Server CA	`2017-12-27` - `2021-03-26`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-01-21` - `2020-03-06`	a month	crt.sh
*.prformc.com AlphaSSL CA - SHA256 - G2	`2019-09-09` - `2020-09-09`	a year	crt.sh
*.intentiq.com Amazon	`2019-04-25` - `2020-05-25`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2017-05-11` - `2020-05-10`	3 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
h2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-01-30` - `2021-01-06`	a year	crt.sh
*.cdn.prismic.io Amazon	`2019-09-20` - `2020-10-20`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-01-02` - `2020-12-28`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-01-20` - `2020-04-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Frame ID: A1288374097043E860585F992BFF9ED7
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://go2.vgw.co/dc/I_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3m... Page URL
https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov20... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

48
Requests

98 %
HTTPS

43 %
IPv6

28
Domains

31
Subdomains

27
IPs

7
Countries

617 kB
Transfer

2022 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.chumbacasino.com/

Search URL Search Domain Scan URL

URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=EN&company=4debab56-21d5-49fd-96c5-1c2b5500dbb4&details=1

Search URL Search Domain Scan URL

URL: http://rgf.org.mt/

Search URL Search Domain Scan URL

URL: http://cgaa.info/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://go2.vgw.co/dc/I_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3maWDzo6f29XlDJs78EEgFIPgoK6B2NhdVi1cIUoBCRwj6qIHAJYFfrLtOw3KY4czHATC1pEQm8m2hNPNXaF_4IOeV-C0OSYKlr1VfYxVD-NvGSY3qyzuG_JD/uoa000DJCV040t01ILMEBt0 Page URL
https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1362953914&t=pageview&_s=1&dl=https%3A%2F%2Flogin.chumbacasino.com%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3DCC_BO_ACT_EL_Timebox_Nov2019_BO%26utm_content%3DLoginLink%26mkt_tok%3DeyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9&dr=http%3A%2F%2Fgo2.vgw.co%2Fdc%2FI_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3maWDzo6f29XlDJs78EEgFIPgoK6B2NhdVi1cIUoBCRwj6qIHAJYFfrLtOw3KY4czHATC1pEQm8m2hNPNXaF_4IOeV-C0OSYKlr1VfYxVD-NvGSY3qyzuG_JD%2Fuoa000DJCV040t01ILMEBt0&dp=%2F&ul=en-us&de=UTF-8&dt=Chumba%20Casino%20%7C%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1606930897&gjid=515874336&cid=1742661043.1582084245&tid=UA-46474538-2&_gid=1806688576.1582084245&_r=1&z=104891532 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46474538-2&cid=1742661043.1582084245&jid=1606930897&_gid=1806688576.1582084245&gjid=515874336&_v=j81&z=104891532 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-2&cid=1742661043.1582084245&jid=1606930897&_v=j81&z=104891532 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-2&cid=1742661043.1582084245&jid=1606930897&_v=j81&z=104891532&slf_rd=1&random=1844026693

Request Chain 31

https://r.turn.com/r/beacon?b2=HwubW9GGey3NedHrE_tfu2P_M7XFRSb2U9t7oxp9E1-K81VxEaT5qBVWIRnKqlea7xfVO96GeUC7v38zvdMjCw&cid=&gtmcb=904590271 HTTP 302
https://pe.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpt=1605751818$kbK8R7olnRx7rEoFBGI8ndD7WdLpRwyvnRy_dd58WcCK81VxEaT5qBVWIRnKqleaMp3GTG-O6YMowQ4P8_W1MA&dpi=1357991113&pt=1&dpn=1128

Request Chain 34

https://secure.adnxs.com/seg?add=18455940&t=2&gtmcb=758109665 HTTP 302
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18455940%26t%3D2%26gtmcb%3D758109665

Request Chain 35

https://rtd-tm.everesttech.net/upi/?sid=M8NeJ2EIqMFKrMDEulDv&cs=1&gtmcb=274443310 HTTP 302
https://rtd-tm.everesttech.net/ct/upi/?sid=M8NeJ2EIqMFKrMDEulDv&cs=1&gtmcb=274443310&_test=XkywlQAAAFXApX97 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WGt5d2xRQUFBRlhBcFg5Nw HTTP 302
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_error=3

Request Chain 41

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1362953914&t=pageview&_s=1&dl=https%3A%2F%2Flogin.chumbacasino.com%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3DCC_BO_ACT_EL_Timebox_Nov2019_BO%26utm_content%3DLoginLink%26mkt_tok%3DeyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9&dr=http%3A%2F%2Fgo2.vgw.co%2Fdc%2FI_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3maWDzo6f29XlDJs78EEgFIPgoK6B2NhdVi1cIUoBCRwj6qIHAJYFfrLtOw3KY4czHATC1pEQm8m2hNPNXaF_4IOeV-C0OSYKlr1VfYxVD-NvGSY3qyzuG_JD%2Fuoa000DJCV040t01ILMEBt0&ul=en-us&de=UTF-8&dt=Chumba%20Casino%20%7C%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEADQ~&jid=65178401&gjid=1546746324&cid=1742661043.1582084245&tid=UA-46474538-6&_gid=1806688576.1582084245&_r=1&gtm=2wg250WVCZ8L&z=1442559781 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46474538-6&cid=1742661043.1582084245&jid=65178401&_gid=1806688576.1582084245&gjid=1546746324&_v=j81&z=1442559781 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-6&cid=1742661043.1582084245&jid=65178401&_v=j81&z=1442559781 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-6&cid=1742661043.1582084245&jid=65178401&_v=j81&z=1442559781&slf_rd=1&random=750809978

