promo.leovegas.com Open in urlscan Pro
2a03:b0c0:3:d0::d24:5001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://biz.99prefixes.com/1077316zx943617Ck333819870tf10887vj2axr45271Fl
Effective URL:
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D...
Submission: On January 07 via manual (January 7th 2019, 11:51:43 am UTC) from SE

Summary HTTP 67 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 33 IPs in 8 countries across 31 domains to perform 67 HTTP transactions. The main IP is 2a03:b0c0:3:d0::d24:5001, located in Netherlands and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is promo.leovegas.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 2nd 2018. Valid for: 2 years.

This is the only time promo.leovegas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	176.9.114.175 176.9.114.175	24940 (HETZNER-AS) (HETZNER-AS)
1	66.70.251.114 66.70.251.114	16276 (OVH) (OVH)
1 1	107.154.248.103 107.154.248.103	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
1 1	52.18.165.114 52.18.165.114	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 10	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d24:5001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:183::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
19	2600:9000:200... 2600:9000:200c:6a00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	147.75.83.23 147.75.83.23	54825 (PACKET) (PACKET - Packet Host)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.28.139.186 52.28.139.186	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19b::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1	147.75.80.178 147.75.80.178	54825 (PACKET) (PACKET - Packet Host)
1	147.75.204.215 147.75.204.215	54825 (PACKET) (PACKET - Packet Host)
1	35.177.2.75 35.177.2.75	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1288:7c:... 2a00:1288:7c:800::4001	43428 (YAHOO-ULS) (YAHOO-ULS)
1	188.125.66.33 188.125.66.33	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2600:9000:200... 2600:9000:200c:f000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	35.177.70.111 35.177.70.111	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	34.194.168.70 34.194.168.70	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 3	104.155.76.175 104.155.76.175	15169 (GOOGLE) (GOOGLE - Google LLC)
5 6	18.153.11.15 18.153.11.15	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	18.153.11.21 18.153.11.21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1	213.19.162.90 213.19.162.90	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
3 3	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	3.121.161.12 3.121.161.12	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	77.66.11.200 77.66.11.200	16245 (NGDC) (NGDC)
1	176.34.180.203 176.34.180.203	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	23.211.2.27 23.211.2.27	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2 3	54.36.123.231 54.36.123.231	16276 (OVH) (OVH)
2 2	37.252.172.39 37.252.172.39	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 2	52.213.58.51 52.213.58.51	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.17.150.45 52.17.150.45	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
67	33

1 176.9.114.175 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.175.114.9.176.clients.your-server.de

biz.99prefixes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.70.251.114 (Trumbull, United States)

ASN16276 (OVH, FR)
PTR: ip114.ip-66-70-251.net

imaxil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.248.103 (Redwood City, United States) 1 redirects

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.248.103.ip.incapdns.net

ads.leovegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.165.114 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-165-114.eu-west-1.compute.amazonaws.com

leo-promo-redirect-service.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:b0c0:3:d0::d24:5001 (Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

promo.leovegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:183::13b8 (European Union)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:200c:6a00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.83.23 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-21

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.139.186 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-139-186.eu-central-1.compute.amazonaws.com

api.ipdata.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19b::13b8 (European Union)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.80.178 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-25

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.204.215 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-22

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.2.75 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-177-2-75.eu-west-2.compute.amazonaws.com

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:7c:800::4001 (United Kingdom)

ASN43428 (YAHOO-ULS, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.66.33 (Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:f000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.70.111 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-177-70-111.eu-west-2.compute.amazonaws.com

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.194.168.70 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-194-168-70.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.155.76.175 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 175.76.155.104.bc.googleusercontent.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.153.11.15 (Cambridge, United States) 5 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-15.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.153.11.21 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-21.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.210.2 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.161.12 (Fairfield, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-121-161-12.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.66.11.200 (Denmark) 1 redirects

ASN16245 (NGDC, DK)

uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.180.203 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-180-203.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.211.2.27 (Cambridge, United States) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-211-2-27.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.36.123.231 (Woodbridge, United States) 2 redirects

ASN16276 (OVH, FR)
PTR: s03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.39 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 246.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.58.51 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-58-51.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.150.45 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-150-45.eu-west-1.compute.amazonaws.com

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	ctfassets.net images.ctfassets.net	3 MB
11	leovegas.com 2 redirects ads.leovegas.com promo.leovegas.com	371 KB
7	bidswitch.net 6 redirects x.bidswitch.net	4 KB
4	adform.net track.adform.net	41 KB
4	gstatic.com fonts.gstatic.com	44 KB
4	optimizely.com cdn.optimizely.com errors.client.optimizely.com	80 KB
3	id5-sync.com 2 redirects id5-sync.com	3 KB
3	doubleclick.net 3 redirects cm.g.doubleclick.net	686 B
3	creative-serving.com 1 redirects ads.creative-serving.com	3 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	82 KB
2	demdex.net 1 redirects dpm.demdex.net	1 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	openx.net 1 redirects eu-u.openx.net	603 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	semasio.net 1 redirects uip.semasio.net	1 KB
2	360yield.com 1 redirects ad.360yield.com	2 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	justpremium.com match.justpremium.com	213 B
1	krxd.net beacon.krxd.net	453 B
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	pubmatic.com simage2.pubmatic.com	804 B
1	quantcount.com rules.quantcount.com	1 KB
1	yahoo.com sp.analytics.yahoo.com	449 B
1	yimg.com s.yimg.com	5 KB
1	ipdata.co api.ipdata.co	436 B
1	googletagmanager.com www.googletagmanager.com	29 KB
1	googleapis.com fonts.googleapis.com	930 B
1	herokuapp.com 1 redirects leo-promo-redirect-service.herokuapp.com	367 B
1	imaxil.com imaxil.com	469 B
1	99prefixes.com 1 redirects biz.99prefixes.com	243 B
67	31