Request Chain 49

https://www.facebook.com/tr/?id=811247532248216&ev=Microdata&dl=https%3A%2F%2Flogin.chumbacasino.com%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3DCC_BO_ACT_EL_Timebox_Nov2019_BO%26utm_content%3DLoginLink%26mkt_tok%3DeyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9&rl=http%3A%2F%2Fgo2.vgw.co%2Fdc%2FI_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3maWDzo6f29XlDJs78EEgFIPgoK6B2NhdVi1cIUoBCRwj6qIHAJYFfrLtOw3KY4czHATC1pEQm8m2hNPNXaF_4IOeV-C0OSYKlr1VfYxVD-NvGSY3qyzuG_JD%2Fuoa000DJCV040t01ILMEBt0&if=false&ts=1582084246477&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Chumba%20Casino%20%7C%20Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582084244973.2009742197&it=1582084244879&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=18257859140115915284&f=AYyiCVoUymOD7Zg_yopNBNwCqzJGiMYJLXVq8q8Rux-jSfxb_m4zickxE5COyRkkHVoAi4k7qhkk2QoKxonUSVWu&id=811247532248216&l=3&v=0

48 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set uoa000DJCV040t01ILMEBt0 Show response
go2.vgw.co/dc/I_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3maWDzo6f29XlDJs78EEgFIPgoK6B2NhdVi1cIUoBCRwj6qIHAJYFfrLtOw3KY4czHATC1pEQm8m2hNPNXaF_4IOeV-C0OSYKlr1VfYxVD-NvGSY... 663 B
966 B 636ms
612ms Document
text/html 103.237.104.64
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

http://go2.vgw.co/dc/I_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3maWDzo6f29XlDJs78EEgFIPgoK6B2NhdVi1cIUoBCRwj6qIHAJYFfrLtOw3KY4czHATC1pEQm8m2hNPNXaF_4IOeV-C0OSYKlr1VfYxVD-NvGSY3qyzuG_JD/uoa000DJCV040t01ILMEBt0

Protocol

HTTP/1.1

Server

103.237.104.64 , Australia, ASN53580 (MARKETO, US),

Reverse DNS

Software

Apache /

Resource Hash

895eabbaf66fa7bb9b5f820684ba8184fd7fc980aa83515b9136c0b649af9fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: go2.vgw.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 19 Feb 2020 03:50:44 GMT
Server: Apache
Cache-Control: private, no-cache, no-store, max-age=0
Connection: close
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html
Set-Cookie: BIGipServersn_email_track_80=!oMXL24YJ70PByKw+hMntxoNXdwmmDOeLpUaSURsW6GJbQvpRs9AYQh/+WRvgkksClGF7w6mTHuCfSJ45rSWyImwzTAsaSvDbUaTrQ9c=; path=/; Httponly

GET
H2 200 Primary Request / Show response
login.chumbacasino.com/ 3 KB
2 KB 270ms
164ms Document
text/html 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9

Requested by

Host: go2.vgw.co
URL: http://go2.vgw.co/dc/I_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3maWDzo6f29XlDJs78EEgFIPgoK6B2NhdVi1cIUoBCRwj6qIHAJYFfrLtOw3KY4czHATC1pEQm8m2hNPNXaF_4IOeV-C0OSYKlr1VfYxVD-NvGSY3qyzuG_JD/uoa000DJCV040t01ILMEBt0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-70.fra6.r.cloudfront.net

Software

Resource Hash

cf0a09a1cf3c1a9b4786a358e79501252155b328319c9787d947f49868bfcf46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: login.chumbacasino.com
:scheme: https
:path: /?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://go2.vgw.co/dc/I_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3maWDzo6f29XlDJs78EEgFIPgoK6B2NhdVi1cIUoBCRwj6qIHAJYFfrLtOw3KY4czHATC1pEQm8m2hNPNXaF_4IOeV-C0OSYKlr1VfYxVD-NvGSY3qyzuG_JD/uoa000DJCV040t01ILMEBt0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: http://go2.vgw.co/dc/I_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3maWDzo6f29XlDJs78EEgFIPgoK6B2NhdVi1cIUoBCRwj6qIHAJYFfrLtOw3KY4czHATC1pEQm8m2hNPNXaF_4IOeV-C0OSYKlr1VfYxVD-NvGSY3qyzuG_JD/uoa000DJCV040t01ILMEBt0

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Wed, 19 Feb 2020 03:50:44 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Mon, 17 Feb 2020 09:14:53 GMT
etag: W/"bd5-170526dcec8"
set-cookie: connect.sid=s%3APhxtYq_ruM_TdB_d5xgYpfocsmCfLUYz.1NyQHo4aCZC24RJmLYzWvLwzZTrRKz199j0gxK0RM58; Path=/; HttpOnly; Secure
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: nnhsVVy0yE0qMIEUQb28-T_0ujOzwy8RVf38E14-HkFyFXjgMReyoQ==

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
13 KB 75ms
24ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Origin: https://login.chumbacasino.com
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 03:50:44 GMT
content-encoding: gzip
last-modified: Fri, 02 Nov 2018 15:16:46 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 modernizr-custom.js Show response
login.chumbacasino.com/plugins/ 21 KB
7 KB 175ms
173ms Script
application/javascript 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.chumbacasino.com/plugins/modernizr-custom.js
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a26612960550342465a0053b931e7bd997a422ca758fcd5ba910cd8a5da20cf1

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 02:18:45 GMT
content-encoding: gzip
last-modified: Mon, 17 Feb 2020 09:17:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
x-amz-version-id: dofzLCEDk0dZatvSm9MincaezupfcU4g
status: 200
content-type: application/javascript
x-amz-cf-id: NYj0VHCWDuYcvNrizpuZtVTLIV1QU1eH1nqHAp3-AezEYXUYYL_K_A==
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)

GET
H2 200 picturefill.min.js Show response
login.chumbacasino.com/plugins/ 12 KB
5 KB 171ms
170ms Script
application/javascript 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.chumbacasino.com/plugins/picturefill.min.js
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 02:18:45 GMT
content-encoding: gzip
last-modified: Mon, 17 Feb 2020 09:17:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
x-amz-version-id: RFIOyHgH7GkTt5svZyMcNC_QwOb5fOVk
status: 200
content-type: application/javascript
x-amz-cf-id: MxrpuG8p5JDBBHmOpFonQlbviTvRRBoV4Fqj-uuSySbElDiV5eU9Eg==
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)