	Domain	Requested by
19	images.ctfassets.net	promo.leovegas.com
10	promo.leovegas.com	1 redirects imaxil.com promo.leovegas.com
7	x.bidswitch.net	6 redirects
4	track.adform.net	imaxil.com track.adform.net
4	fonts.gstatic.com	promo.leovegas.com
3	id5-sync.com	2 redirects
3	cm.g.doubleclick.net	3 redirects
3	ads.creative-serving.com	1 redirects
2	dpm.demdex.net	1 redirects
2	secure.adnxs.com	2 redirects
2	eu-u.openx.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	uip.semasio.net	1 redirects
2	ad.360yield.com	1 redirects
2	errors.client.optimizely.com	cdn.optimizely.com
2	www.google-analytics.com	www.googletagmanager.com promo.leovegas.com
2	cdn.optimizely.com	promo.leovegas.com
1	match.justpremium.com
1	beacon.krxd.net
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	pixel.quantserve.com	promo.leovegas.com
1	rules.quantcount.com	secure.quantserve.com
1	sp.analytics.yahoo.com	s.yimg.com
1	s.yimg.com	track.adform.net
1	secure.quantserve.com	track.adform.net
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	api.ipdata.co	imaxil.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	promo.leovegas.com
1	fonts.googleapis.com	promo.leovegas.com
1	leo-promo-redirect-service.herokuapp.com	1 redirects
1	ads.leovegas.com	1 redirects
1	imaxil.com
1	biz.99prefixes.com	1 redirects
67	36

This site contains links to these domains. Also see Links.

Domain
www.authorisation.mga.org.mt
secure.gamblingcommission.gov.uk
spillemyndigheden.dk
www.begambleaware.org
www.gamcare.org.uk
www.gamblersanonymous.org
www.leosafeplay.com

Subject Issuer	Validity	Valid
www.imaxil.com Go Daddy Secure Certificate Authority - G2	`2018-06-10` - `2019-08-09`	a year	crt.sh
*.leovegas.com DigiCert SHA2 Secure Server CA	`2018-02-02` - `2020-01-23`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
cdn.optimizely.com DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-23`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
images.contentful.com Amazon	`2018-05-04` - `2019-06-04`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.ipdata.co Amazon	`2018-09-27` - `2019-10-27`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2018-02-02` - `2019-10-02`	2 years	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-12-04` - `2019-01-16`	a month	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-11-21` - `2019-05-20`	6 months	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
*.creative-serving.com COMODO RSA Domain Validation Secure Server CA	`2018-03-14` - `2019-04-03`	a year	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
*.bidswitch.net COMODO RSA Domain Validation Secure Server CA	`2018-03-22` - `2019-05-05`	a year	crt.sh
*.360yield.com COMODO RSA Domain Validation Secure Server CA	`2018-03-12` - `2020-03-11`	2 years	crt.sh
*.semasio.net COMODO ECC Domain Validation Secure Server CA	`2018-03-09` - `2019-03-28`	a year	crt.sh
*.krxd.net Go Daddy Secure Certificate Authority - G2	`2017-06-12` - `2019-07-11`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2018-04-16` - `2019-02-06`	10 months	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2018-04-03` - `2019-04-08`	a year	crt.sh
*.id5-sync.com Go Daddy Secure Certificate Authority - G2	`2017-04-02` - `2020-04-02`	3 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
tracking.justpremium.com Amazon	`2018-06-21` - `2019-07-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Frame ID: AA9A99D66DC479247118A044415FA728
Requests: 76 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Frame ID: DD469A9FFB4C6ECD50DAD05849C73D44
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=497538&lid=31340545&ctype=0&media=0&PageName=mc-casino-lp&rnd=1289732158&cpref=https%3a%2f%2fimaxil.com%2f198bf62525341e1800%2f9b-1077316-943617-45271-10887-%2f333819870&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526tracking%255Fvariable%25253D801719892%252526unique%255Ftransaction%255Fid%25253D471253%252526pid%25253D3596701%252526bid%25253D13186
Frame ID: 59D631F914B7919B507BEA0B273CC883
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://biz.99prefixes.com/1077316zx943617Ck333819870tf10887vj2axr45271Fl HTTP 302
https://imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/333819870 Page URL
https://ads.leovegas.com/redirect.aspx?pid=3596701&bid=13186&lpid=473%22&tracking_variable=801719892&... HTTP 301
https://leo-promo-redirect-service.herokuapp.com/mc-casino/?btag=661653_BE2C47C1652B4940A8CCBCAFB2ABA06F&tracking_variable=80... HTTP 301
https://promo.leovegas.com/mc-casino/?qs=btag%253D661653_BE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking_... HTTP 302
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526trac... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
env /^google_tag_manager$/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^quantserve$/i

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^YAHOO$/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^webpackJsonp$/i

Page Statistics

67
Requests

100 %
HTTPS

26 %
IPv6

31
Domains

36
Subdomains

33
IPs

8
Countries

3625 kB
Transfer

5044 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=EN&company=726b906b-4fe8-4cf9-9294-0a6a8a808d90&details=1

Search URL Search Domain Scan URL

URL: https://secure.gamblingcommission.gov.uk/PublicRegister/Search/Detail/39198

Search URL Search Domain Scan URL

URL: https://spillemyndigheden.dk/

Search URL Search Domain Scan URL

URL: https://www.begambleaware.org/

Search URL Search Domain Scan URL

URL: http://www.gamcare.org.uk/

Search URL Search Domain Scan URL

URL: http://www.gamblersanonymous.org/ga/

Search URL Search Domain Scan URL

URL: https://www.leosafeplay.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://biz.99prefixes.com/1077316zx943617Ck333819870tf10887vj2axr45271Fl HTTP 302
https://imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/333819870 Page URL
https://ads.leovegas.com/redirect.aspx?pid=3596701&bid=13186&lpid=473%22&tracking_variable=801719892&unique_transaction_id=471253 HTTP 301
https://leo-promo-redirect-service.herokuapp.com/mc-casino/?btag=661653_BE2C47C1652B4940A8CCBCAFB2ABA06F&tracking_variable=801719892&unique_transaction_id=471253&pid=3596701&bid=13186 HTTP 301
https://promo.leovegas.com/mc-casino/?qs=btag%253D661653_BE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking_variable%253D801719892%2526unique_transaction_id%253D471253%2526pid%253D3596701%2526bid%253D13186 HTTP 302
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://biz.99prefixes.com/1077316zx943617Ck333819870tf10887vj2axr45271Fl HTTP 302
https://imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/333819870

Request Chain 64

https://ads.creative-serving.com/pixel?id=3151410&type=js HTTP 302
https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js