GET
H2 200 newrelic.min.js Show response
login.chumbacasino.com/plugins/ 20 KB
8 KB 168ms
167ms Script
application/javascript 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.chumbacasino.com/plugins/newrelic.min.js
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fd8f4ce223a4f0f7344a4e0020ac649cf6d0bf82cf95daca803e32dc0831fd1

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 02:18:47 GMT
content-encoding: gzip
last-modified: Mon, 17 Feb 2020 09:17:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
x-amz-version-id: BRzLzkwfGg6ATlb5I6apD0C96LMaB12z
status: 200
content-type: application/javascript
x-amz-cf-id: 2eC6Lp675Is-L21v6rm0q0Reu1EoZRiz5ihjzQbnAJMQBmZSkfZKWA==
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)

GET
H2 200 main.08f0f8d6.chunk.css
login.chumbacasino.com/static/css/ 106 KB
19 KB 49ms
48ms Stylesheet
text/css 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.chumbacasino.com/static/css/main.08f0f8d6.chunk.css
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8adcde1b29fce6b4ccda9e98db420bfd19e845ae72113dc932c7a579c2f3aa6c

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 18 Feb 2020 06:26:43 GMT
content-encoding: gzip
last-modified: Tue, 18 Feb 2020 05:07:40 GMT
server: AmazonS3
age: 77042
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: fyARj47TFpeGz1ba.xpWZ4G.lrTiuyza
status: 200
x-amz-cf-pop: FRA6-C1
content-type: text/css
x-amz-cf-id: 6mQ6afNI-D9cPJ7CE_yY7xvux5r9OrsB563njgibKCzGc9pZ5QgH2g==
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)

GET
H2 200 1.6d51e004.chunk.js Show response
login.chumbacasino.com/static/js/ 595 KB
167 KB 80ms
79ms Script
application/javascript 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.chumbacasino.com/static/js/1.6d51e004.chunk.js
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae8c4a552f80ad70491abf78010b2bd19e91f391bd1d76b9360f054903c4a8d9

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 06:26:43 GMT
content-encoding: gzip
last-modified: Tue, 18 Feb 2020 05:07:40 GMT
server: AmazonS3
age: 77042
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: MqKI_vnDBpBva0pZE9_fROPNGhhinLcS
status: 200
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: ZzNlDtjnHhvxs3fniY9h77AXu2bR_hI0ncig1bJnDvLS_359Qej7Mg==
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)

GET
H2 200 main.2d2c7396.chunk.js Show response
login.chumbacasino.com/static/js/ 59 KB
15 KB 72ms
72ms Script
application/javascript 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.chumbacasino.com/static/js/main.2d2c7396.chunk.js
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d44738704322b323134099dc61e582799815c602f5b8cb22eab4f4855e393c20

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 06:26:43 GMT
content-encoding: gzip
last-modified: Mon, 17 Feb 2020 09:17:58 GMT
server: AmazonS3
age: 77042
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: xKbtfeWeWPww_HN7n4bv7jIVBjP47JGJ
status: 200
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: TD8fdq94Fm3707Bj1kip-GUNVqvy-wcLDIlwWQJ4HxjIr55EUS-7AA==
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
33 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVCZ8L

Requested by

Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45daf36a0ce863fa1f05704b86f5a8944a40d32e14f35bdc4a78b045ad1de76b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 03:50:44 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 34099
x-xss-protection: 0
last-modified: Wed, 19 Feb 2020 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Feb 2020 03:50:44 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 css
fonts.googleapis.com/ 6 KB
722 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind:300,400,500,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3f9152ee8fbe84c30a7aee69baea688d553c1bc1e35614e93bcf180268a8197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Feb 2020 03:50:44 GMT
server: ESF
date: Wed, 19 Feb 2020 03:50:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Feb 2020 03:50:44 GMT

GET
H2 200 fs.js Show response
fullstory.com/s/ 178 KB
63 KB 63ms
24ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fullstory.com/s/fs.js

Requested by

Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8ef83aac00873f8fa0c06d7bc7bf993f5b098cc32c2ab3f1aac16d9ef8d385f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
server: Google Frontend
age: 108
etag: "a-hyoA"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-cloud-trace-context: 114ed517555e2b6492eeace4c206e7c5
cache-control: public, max-age=600
date: Wed, 19 Feb 2020 03:48:56 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-length: 64435
expires: Wed, 19 Feb 2020 03:58:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4632
date: Wed, 19 Feb 2020 02:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 19 Feb 2020 04:33:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
31 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: JEpkimAG9Usx3DLfV7vzUdrcg5BIS21HER54qxU99noJ1L/7LQPLM33cQHxLLGN/XIpSvpSHcFlnZJWWJK2gDQ==
x-fb-trip-id: 1850256238
date: Wed, 19 Feb 2020 03:50:44 GMT, Wed, 19 Feb 2020 03:50:44 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 logo.svg
login.chumbacasino.com/images/ 4 KB
2 KB 169ms
168ms Image
image/svg+xml 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.chumbacasino.com/images/logo.svg
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c1d3d755ffd8f8e63ac64e20aef7a40819e966c86816352ab8f275b64568b9e

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 02:18:51 GMT
content-encoding: gzip
last-modified: Mon, 17 Feb 2020 09:17:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
x-amz-version-id: wsRzn0lW6ACdMzyVWvsf2CjqzPdibqBO
status: 200
content-type: image/svg+xml
x-amz-cf-id: BvI-60ksKo_dpB9hPdTjokJk6kI0a-TPfyKBgxTasoJT6TLU3AE78g==
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)