Request Chain 65

https://x.bidswitch.net/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=505 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=505 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c2588ff4-a914-4a00-8105-9d686d774fc6

Request Chain 66

https://x.bidswitch.net/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=454 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=454 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=ad5a893d-a49a-4316-8f95-d1950b217e4e&expires=30

Request Chain 67

https://x.bidswitch.net/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=667 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=667 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=pi7RMx8CQc6-5f39-YN3cg== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDRj8vdNUa-WNxOfLegmm-U&google_cver=1

Request Chain 68

https://ad.360yield.com/match?publisher_dsp_id=79&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=79&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm=&google_sc=&google_tc= HTTP 302
https://ads.creative-serving.com/gcm?google_gid=CAESELKItfUOd5CUrYyNq6o7KAs&google_cver=1

Request Chain 70

https://uip.semasio.net/platform161/1/info?sType=sync&sExtCookieId=e7c14185-5aa3-4322-9e6e-705be1c8455d&sInitiator=external HTTP 302
https://uip.semasio.net/platform161/1/info2?sType=sync&sExtCookieId=e7c14185-5aa3-4322-9e6e-705be1c8455d&sInitiator=external

Request Chain 72

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=172&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=172&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&C=1

Request Chain 73

https://eu-u.openx.net/w/1.0/sd?id=539091136&val=e7c14185-5aa3-4322-9e6e-705be1c8455d HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=539091136&val=e7c14185-5aa3-4322-9e6e-705be1c8455d

Request Chain 74

https://id5-sync.com/s/101/e7c14185-5aa3-4322-9e6e-705be1c8455d/1.gif HTTP 302
https://id5-sync.com/c/101/101/1/1.gif?puid=e7c14185-5aa3-4322-9e6e-705be1c8455d HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/101/2/0/2.gif?puid=$UID HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F101%2F2%2F0%2F2.gif%3Fpuid%3D%24UID HTTP 302
https://id5-sync.com/c/101/2/0/2.gif?puid=4377734178279608837

Request Chain 75

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=e7c14185-5aa3-4322-9e6e-705be1c8455d HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=e7c14185-5aa3-4322-9e6e-705be1c8455d

67 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set 333819870 Show response
imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/
Redirect Chain

http://biz.99prefixes.com/1077316zx943617Ck333819870tf10887vj2axr45271Fl
https://imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/333819870

192 B
469 B

554ms
224ms

Document
text/html

66.70.251.114
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/333819870
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.70.251.114 Trumbull, United States, ASN16276 (OVH, FR),
Reverse DNS: ip114.ip-66-70-251.net
Software: Apache /
Resource Hash: d8b1ce7fde9147b1d854684afb0cc45b8e21850539f71874afe8f73ed15adc96

Request headers

Host: imaxil.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 11:51:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 192
Server: Apache
Set-Cookie: uid8911=801719892-20190107055121-549bce0f9260dd5ae6025e7069e62891-; expires=Thu, 07-Feb-2019 10:51:21 GMT; Max-Age=2674800; path=/

Redirect headers

Date: Mon, 07 Jan 2019 11:51:20 GMT
Server: Apache
location: https://imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/333819870
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request / Show response
promo.leovegas.com/de/mc-casino/
Redirect Chain

https://ads.leovegas.com/redirect.aspx?pid=3596701&bid=13186&lpid=473%22&tracking_variable=801719892&unique_transaction_id=471253
https://leo-promo-redirect-service.herokuapp.com/mc-casino/?btag=661653_BE2C47C1652B4940A8CCBCAFB2ABA06F&tracking_variable=801719892&unique_transaction_id=471253&pid=3596701&bid=13186
https://promo.leovegas.com/mc-casino/?qs=btag%253D661653_BE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking_variable%253D801719892%2526unique_transaction_id%253D471253%2526pid%253D3596701%2526bid%253D13186
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%252...

111 KB
36 KB

7ms
6ms

Document
text/html

2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186

Requested by

Host: imaxil.com
URL: https://imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/333819870

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d24:5001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

756b31040530b22c1613e587d3576572aca537922495a816d644736e8fad454a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: promo.leovegas.com
:scheme: https
:path: /de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/333819870
accept-encoding: gzip, deflate, br
cookie: visid_incap_1837241=6ByFzQMpQ6CSqHRaK+hXLjk9M1wAAAAAQUIPAAAAAAA+mhgtdMN5JvuIsX4Ci+p1; incap_ses_767_1837241=vEGrJILQ9ze8Cb0WHO+kCjk9M1wAAAAA/rZWpBzUV9NsL6kR5JBfuA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/333819870

Response headers

status: 200
cache-control: public, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8
date: Mon, 07 Jan 2019 11:29:07 GMT
etag: "5a8def00e6712355404ae02e17c15af3-ssl-df"
strict-transport-security: max-age=31536000
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd
content-encoding: gzip
age: 1335
content-length: 37016
server: Netlify
vary: Accept-Encoding
x-nf-request-id: fe3bb98f-c50c-4e0a-b14b-218907197180-23768

Redirect headers

status: 302
cache-control: public, max-age=0, must-revalidate
content-length: 201
content-type: text/plain; charset=utf-8
date: Mon, 07 Jan 2019 11:51:21 GMT
location: /de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd
age: 2
server: Netlify
x-nf-request-id: fe3bb98f-c50c-4e0a-b14b-218907197180-23701

GET
H2 200 component---src-layouts-index-js-3de8a3369d78e83a8c15.js Show response
promo.leovegas.com/ 2 KB
1002 B 10ms
9ms Script
application/javascript 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/component---src-layouts-index-js-3de8a3369d78e83a8c15.js

Requested by

Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d24:5001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

d638522ee69bf4b6b86fe37164570c5cc7952af7eec5d9aceb59954bb0228ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /component---src-layouts-index-js-3de8a3369d78e83a8c15.js
pragma: no-cache
cookie: visid_incap_1837241=6ByFzQMpQ6CSqHRaK+hXLjk9M1wAAAAAQUIPAAAAAAA+mhgtdMN5JvuIsX4Ci+p1; incap_ses_767_1837241=vEGrJILQ9ze8Cb0WHO+kCjk9M1wAAAAA/rZWpBzUV9NsL6kR5JBfuA==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: fe3bb98f-c50c-4e0a-b14b-218907197180-23777
date: Mon, 07 Jan 2019 11:29:07 GMT
content-encoding: gzip
server: Netlify
age: 1336
etag: "8bfb0fc1103b958fa84cdcb73fb67ee7-ssl-df"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 876
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 component---src-templates-new-look-and-feel-index-js-4667aa44468bb06ffd66.js Show response
promo.leovegas.com/ 5 KB
2 KB 11ms
10ms Script
application/javascript 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/component---src-templates-new-look-and-feel-index-js-4667aa44468bb06ffd66.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d24:5001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

ae42dac54a6274ba896e594084b86d586253f896f85d6a80cef866e408741095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /component---src-templates-new-look-and-feel-index-js-4667aa44468bb06ffd66.js
pragma: no-cache
cookie: visid_incap_1837241=6ByFzQMpQ6CSqHRaK+hXLjk9M1wAAAAAQUIPAAAAAAA+mhgtdMN5JvuIsX4Ci+p1; incap_ses_767_1837241=vEGrJILQ9ze8Cb0WHO+kCjk9M1wAAAAA/rZWpBzUV9NsL6kR5JBfuA==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: fe3bb98f-c50c-4e0a-b14b-218907197180-23779
date: Mon, 07 Jan 2019 11:29:07 GMT
content-encoding: gzip
server: Netlify
age: 1336
etag: "6d9485f39b40df55b543487fc27bf631-ssl-df"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1930
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 path---de-mc-casino-d044120685d98a2aa42e.js Show response
promo.leovegas.com/ 17 KB
8 KB 11ms
10ms Script
application/javascript 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/path---de-mc-casino-d044120685d98a2aa42e.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d24:5001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

07950126143ed2c7b9406fbe4b8e0974cf6555a4a099a69d4f811e8afd2e8ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /path---de-mc-casino-d044120685d98a2aa42e.js
pragma: no-cache
cookie: visid_incap_1837241=6ByFzQMpQ6CSqHRaK+hXLjk9M1wAAAAAQUIPAAAAAAA+mhgtdMN5JvuIsX4Ci+p1; incap_ses_767_1837241=vEGrJILQ9ze8Cb0WHO+kCjk9M1wAAAAA/rZWpBzUV9NsL6kR5JBfuA==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: fe3bb98f-c50c-4e0a-b14b-218907197180-23780
date: Mon, 07 Jan 2019 11:27:36 GMT
content-encoding: gzip
server: Netlify
age: 1426
etag: "8d84d08556e115fca5ff2dcf4b11ec19-ssl-df"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7977
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 app-8a626f14bdde6d49b243.js Show response
promo.leovegas.com/ 70 KB
11 KB 12ms
11ms Script
application/javascript 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/app-8a626f14bdde6d49b243.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d24:5001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

541035dd15ae8d0697ff07400959ffd6927c84cc918b639942d5aa36ff3c9057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /app-8a626f14bdde6d49b243.js
pragma: no-cache
cookie: visid_incap_1837241=6ByFzQMpQ6CSqHRaK+hXLjk9M1wAAAAAQUIPAAAAAAA+mhgtdMN5JvuIsX4Ci+p1; incap_ses_767_1837241=vEGrJILQ9ze8Cb0WHO+kCjk9M1wAAAAA/rZWpBzUV9NsL6kR5JBfuA==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: fe3bb98f-c50c-4e0a-b14b-218907197180-23781
date: Mon, 07 Jan 2019 11:27:36 GMT
content-encoding: gzip
server: Netlify
age: 1426
etag: "de7abede6be0ff9a3ff21ce94d5b0b43-ssl-df"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 10889
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 commons-e581d391b4e7d1ecdb55.js Show response
promo.leovegas.com/ 779 KB
217 KB 12ms
12ms Script
application/javascript 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d24:5001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

e284438544a876c0c8d39067257088ab68a0b97942957b91e486eb8d738d1136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /commons-e581d391b4e7d1ecdb55.js
pragma: no-cache
cookie: visid_incap_1837241=6ByFzQMpQ6CSqHRaK+hXLjk9M1wAAAAAQUIPAAAAAAA+mhgtdMN5JvuIsX4Ci+p1; incap_ses_767_1837241=vEGrJILQ9ze8Cb0WHO+kCjk9M1wAAAAA/rZWpBzUV9NsL6kR5JBfuA==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: fe3bb98f-c50c-4e0a-b14b-218907197180-23782
date: Mon, 07 Jan 2019 11:27:36 GMT
content-encoding: gzip
server: Netlify
age: 1426
etag: "38deb072499942b92c4d9862694c5f57-ssl-df"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 221782
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 css
fonts.googleapis.com/ 14 KB
930 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

eccce4d3d8f23b6d31ca45a26dc910311dd9425b8667e9f5c5c11a05d791e33d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 07 Jan 2019 11:51:22 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 07 Jan 2019 11:51:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Mon, 07 Jan 2019 11:51:22 GMT

GET
H2 200 9430800627.js Show response
cdn.optimizely.com/js/ 273 KB
77 KB 49ms
12ms Script
text/javascript 2a02:26f0:6c00:183::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/9430800627.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:183::13b8 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

56c0991ebc43b18ddb9e50c64d519e535dfb3fc72118d972a4ac6ec697eaca26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: _0PF_XYAyGZYJLV3XV7uKaLddi5yyY.o
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 5DC03E6EE43F2DF2
status: 200
date: Mon, 07 Jan 2019 11:51:22 GMT
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:183::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
x-akamai-ro-ghost-path: 2.22.50.190,dlr-not-sent:already-encoded-by-ro
content-length: 78413
x-amz-id-2: lk3D80SzBtAyHgcHwSy6ZKsZwcaS1Ic5PsIyARWH5/TbxXFwdexzkTl5Y93uqyUJbQ1ssp85WgU=
last-modified: Thu, 06 Dec 2018 02:12:43 GMT
server: Akamai Resource Optimizer
etag: "2cc84b815246c6031884845a72875975"
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 2651
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 leovegas-casino-logo.367bf0de.svg
promo.leovegas.com/static/ 12 KB
6 KB 29ms
28ms Image
image/svg+xml 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.leovegas.com/static/leovegas-casino-logo.367bf0de.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d24:5001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