GET
H2 200 fb_f_logo.svg
login.chumbacasino.com/images/ 477 B
871 B 155ms
154ms Image
image/svg+xml 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.chumbacasino.com/images/fb_f_logo.svg
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1a72abbe2db1c8c1673901d91ff96d516ad31142a4d86c657dbace6df5d5c1a

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 Feb 2020 02:18:51 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 09:17:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "e3d3a3935b21f782c90bc9b7c6ca555d"
x-cache: RefreshHit from cloudfront
x-amz-version-id: XKQGE1FK4fi1S.L9.6kdKP7V0TN0aF04
status: 200
accept-ranges: bytes
content-type: image/svg+xml
content-length: 477
x-amz-cf-id: i_5VexwzOvBYkdEn8-NeeUXOr_1ZWnwGA985c_Xn0onXhu74VDnulg==

GET
H2 200 mga.png
login.chumbacasino.com/images/ 5 KB
5 KB 43ms
42ms Image
image/png 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.chumbacasino.com/images/mga.png
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2494dc90c6f407de9191e08262c3024fda151341c5bb574f93499b16eaacc0ed

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 Feb 2020 09:05:16 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
last-modified: Tue, 18 Feb 2020 05:07:39 GMT
server: AmazonS3
age: 67529
etag: "5eaefbc95dbd086b36327381f69910de"
x-cache: Hit from cloudfront
x-amz-version-id: jUUVuMCl6Qk5dJwW7d.e0nN4XtX9ePiT
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 4725
x-amz-cf-id: Ld_VwvW0tvM63g7NYUbWseRdJd5tKrcXTTmsaWwbRE2rbvsHuDq0YA==

GET
H2 200 rgf_logo.png
login.chumbacasino.com/images/ 11 KB
11 KB 43ms
43ms Image
image/png 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.chumbacasino.com/images/rgf_logo.png
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b4baccacb36b3910d5fde722e4b79febc32f0dfcc7cd301e6a0976559d73da4

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 Feb 2020 08:35:33 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
last-modified: Tue, 18 Feb 2020 05:07:39 GMT
server: AmazonS3
age: 69312
etag: "336a87cf230eb5002c63e7c8f61b689e"
x-cache: Hit from cloudfront
x-amz-version-id: Lb4l77gVKUVlpjc5cBG1wEiOwvRMkj02
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 10758
x-amz-cf-id: B61mJPRxNjH49PKgz7dAwHGpfIzkAXU3V2I0PrRUASaVsrCUXyRcrg==

GET
H2 200 2X_18_Icon.png
login.chumbacasino.com/images/ 2 KB
3 KB 43ms
42ms Image
image/png 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.chumbacasino.com/images/2X_18_Icon.png
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b54e2d835f0b56409d94f9ea3535cae4754cfd72c13c5782157bb80fcf814e2

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 17 Feb 2020 01:07:44 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
last-modified: Mon, 17 Feb 2020 01:04:43 GMT
server: AmazonS3
age: 77038
etag: "b6c26a0165cbd6b600eb6bb25148a9ec"
x-cache: Hit from cloudfront
x-amz-version-id: WLviIIYuj_xtxb35UewtQ82mXucNmlCq
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 2220
x-amz-cf-id: vl5icU07ZNNeA7Jj7lICyykrtZIAuxLiQbW4U22SS5PUSKjcgmR06w==

GET
H2 200 page-pattern.jpg
login.chumbacasino.com/images/ 8 KB
8 KB 42ms
42ms Image
image/jpeg 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.chumbacasino.com/images/page-pattern.jpg
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca037fcfafeda454da02a3f27f177d5d4edc125bd59bfc2f82eb6178bd49082c

Request headers

Referer: https://login.chumbacasino.com/static/css/main.08f0f8d6.chunk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 18 Feb 2020 13:05:00 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
last-modified: Tue, 18 Feb 2020 05:07:39 GMT
server: AmazonS3
age: 53145
etag: "eddd8ca7973225479be1fd4449a1773e"
x-cache: Hit from cloudfront
x-amz-version-id: lbyviAQ6_qoHG.QyiuZ3gkmyYGTtvUlB
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 7948
x-amz-cf-id: auwBG0wHVsJb7gsm8QMqsMnr949rVGqb9kTr1h0UNQzAEHeCseczCg==

GET
H2 200 5aU19_a8oxmIfMJaERySjRhc9V0.woff2
fonts.gstatic.com/s/hind/v10/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v10/5aU19_a8oxmIfMJaERySjRhc9V0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f8400caf8e573c92e3ebf4b8f3f125911241cd2cbb09744cf9716051de566e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Hind:300,400,500,600,700
Origin: https://login.chumbacasino.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 18 Jan 2020 01:30:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:03 GMT
server: sffe
age: 2773189
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8328
x-xss-protection: 0
expires: Sun, 17 Jan 2021 01:30:55 GMT

GET
H2 200 5aU19_a8oxmIfLZcERySjRhc9V0.woff2
fonts.gstatic.com/s/hind/v10/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v10/5aU19_a8oxmIfLZcERySjRhc9V0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3864e68c92a78de7d1309478ac5e9c59d7df8551fc188d3cd5e0fe3b197d509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Hind:300,400,500,600,700
Origin: https://login.chumbacasino.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 00:13:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:19 GMT
server: sffe
age: 1222650
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8780
x-xss-protection: 0
expires: Thu, 04 Feb 2021 00:13:14 GMT