ce6756a7c10ff1f8be82a1e4e94a18bb8e68c2f19df87df9cb8168c6dda2fd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /static/leovegas-casino-logo.367bf0de.svg
pragma: no-cache
cookie: visid_incap_1837241=6ByFzQMpQ6CSqHRaK+hXLjk9M1wAAAAAQUIPAAAAAAA+mhgtdMN5JvuIsX4Ci+p1; incap_ses_767_1837241=vEGrJILQ9ze8Cb0WHO+kCjk9M1wAAAAA/rZWpBzUV9NsL6kR5JBfuA==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: fe3bb98f-c50c-4e0a-b14b-218907197180-23783
date: Mon, 07 Jan 2019 11:29:07 GMT
content-encoding: gzip
server: Netlify
age: 1336
etag: "e22766ec110e48144fe3105d28f58b47-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5532
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
29 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

16987eaef0f4c447416e90e00afdd5790d8cef420e9b30cbca79624b6b4e6720

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 11:51:22 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 29864
x-xss-protection: 1; mode=block
expires: Mon, 07 Jan 2019 11:51:22 GMT

GET
H2 200 paypal.png
images.ctfassets.net/kijvoxi4q0zn/5mV9JttLd6KUmokSUsGg0c/2b440f40bc4ae963f4b8bdb8d8a5ad31/ 4 KB
4 KB 62ms
10ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/5mV9JttLd6KUmokSUsGg0c/2b440f40bc4ae963f4b8bdb8d8a5ad31/paypal.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a662b48f5c2363b832340eb5288af5df0ac51cdb4231785c0df2e18b335c959f

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569050
etag: "ce7c0914c695d29b08d6e444955b561c"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3832
x-amz-cf-id: Boe3GvTr2DT6La0La8pXHWAbDQfGumsbwndJvAI7f1DdG8-0tYDZvA==

GET
H2 200 sofortklarna.png
images.ctfassets.net/kijvoxi4q0zn/2CAIGpcyAQ6UGC2c00EOIw/b4e98e832fe525ce78bfbda0833264e5/ 6 KB
6 KB 59ms
11ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/2CAIGpcyAQ6UGC2c00EOIw/b4e98e832fe525ce78bfbda0833264e5/sofortklarna.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b14a7f9c486e98dee1363e7fe513bfb4a1f85cccd620aa93f9492c9b1669c70d

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569051
etag: "594c21590f36927ee691ddb66fa9ba0e"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 5744
x-amz-cf-id: FccABXdgDwKI6A3D-e-IlF-nuNK2pX-VqSZSTunSPJzqTJJ_eGDNFw==

GET
H2 200 visa.png
images.ctfassets.net/kijvoxi4q0zn/3ViLoK5xpS4ewO4S0uCyey/5d6f669d7115ef736e8249079161d49a/ 4 KB
4 KB 43ms
39ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/3ViLoK5xpS4ewO4S0uCyey/5d6f669d7115ef736e8249079161d49a/visa.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 273960782964d6c98b7784d94eef99d63d8bf70c80a48a3d77da0c8191989c39

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 02 Nov 2018 18:01:42 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 5680181
etag: "3564f544731f0c9e221f694ab9a1975e"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3630
x-amz-cf-id: FDZQPxPuMK8_lgWi3xfdtK5m_PhknkIIEgu2TLWzRiIQq4h_iW4zXA==

GET
H2 200 paysafe.png
images.ctfassets.net/kijvoxi4q0zn/41nin6pA92SG2EO06iaYEO/76548fa568856af2df611d3fdaa5b9a0/ 2 KB
3 KB 45ms
41ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/41nin6pA92SG2EO06iaYEO/76548fa568856af2df611d3fdaa5b9a0/paysafe.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 21bb3c933ccc576c2f6d75e583fbb2bcaac5e37c71ed4644754cdaab692bf74a

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569051
etag: "62f2a79a770caf4f38e58fd5c4a91f5f"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2453
x-amz-cf-id: TFqYqUxskU9radnyEvc-M-XWQUkwDsywKK68c4M1MIbrwOCLVT9o9w==

GET
H2 200 trustly.png
images.ctfassets.net/kijvoxi4q0zn/4ZgGhzEvv2ACeAACUQUWKA/8ef5a9eef0ff01ed2aba14e77ba09db4/ 3 KB
3 KB 48ms
44ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/4ZgGhzEvv2ACeAACUQUWKA/8ef5a9eef0ff01ed2aba14e77ba09db4/trustly.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: db5448c194812ce8efad1c59985d077940ff131ebfba8d0f3232791136589ae2

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:31 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569052
etag: "e6c9bee5471fa317b7298fce8ebe5e5b"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3157
x-amz-cf-id: 0kiEeJ_jucA94xy72Xf06ATK2-48XWx4ieh2VBSG-fkSLA_fcZTxKg==

GET
H2 200 skrill.png
images.ctfassets.net/kijvoxi4q0zn/c9n7WDRBqosmIY4E2ugQa/7c26eb0f1c21cdd89d87720931f56e3d/ 2 KB
3 KB 65ms
62ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/c9n7WDRBqosmIY4E2ugQa/7c26eb0f1c21cdd89d87720931f56e3d/skrill.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 145f3844ee4625769479e42ed319920f5e1d65350ce8798bf44c899ef0034793

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569051
etag: "b68c991eb7ce56009d8cf05ffccbc54f"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2476
x-amz-cf-id: 74C-BGTNhBeyWpB8mmjp-B6cH0rU4jdREKyGu1f8e5xWaF7DjKDwlw==

GET
H2 200 neteller.png
images.ctfassets.net/kijvoxi4q0zn/5BDClCPzlCK06wcmCgwiIK/809768fb004de199cf7c9e94386691ae/ 3 KB
3 KB 66ms
62ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/5BDClCPzlCK06wcmCgwiIK/809768fb004de199cf7c9e94386691ae/neteller.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 21b0443189f0b628070b7b4fae484173a0edb5c031136340a6935b6b9c0eb73b

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 02 Nov 2018 18:06:25 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 5679898
etag: "5274c381b9bb26fb04edf7e4aa0cb3bd"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2893
x-amz-cf-id: DVuYSOxY-bKR-4DLeUWZpTtecekirwWA2HzHZEhHuzA1TbPdXRvjgA==

GET
H2 200 EGR-Nordics-CasinoOperator-2017.png
images.ctfassets.net/kijvoxi4q0zn/6f6dOX7sD6Q8ukcwOwMykE/ada4ae647e5ef6cdd7587ae7dc0b49bd/ 32 KB
32 KB 67ms
64ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/6f6dOX7sD6Q8ukcwOwMykE/ada4ae647e5ef6cdd7587ae7dc0b49bd/EGR-Nordics-CasinoOperator-2017.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: f2902780cf44600bf868dd9ec81ba7862abec95b97cff8651762bf1a8b90dfb8

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:31 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569051
etag: "9705e60efb9329a3514ac4df0a1b889b"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 32306
x-amz-cf-id: x24vxsnxe0q4O94VFyTdsh_A-1wfgo2rFVjspLMjXYDGH-PA0Tf8Rw==

GET
H2 200 EGR-Nordics-CasinoOperator-2016.png
images.ctfassets.net/kijvoxi4q0zn/4yEYKbj8JWEC2Gc02QuuWY/8b42c8e676005e55fe3deb01ccef0837/ 32 KB
32 KB 71ms
69ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/4yEYKbj8JWEC2Gc02QuuWY/8b42c8e676005e55fe3deb01ccef0837/EGR-Nordics-CasinoOperator-2016.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0c48b773fbf650a8222bc9b7beaaff31923a67e2adc29f42e15ac46c677d85cc

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:31 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569052
etag: "ad9a7d687628c9928fbd2ed7aa364af2"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 32551
x-amz-cf-id: j-Bk4A2T0iL2Eh9QWn1WxO3TZI0BOt8C-jgj8Ku-f9QIr_lRuyKhww==

GET
H2 200 iphonex-app.218eb622.png
promo.leovegas.com/static/ 66 KB
66 KB 8ms
6ms Image
image/png 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.leovegas.com/static/iphonex-app.218eb622.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d24:5001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

e5b74ea28e08ec3cfc168a3d8179d4b528514e6ddd2f87af11797d126e507a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /static/iphonex-app.218eb622.png
pragma: no-cache
cookie: visid_incap_1837241=6ByFzQMpQ6CSqHRaK+hXLjk9M1wAAAAAQUIPAAAAAAA+mhgtdMN5JvuIsX4Ci+p1; incap_ses_767_1837241=vEGrJILQ9ze8Cb0WHO+kCjk9M1wAAAAA/rZWpBzUV9NsL6kR5JBfuA==
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nf-request-id: fe3bb98f-c50c-4e0a-b14b-218907197180-23822
date: Mon, 07 Jan 2019 11:27:37 GMT
server: Netlify
age: 1425
etag: "3439b0ed97d596f841835483a26a610e-ssl"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 67225
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 mga.png
images.ctfassets.net/kijvoxi4q0zn/2Uc4dcnb0cUSEgUqKeYmk8/5549d2a0745b2483ea3e5fbea1422682/ 4 KB
4 KB 73ms
71ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/2Uc4dcnb0cUSEgUqKeYmk8/5549d2a0745b2483ea3e5fbea1422682/mga.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 2ede25a0ac2405841be39bb212ab00eb1db622ae8c06a6cbfa1f21cc20a94bf6

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569051
etag: "9f179ffc68cc8efa5a8dc6d543c42f10"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3665
x-amz-cf-id: E-cLpOQkZrcBm0lhx4jcT--iwtNgLloaJe1r8pdfdEWtuFMLYxKYOQ==

GET
H2 200 gambling-commission.png
images.ctfassets.net/kijvoxi4q0zn/4Nb9hNN54c4S0oiCUa4ESm/c6602fe3b62546091d35592a4273c530/ 6 KB
6 KB 73ms
71ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/4Nb9hNN54c4S0oiCUa4ESm/c6602fe3b62546091d35592a4273c530/gambling-commission.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 5ffe45acf226a47230a5c69a51c1675b02ec885015106de4af29eec99961fc0a

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569051
etag: "19e7e8eaf95d3d620d7824eae5b3ab8b"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 5888
x-amz-cf-id: yFGszZuRaH8_uu4guS9RukIDq00CvqQn9zJ-KtoTmmi1mowlrkkvqg==

GET
H2 200 license3.png
images.ctfassets.net/kijvoxi4q0zn/1QrpFMgzA4ea8gYcOmus4q/4f46552fd36bb194b222f0b6c252154a/ 6 KB
6 KB 74ms
72ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/1QrpFMgzA4ea8gYcOmus4q/4f46552fd36bb194b222f0b6c252154a/license3.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a63d3c65ea6fb8f61859c63e4f4b966c2ffaca62733d62064acf7fcc82d0b5e8

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 07 Nov 2018 00:07:36 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 5312627
etag: "0b78d1564ae1add09bba65d11ed32bc7"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 6324
x-amz-cf-id: fnKPKLAV4KC7rebWckEgu0hV6RR_4C7mv4yUGenQ6WknXLZgPNP8gQ==

GET
H2 200 eu.png
images.ctfassets.net/kijvoxi4q0zn/2nPMd5FgoYGmgmQic6QcoK/41fbb4126551a01649fc1c471864cdd8/ 4 KB
4 KB 74ms
72ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/2nPMd5FgoYGmgmQic6QcoK/41fbb4126551a01649fc1c471864cdd8/eu.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b855baad3ab0ad04962f7f418073e6a433589e52c45c9077e82d0786077e6329

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 02 Nov 2018 18:01:42 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 5680181
etag: "3345ac39791029391aba953adb6c54e8"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3664
x-amz-cf-id: 043E4dWQSs4cP9vV-UEc60HOXIWygqQRdyIQBY9AiSy9_tZi8-71Hw==

GET
H2 200 begambleaware.png
images.ctfassets.net/kijvoxi4q0zn/4n5itn9bJeauCqAYGIYEc8/54f339e439f7b365d8a19824aefafbb5/ 5 KB
5 KB 75ms
73ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/4n5itn9bJeauCqAYGIYEc8/54f339e439f7b365d8a19824aefafbb5/begambleaware.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 02920491695411e238e7fbc665cb602f6f314db84721495b6d5c10b452fc9e59