GET
H2 200 5aU69_a8oxmIdGl4BDGwgDI.woff2
fonts.gstatic.com/s/hind/v10/ 8 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v10/5aU69_a8oxmIdGl4BDGwgDI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42610841f3d39a01788c09d6a72b2f7e609cfb75b8e52eb4b031c12ad76f6ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Hind:300,400,500,600,700
Origin: https://login.chumbacasino.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 02:11:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:06 GMT
server: sffe
age: 1561138
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8672
x-xss-protection: 0
expires: Sun, 31 Jan 2021 02:11:46 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1362953914&t=pageview&_s=1&dl=https%3A%2F%2Flogin.chumbacasino.com%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3DCC_BO_ACT_...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46474538-2&cid=1742661043.1582084245&jid=1606930897&_gid=1806688576.1582084245&gjid=515874336&_v=j81&z=104891532
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-2&cid=1742661043.1582084245&jid=1606930897&_v=j81&z=104891532
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-2&cid=1742661043.1582084245&jid=1606930897&_v=j81&z=104891532&slf_rd=1&random=1844026693

42 B
109 B

16ms
16ms

Image
image/gif

2001:4860:4802:32::75
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-2&cid=1742661043.1582084245&jid=1606930897&_v=j81&z=104891532&slf_rd=1&random=1844026693

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::75 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Feb 2020 03:50:44 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Feb 2020 03:50:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-2&cid=1742661043.1582084245&jid=1606930897&_v=j81&z=104891532&slf_rd=1&random=1844026693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 139ms
39ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 03:50:44 GMT
content-encoding: gzip
age: 70622
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4027-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1582084245.980165,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 85 KB
28 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WFPKD5S&t=gtm1&cid=1742661043.1582084245

Requested by

Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae1fafcf1f4727872327fd8bb51754dd50543f01fd13c5463c954f2463b77292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 03:50:44 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 28784
x-xss-protection: 0
expires: Wed, 19 Feb 2020 03:50:44 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 13 KB
5 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

d5931b95b2995d82a840ea292ccfd252a260862febfce571c46bdd4fb680c657

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Wed, 19 Feb 2020 03:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1602
x-amz-server-side-encryption: AES256
status: 200
strict-transport-security: max-age=15552000
content-length: 5097
x-amz-id-2: 9abtBbuEdI1k1lBnximl9XwRYxRmmcxRRY4kZHOLpMk3e1KPZyJDeq+3gHLXZXSbxZJXS6PbkeU=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 25 Mar 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 18 Feb 2020 09:55:00 GMT
server: ATS
etag: "c4965671dea7272f6dded1b56aada228-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-request-id: CD1B43DF50AB10C1
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: RdLXatlxSud_dHgTuDL8NxppJ3AIqVRh
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK p.ashx
prformc.com/ 2 B
237 B 786ms
203ms Image
text/plain 52.41.199.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prformc.com/p.ashx?o=301076&e=1566&t=TRANSACTION_ID&gtmcb=362416246
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.41.199.229 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-199-229.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 19 Feb 2020 03:50:45 GMT
Cache-Control: private
Connection: close
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length: 2
Content-Type: text/plain; charset=utf-8

GET
H/1.1

200
OK

ProfilesEngineServlet
pe.intentiq.com/profiles_engine/
Redirect Chain

https://r.turn.com/r/beacon?b2=HwubW9GGey3NedHrE_tfu2P_M7XFRSb2U9t7oxp9E1-K81VxEaT5qBVWIRnKqlea7xfVO96GeUC7v38zvdMjCw&cid=&gtmcb=904590271
https://pe.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpt=1605751818$kbK8R7olnRx7rEoFBGI8ndD7WdLpRwyvnRy_dd58WcCK81VxEaT5qBVWIRnKqleaMp3GTG-O6YMowQ4P8_W1MA&dpi=1357991113&pt=1&dp...

43 B
525 B

450ms
104ms

Image
image/gif

3.232.102.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pe.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpt=1605751818$kbK8R7olnRx7rEoFBGI8ndD7WdLpRwyvnRy_dd58WcCK81VxEaT5qBVWIRnKqleaMp3GTG-O6YMowQ4P8_W1MA&dpi=1357991113&pt=1&dpn=1128
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.102.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-102-204.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Feb 2020 03:50:44 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://pe.intentiq.com/profiles_engine/ProfilesEngineServlet?at=2&mi=10&dpt=1605751818$kbK8R7olnRx7rEoFBGI8ndD7WdLpRwyvnRy_dd58WcCK81VxEaT5qBVWIRnKqleaMp3GTG-O6YMowQ4P8_W1MA&dpi=1357991113&pt=1&dpn=1128
Pragma: no-cache
Date: Wed, 19 Feb 2020 03:50:44 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
314 B 381ms
94ms Image
image/gif 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amplifypixel.outbrain.com/pixel?mid=00dadc6eea962de3e9584bf05790b8e0fa&gtmcb=2005044399

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 19 Feb 2020 03:50:45 GMT
Cache-Control: no-cache
X-TraceId: 9c7b5a0cecd78b111e8370c3509c5cf9
content-encoding: gzip
Content-Length: 60
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;

GET
H2 200 aa544fb0-0087-0137-4a7b-06659b33d47c
tag.simpli.fi/sifitag/ 0
865 B 110ms
37ms Image
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tag.simpli.fi/sifitag/aa544fb0-0087-0137-4a7b-06659b33d47c?gtmcb=710297808

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache, no-cache
date: Wed, 19 Feb 2020 03:50:44 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: 2nqb2f8hrbvndahmdjtd9sd2
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=18455940&t=2&gtmcb=758109665
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18455940%26t%3D2%26gtmcb%3D758109665

43 B
1 KB

32ms
32ms

Image
image/gif

185.33.223.210
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18455940%26t%3D2%26gtmcb%3D758109665

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.210 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

307.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Feb 2020 03:50:46 GMT
AN-X-Request-Uuid: 09abb183-89d5-477a-a3d5-de7b5d60d434
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.38.150.98; 185.38.150.98; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Feb 2020 03:50:46 GMT
AN-X-Request-Uuid: 841a4ab1-a831-4c6e-bc44-12c9837cfe97
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D18455940%26t%3D2%26gtmcb%3D758109665
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.38.150.98; 185.38.150.98; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.176:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

5w3jqr4k
sync-tm.everesttech.net/upi/pid/
Redirect Chain

https://rtd-tm.everesttech.net/upi/?sid=M8NeJ2EIqMFKrMDEulDv&cs=1&gtmcb=274443310
https://rtd-tm.everesttech.net/ct/upi/?sid=M8NeJ2EIqMFKrMDEulDv&cs=1&gtmcb=274443310&_test=XkywlQAAAFXApX97
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WGt5d2xRQUFBRlhBcFg5Nw
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_error=3

85 B
163 B

41ms
39ms

Image
image/png

151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_error=3
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.3.8.v20160314) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Feb 2020 03:50:45 GMT
via: 1.1 varnish
server: Jetty(9.3.8.v20160314)
age: 19
x-cache: HIT
content-type: image/png
status: 200
cache-control: no-cache
x-cache-hits: 23
accept-ranges: bytes
x-timer: S1582084246.565325,VS0,VE0
content-length: 85
x-served-by: cache-hhn4032-HHN

Redirect headers

pragma: no-cache
date: Wed, 19 Feb 2020 03:50:45 GMT
server: HTTP server (unknown)
location: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?google_error=3
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2 Show response
chumbacasino.cdn.prismic.io/api/ 1 KB
895 B 411ms
372ms Fetch
application/json 2600:9000:2057:1a00:6:ea06:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chumbacasino.cdn.prismic.io/api/v2
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:1a00:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: aad16fcb0699e3fe80f2888800b3e5433e20f8a73dc84aa286c87093eb716aa8

Request headers

Accept: application/json
Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Origin: https://login.chumbacasino.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Feb 2020 03:50:45 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA6-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-store
content-length: 549
x-local-cache: EXPIRED
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id: 3OOl0yQtboVuTFx4h2gy5UcbFJ1xSNjuYoywZVE_Ju4KXd3Idr25RQ==

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 42 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.15

Requested by

Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 10620
x-xss-protection: 0
pragma: public
x-fb-debug: JSQBMpXy+kwiCsj8vfGd8hgJQQ15qcaGRKMG66mF8yi2M6qf9Z3Vpli3jhm8+GpBUuLGG7Xlr6c3W9TawIeZTw==
x-fb-trip-id: 1850256238
date: Wed, 19 Feb 2020 03:50:44 GMT, Wed, 19 Feb 2020 03:50:44 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 811247532248216 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 69ms
69ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/811247532248216?v=2.9.15&r=stable

Requested by

Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5301737292362c3ee7ecd6b9808c4f20831ceaeb1191c52e397f5eb6d0898a28

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: MsTXCkbPejGxTKyjZgQXomPuVJUT2aefO2fv4pWNIKhHxl2IOF+LpENNacBWfNXYldPcN4DeDus63Q/P5N0q1g==
x-fb-trip-id: 1850256238
date: Wed, 19 Feb 2020 03:50:44 GMT, Wed, 19 Feb 2020 03:50:44 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10058137.json Show response
s.yimg.com/wi/config/ 2 B
174 B 45ms
45ms XHR
application/json 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10058137.json

Requested by

Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Origin: https://login.chumbacasino.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 03:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2150
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 028351D549E36F3D
x-amz-id-2: 4KknZDsZunBsuvARqsscQRXRGPcpTLvPJe+hAiCqoiVUuYoqg+9LSFZC0PkWpvs1N+RpyDlCiQc=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

POST
H2 202 page Show response
rs.fullstory.com/rec/ 53 B
285 B 177ms
125ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

fd79abba26f3255a6a1e8c772e05da8e8e00564e338427472a15621d25c1c471

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Origin: https://login.chumbacasino.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Feb 2020 03:50:45 GMT
via: 1.1 google
x-content-type-options: nosniff
status: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://login.chumbacasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 53
expires: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1362953914&t=pageview&_s=1&dl=https%3A%2F%2Flogin.chumbacasino.com%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3DCC_BO_ACT_...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46474538-6&cid=1742661043.1582084245&jid=65178401&_gid=1806688576.1582084245&gjid=1546746324&_v=j81&z=1442559781
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-6&cid=1742661043.1582084245&jid=65178401&_v=j81&z=1442559781
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-6&cid=1742661043.1582084245&jid=65178401&_v=j81&z=1442559781&slf_rd=1&random=750809978

42 B
109 B

16ms
16ms

Image
image/gif

2001:4860:4802:32::75
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-6&cid=1742661043.1582084245&jid=65178401&_v=j81&z=1442559781&slf_rd=1&random=750809978

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::75 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Feb 2020 03:50:44 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Feb 2020 03:50:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46474538-6&cid=1742661043.1582084245&jid=65178401&_v=j81&z=1442559781&slf_rd=1&random=750809978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
350 B 18ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=811247532248216&ev=PageView&dl=https%3A%2F%2Flogin.chumbacasino.com%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3DCC_BO_ACT_EL_Timebox_Nov2019_BO%26utm_content%3DLoginLink%26mkt_tok%3DeyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9&rl=http%3A%2F%2Fgo2.vgw.co%2Fdc%2FI_Zzw7drJp36JOycsJhugVID4ilw9stwbhce-_IsPyPyQdo7lFzCnWdAWj0SlrXVUFJZ2XD3maWDzo6f29XlDJs78EEgFIPgoK6B2NhdVi1cIUoBCRwj6qIHAJYFfrLtOw3KY4czHATC1pEQm8m2hNPNXaF_4IOeV-C0OSYKlr1VfYxVD-NvGSY3qyzuG_JD%2Fuoa000DJCV040t01ILMEBt0&if=false&ts=1582084244974&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582084244973.2009742197&it=1582084244879&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 03:50:44 GMT, Wed, 19 Feb 2020 03:50:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 19 Feb 2020 03:50:44 GMT