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 02 Nov 2018 18:01:42 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 5680181
etag: "3c8fe3f2334e33daa00c0aac5ad53975"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 5187
x-amz-cf-id: Xct6aRj-b7vdViA2NNN7musAcv7XJzwNRT_guqyRSj0D6QaOW5ckvA==

GET
H2 200 gamcare.png
images.ctfassets.net/kijvoxi4q0zn/62kAEz4BsAEqeaCI2ciGss/6e22bf0f1696b261eeddf0a5916cfd40/ 3 KB
3 KB 75ms
73ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/62kAEz4BsAEqeaCI2ciGss/6e22bf0f1696b261eeddf0a5916cfd40/gamcare.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 6e1587a49a2d4640c0936ab3c7b63bc37d4186b4033ecefd256bc7c1f982bb9f

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569051
etag: "ad6b57b26bbacb687f3603f27855ecc6"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2783
x-amz-cf-id: KWpdoHRDV3dCYn-P9qu0FO1PcVQg0gYUuIc10vksM60eU-tsEmkWBw==

GET
H2 200 ga.png
images.ctfassets.net/kijvoxi4q0zn/59JQfnohhYqM2oI0wgOQoq/26fdfac0b667ea33c73f2145447f5cf1/ 3 KB
3 KB 75ms
73ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/59JQfnohhYqM2oI0wgOQoq/26fdfac0b667ea33c73f2145447f5cf1/ga.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0ab3d4ad2b0c990a9de580274dd61f2c4d4369f3b1d81a2ca1def837327bd24f

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569051
etag: "52ef383d695dcb79c5a345367acff73e"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2717
x-amz-cf-id: 7XqXVOuiEDPNtFpi1rxM3Hc5TiiEwVcXc0besS_FCnwpGx7SToeG3A==

GET
H2 200 leosafeplay.png
images.ctfassets.net/kijvoxi4q0zn/7o9AdRaiWWyKm2A0qWmi62/94f9d8aa5b81a09b5d64fedadfdf07bb/ 3 KB
4 KB 76ms
74ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/7o9AdRaiWWyKm2A0qWmi62/94f9d8aa5b81a09b5d64fedadfdf07bb/leosafeplay.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 617d2a8d89bbdbebbe32227d6a72072658bce3da4a04fc704044e92bff2f9106

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:40:32 GMT
via: 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4569051
etag: "7ebf07cbf623c5893084c393bbc9d588"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 3552
x-amz-cf-id: Fvf_vOfkVdxHyDEwV3UYDpZVgjc_kS1tTp5LFPRPDVsZEVIs1k6h6w==

GET
H2 200 hotjar-150438.js Show response
static.hotjar.com/c/ 2 KB
1 KB 19ms
18ms Script
application/javascript 147.75.83.23
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-150438.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.23 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-21

Software

Resource Hash

47c7be6a01f296e4b0374f0a11ba2e1d5145a30f014fa03b78ef573cee8df0e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 11:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
etag: W/052ba18292fa0e3b23c58ab51beffe2d
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=60
section-io-origin-time-seconds: 0.050
section-io-origin-status: 304
accept-ranges: bytes
section-io-id: 2c1035b2ca8046fbddf3609113f9384c
content-length: 941

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 3736
date: Mon, 07 Jan 2019 10:49:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Mon, 07 Jan 2019 12:49:06 GMT

GET
DATA 200
OK truncated
/ 548 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e33f8f81b6ba762ee90e950a44b9d4cc2d581b50862db36dfa2fc7cb1ee1ef5

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 788 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd5de0cd31374f449cb6a66ebcf87b0d732a9fe3af8fe3dc4c4df1638b24040b

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccac1881f0aa30ce6e0b27faca92813dec7f738c9bc477de7f0ff3cd97d80e4d

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc3aa232da577d5cd0e40070a0cfce5bba8255e505e115c79cd6ab180b5c1e03

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1aa27217bcc70dcac6d0771b3691f0fb7cad2b3d789c9c5a68ae3343a8f8189

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a62f202a036f31afbe29957893501fd9788b8b7da68fd937f09a4748c80dfe24

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 178070bb42e889b14f1aaf839aeaa6ca553bd92ebd98c918f4f2f4ebda54f655

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 558 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7432ef865494c910726e0e9b7f4cd34d33ffd95a0804dfae8695872794a11e87

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1006 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c4e40525446376e67437bb87b5e547a5113d20ec4281de744b1f17beb18a388

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 593 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ade492e71a709b0ae66a7d625ab7114a519ad73726eb8d079510e5af293a8f2b

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff

Request headers

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a32cf4cbacae0c02bd7047d9cd93b4a95ae9bfde846b27699bd643c0909eed34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin: https://promo.leovegas.com

Response headers

date: Wed, 02 Jan 2019 16:00:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:04 GMT
server: sffe
age: 417076
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10752
x-xss-protection: 1; mode=block
expires: Thu, 02 Jan 2020 16:00:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin: https://promo.leovegas.com

Response headers

date: Tue, 18 Dec 2018 20:45:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 1695951
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10748
x-xss-protection: 1; mode=block
expires: Wed, 18 Dec 2019 20:45:31 GMT

GET
H2 200 Roboto-ExtraBlack.625fcf1e.ttf
promo.leovegas.com/static/ 41 KB
23 KB 6ms
6ms Font
application/x-font-ttf 2a03:b0c0:3:d0::d24:5001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/static/Roboto-ExtraBlack.625fcf1e.ttf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a03:b0c0:3:d0::d24:5001 , Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),

Reverse DNS

Software

Netlify /

Resource Hash

6a32e11a4c8e46e4b95553e27f336bc3ff424298cb36b814dd5f8b793a06ce8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /static/Roboto-ExtraBlack.625fcf1e.ttf
pragma: no-cache
cookie: visid_incap_1837241=6ByFzQMpQ6CSqHRaK+hXLjk9M1wAAAAAQUIPAAAAAAA+mhgtdMN5JvuIsX4Ci+p1; incap_ses_767_1837241=vEGrJILQ9ze8Cb0WHO+kCjk9M1wAAAAA/rZWpBzUV9NsL6kR5JBfuA==
origin: https://promo.leovegas.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: promo.leovegas.com
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Origin: https://promo.leovegas.com