GET
H2 200 adsct
t.co/i/ 43 B
449 B 193ms
141ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o106n&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 03:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Wed, 19 Feb 2020 03:50:45 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 4e044fd94b7ee02e5c5f704b7e8ac1b2
x-transaction: 00a723d40046b1d3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 search Show response
chumbacasino.cdn.prismic.io/api/v2/documents/ 4 KB
2 KB 6ms
6ms Fetch
application/json 2600:9000:2057:1a00:6:ea06:d140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chumbacasino.cdn.prismic.io/api/v2/documents/search?page=1&pageSize=1&lang=*&ref=XcTh5hEAACEAnoMT&q=%5B%5Bat(document.id%2C%20%22XIiuZhIAACIAi5CN%22)%5D%5D
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:1a00:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cd37e395d2dc6c0e83c61cc79c3104102a1393c2c5d3dcf18c51cf44889f97e

Request headers

Accept: application/json
Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Origin: https://login.chumbacasino.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 22:07:03 GMT
content-encoding: gzip
server: nginx
age: 279822
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: sfs_ESMOgN0UFRSVDrEzQpjUdu2i2c7WRJoz_omDln-N42YNPw7YXQ==
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)

GET
H2 200 nr-spa-1118.min.js Show response
js-agent.newrelic.com/ 33 KB
13 KB 137ms
41ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1118.min.js
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d97d7f2ce4fb25babe123ff03a94e9794a2081cd30c10750473b7a043e9e447d

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 03:50:45 GMT
content-encoding: gzip
x-amz-request-id: A48243CF07BC423F
x-cache: HIT
status: 200
content-length: 12943
x-amz-id-2: Uj0hElMfXAey8gHekrocX58E477tkt4/YEwiQT7cyKT3Dx1nEYK4hMX/Ah5+cj6gZVENOa0OZtk=
x-served-by: cache-hhn4028-HHN
last-modified: Wed, 02 Jan 2019 18:42:31 GMT
server: AmazonS3
x-timer: S1582084246.770399,VS0,VE0
etag: "7e24c95b9a35bca45860d13c1ef0a95b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 25

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
652 B 198ms
145ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o106n&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Flogin.chumbacasino.com%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3DCC_BO_ACT_EL_Timebox_Nov2019_BO%26utm_content%3DLoginLink%26mkt_tok%3DeyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9

Requested by

Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 03:50:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Wed, 19 Feb 2020 03:50:45 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 053be8326ad59eefc23e56f0b01f1f52
x-transaction: 00cbf870008f89f2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK 40ba02fbe3 Show response
bam.nr-data.net/1/ 57 B
275 B 461ms
115ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/40ba02fbe3?a=233435402&sa=1&v=1118.0c07c19&t=Unnamed%20Transaction&rst=1582&ref=https://login.chumbacasino.com/&be=496&fe=1403&dc=556&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1582084244252,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:22,%22c%22:22,%22s%22:45,%22ce%22:108,%22rq%22:108,%22rp%22:272,%22rpe%22:277,%22dl%22:309,%22di%22:556,%22ds%22:556,%22de%22:556,%22dc%22:1403,%22l%22:1403,%22le%22:1404%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK 40ba02fbe3 Show response
bam.nr-data.net/resources/1/ 0
165 B 204ms
203ms XHR
text/plain 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/40ba02fbe3?a=233435402&sa=1&v=1118.0c07c19&t=Unnamed%20Transaction&rst=2050&ref=https://login.chumbacasino.com/&st=1582084244252
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Origin: https://login.chumbacasino.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://login.chumbacasino.com
Access-Control-Allow-Credentials: true
Content-Length: 0
Content-Type: text/plain

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=811247532248216&ev=Microdata&dl=https%3A%2F%2Flogin.chumbacasino.com%2F%3Futm_source%3Dmarketo%26utm_medium%3Demail%26utm_campaign%3DCC_BO_ACT_EL_Timebox_Nov2019_BO%...
https://cx.atdmt.com/?c=18257859140115915284&f=AYyiCVoUymOD7Zg_yopNBNwCqzJGiMYJLXVq8q8Rux-jSfxb_m4zickxE5COyRkkHVoAi4k7qhkk2QoKxonUSVWu&id=811247532248216&l=3&v=0

42 B
431 B

53ms
39ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=18257859140115915284&f=AYyiCVoUymOD7Zg_yopNBNwCqzJGiMYJLXVq8q8Rux-jSfxb_m4zickxE5COyRkkHVoAi4k7qhkk2QoKxonUSVWu&id=811247532248216&l=3&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 19 Feb 2020 03:50:46 GMT, Wed, 19 Feb 2020 03:50:46 GMT, Wed, 19 Feb 2020 03:50:46 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-24=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 19 Feb 2020 03:50:46 GMT, Wed, 19 Feb 2020 03:50:46 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=18257859140115915284&f=AYyiCVoUymOD7Zg_yopNBNwCqzJGiMYJLXVq8q8Rux-jSfxb_m4zickxE5COyRkkHVoAi4k7qhkk2QoKxonUSVWu&id=811247532248216&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-24=":443"; ma=3600
content-length: 0
expires: 0

POST
H/1.1 200
OK 40ba02fbe3 Show response
bam.nr-data.net/events/1/ 24 B
189 B 115ms
114ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/40ba02fbe3?a=233435402&sa=1&v=1118.0c07c19&t=Unnamed%20Transaction&rst=2406&ref=https://login.chumbacasino.com/
Requested by: Host: login.chumbacasino.com
URL: https://login.chumbacasino.com/plugins/newrelic.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://login.chumbacasino.com/?utm_source=marketo&utm_medium=email&utm_campaign=CC_BO_ACT_EL_Timebox_Nov2019_BO&utm_content=LoginLink&mkt_tok=eyJpIjoiTkRrMk1UYzROV0U1TVdJMCIsInQiOiJBanUxV1lrNDJnTCt1SzhcLzBrcmFcL2tYUEl1Z091SmhETWNwcm0xWWFGcnFrc21qQTN6UmE2eVBjWEdnS3FCWmd2MUlYdG04ZVZwcHg1UTBwclwvYXJSWjdXQkdHMndaeXBicFk1c0hzU0RmWFB0V0owNUVVbmxrakNuTk91RFgxYiJ9
Origin: https://login.chumbacasino.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://login.chumbacasino.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.chumbacasino.com/	1970-01-19 09:37:40	Name: _fbp Value: fb.1.1582084244973.2009742197
.chumbacasino.com/	1970-01-19 07:28:04	Name: _gat_UA-46474538-6 Value: 1
.chumbacasino.com/	1970-01-19 09:37:40	Name: _gcl_au Value: 1.1.1940476211.1582084245
.chumbacasino.com/	1970-01-19 07:28:04	Name: _gat Value: 1
.chumbacasino.com/	1970-01-20 00:59:16	Name: _ga Value: GA1.2.1742661043.1582084245
login.chumbacasino.com/	1969-12-31 23:59:59	Name: loglevel Value: ERROR
.chumbacasino.com/	1970-01-19 07:29:30	Name: _gid Value: GA1.2.1806688576.1582084245
login.chumbacasino.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3APhxtYq_ruM_TdB_d5xgYpfocsmCfLUYz.1NyQHo4aCZC24RJmLYzWvLwzZTrRKz199j0gxK0RM58

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplifypixel.outbrain.com
analytics.twitter.com
bam.nr-data.net
chumbacasino.cdn.prismic.io
cm.g.doubleclick.net
connect.facebook.net
cx.atdmt.com
fonts.googleapis.com
fonts.gstatic.com
fullstory.com
go2.vgw.co
js-agent.newrelic.com
login.chumbacasino.com
pe.intentiq.com
prformc.com
r.turn.com
rs.fullstory.com
rtd-tm.everesttech.net
s.yimg.com
secure.adnxs.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
t.co
tag.simpli.fi
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
103.237.104.64
104.244.42.195
104.244.42.197
13.35.253.70
151.101.112.157
151.101.114.110
151.101.114.49
162.247.242.20
169.50.137.176
172.217.16.130
185.33.223.210
2001:4860:4802:32::75
2001:4860:4802:34::15
2001:4860:4802:38::75
23.111.9.35
2600:9000:2057:1a00:6:ea06:d140:93a1
2a00:1288:f03d:1fa::4000
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2008
2a00:1450:4001:819::2003
2a00:1450:4001:81e::200a
2a00:1450:400c:c00::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
3.232.102.204
35.186.194.58
46.228.164.11
52.41.199.229
64.202.112.127
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b54e2d835f0b56409d94f9ea3535cae4754cfd72c13c5782157bb80fcf814e2
2494dc90c6f407de9191e08262c3024fda151341c5bb574f93499b16eaacc0ed
2c1d3d755ffd8f8e63ac64e20aef7a40819e966c86816352ab8f275b64568b9e
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
42610841f3d39a01788c09d6a72b2f7e609cfb75b8e52eb4b031c12ad76f6ca3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45daf36a0ce863fa1f05704b86f5a8944a40d32e14f35bdc4a78b045ad1de76b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5301737292362c3ee7ecd6b9808c4f20831ceaeb1191c52e397f5eb6d0898a28
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5cd37e395d2dc6c0e83c61cc79c3104102a1393c2c5d3dcf18c51cf44889f97e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7b4baccacb36b3910d5fde722e4b79febc32f0dfcc7cd301e6a0976559d73da4
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7fd8f4ce223a4f0f7344a4e0020ac649cf6d0bf82cf95daca803e32dc0831fd1
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
895eabbaf66fa7bb9b5f820684ba8184fd7fc980aa83515b9136c0b649af9fe0
8adcde1b29fce6b4ccda9e98db420bfd19e845ae72113dc932c7a579c2f3aa6c
8ef83aac00873f8fa0c06d7bc7bf993f5b098cc32c2ab3f1aac16d9ef8d385f5
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9f8400caf8e573c92e3ebf4b8f3f125911241cd2cbb09744cf9716051de566e8
a26612960550342465a0053b931e7bd997a422ca758fcd5ba910cd8a5da20cf1
a3f9152ee8fbe84c30a7aee69baea688d553c1bc1e35614e93bcf180268a8197
aad16fcb0699e3fe80f2888800b3e5433e20f8a73dc84aa286c87093eb716aa8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae1fafcf1f4727872327fd8bb51754dd50543f01fd13c5463c954f2463b77292
ae8c4a552f80ad70491abf78010b2bd19e91f391bd1d76b9360f054903c4a8d9
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c3864e68c92a78de7d1309478ac5e9c59d7df8551fc188d3cd5e0fe3b197d509
ca037fcfafeda454da02a3f27f177d5d4edc125bd59bfc2f82eb6178bd49082c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf0a09a1cf3c1a9b4786a358e79501252155b328319c9787d947f49868bfcf46
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d1a72abbe2db1c8c1673901d91ff96d516ad31142a4d86c657dbace6df5d5c1a
d44738704322b323134099dc61e582799815c602f5b8cb22eab4f4855e393c20
d5931b95b2995d82a840ea292ccfd252a260862febfce571c46bdd4fb680c657
d97d7f2ce4fb25babe123ff03a94e9794a2081cd30c10750473b7a043e9e447d
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd79abba26f3255a6a1e8c772e05da8e8e00564e338427472a15621d25c1c471

login.chumbacasino.com Open in urlscan Pro 13.35.253.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

43 %IPv6

28 Domains

31 Subdomains

27 IPs

7 Countries

617 kBTransfer

2022 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

login.chumbacasino.com Open in urlscan Pro
13.35.253.70 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

43 %
IPv6

28
Domains

31
Subdomains

27
IPs

7
Countries

617 kB
Transfer

2022 kB
Size

8
Cookies

48 HTTP transactions
4 data transactions