Response headers

x-nf-request-id: fe3bb98f-c50c-4e0a-b14b-218907197180-23839
date: Mon, 07 Jan 2019 11:29:09 GMT
content-encoding: gzip
server: Netlify
age: 1333
etag: "6784df36e1e032fbfb3203203914be4f-ssl-df"
vary: Accept-Encoding
content-type: application/x-font-ttf
status: 200
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 23107
x-nf-srv-version: 45aaffea081549dd03a2dfff644cc25cf522edbd

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin: https://promo.leovegas.com

Response headers

date: Wed, 19 Dec 2018 07:34:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:47 GMT
server: sffe
age: 1657023
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10876
x-xss-protection: 1; mode=block
expires: Thu, 19 Dec 2019 07:34:19 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v18/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

556e09ad66d48078d2ea341eff36e93dafdb56fed15e9d92e052a7cb3910e2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700i,900,900i
Origin: https://promo.leovegas.com

Response headers

date: Fri, 21 Dec 2018 06:20:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:10 GMT
server: sffe
age: 1488641
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12368
x-xss-protection: 1; mode=block
expires: Sat, 21 Dec 2019 06:20:41 GMT

GET
H2 403 / Show response
api.ipdata.co/ 242 B
436 B 71ms
30ms Fetch
application/json 52.28.139.186
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipdata.co/?api-key=f57a5807a806a30fca7a1097e6da2f6be45f127b40dd5b2fd5d1522b
Requested by: Host: imaxil.com
URL: https://imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/333819870
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.139.186 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-139-186.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c0b1ac7771517e5cb3ad55591c29b1da860791154ce96edc4bcf0242744281ae

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Origin: https://promo.leovegas.com

Response headers

date: Mon, 07 Jan 2019 11:51:22 GMT
x-amzn-errortype: AccessDeniedException
x-amzn-requestid: 8dbc2451-1272-11e9-af89-dd66e0dee203
status: 403
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: TIaBJGM8FiAFemg=
content-length: 242

GET
H2 200 V6Ypw6efpoaSVmqGyBi5NJ.json Show response
cdn.optimizely.com/datafiles/ 4 KB
2 KB 24ms
10ms Fetch
text/javascript 2a02:26f0:6c00:19b::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/V6Ypw6efpoaSVmqGyBi5NJ.json

Requested by

Host: promo.leovegas.com
URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:19b::13b8 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ead8fb782159aef821427834daeb3af3b8181704cb5e1f5838ce87c4002d2930

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Origin: https://promo.leovegas.com

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: W9TnwjNfIgrhwOrxeQWR1X4ExrY1BwC0
content-encoding: gzip
etag: "bfb5ce96827071855d09fef621bf10a2"
x-amz-request-id: 48C080BAE7D1C04D
status: 200
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD, OPTIONS
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:19b::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 989
x-amz-id-2: qDDf6278BqFMM1iVcmeETFyicOcGH+0zSbZP3PfR0eU7q6rmaF/yCU/wzcKgvza2EHNtEtyOCPg=
last-modified: Thu, 03 Jan 2019 16:37:03 GMT
server: AmazonS3
date: Mon, 07 Jan 2019 11:51:22 GMT
access-control-max-age: 604800
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=118
access-control-allow-credentials: false
x-amz-meta-revision: 52
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 / Show response
track.adform.net/serving/scripts/trackpoint/async/ 76 KB
30 KB 60ms
60ms Script
text/javascript 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/scripts/trackpoint/async/
Requested by: Host: imaxil.com
URL: https://imaxil.com/198bf62525341e1800/9b-1077316-943617-45271-10887-/333819870
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 11:51:22 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
content-type: text/javascript; charset=utf-8
content-length: 30712
expires: Mon, 14 Jan 2019 11:51:22 GMT

GET
H2 200 modules-7a2af0bafcdf53862096fda2ab592bdf.js Show response
script.hotjar.com/ 399 KB
81 KB 75ms
24ms Script
application/javascript 147.75.80.178
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules-7a2af0bafcdf53862096fda2ab592bdf.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-150438.js?sv=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.80.178 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-25

Software

Resource Hash

742bd63cde4a3dccac1860ea299ba7b1ab32a00a73f1fe2abbbc4ebe19103902

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 11:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Jan 2019 08:41:16 GMT
access-control-allow-origin: *
etag: W/"7a2af0bafcdf53862096fda2ab592bdf"
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.042
content-length: 82208
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 66d51678dd69e2bc490b0bdcead9ebcf
x-amz-version-id: F0slmQYgxqi7v3YzAO3dVs5eLevCQQWq

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 17ms
17ms Image
image/gif 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j72&aip=1&a=887194476&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526tracking%255Fvariable%25253D801719892%252526unique%255Ftransaction%255Fid%25253D471253%252526pid%25253D3596701%252526bid%25253D13186&dr=https%3A%2F%2Fimaxil.com%2F198bf62525341e1800%2F9b-1077316-943617-45271-10887-%2F333819870&dp=%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526tracking%255Fvariable%25253D801719892%252526unique%255Ftransaction%255Fid%25253D471253%252526pid%25253D3596701%252526bid%25253D13186&ul=en-us&de=UTF-8&dt=Casino%20f%C3%BCr%20Mobilger%C3%A4te%20und%20Online-Casino%20-%20Spielen%20Sie%20Casino-Spiele%20online%20oder%20auf%20Ihrem%20Mobilger%C3%A4t%20%7C%20LeoVegas%20Casino&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ci=661653&cn=13186&cs=661653&cm=affiliate&_u=YEBAAEAB~&jid=588382544&gjid=1429849733&cid=935970963.1546861883&tid=UA-25600410-30&_gid=894126988.1546861883&_r=1&gtm=2wgbc0WGS5KD&cd1=661653&cd3=3596701&cd4=leo&cd7=de&z=2125174279

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jan 2019 11:51:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DE_-_New_BoD-_LP_pop_up_paypal.png
images.ctfassets.net/kijvoxi4q0zn/1B5mtmyuEge4YyymckMo6C/805733bf8a4efb2bb936c07a803471bc/ 192 KB
192 KB 10ms
9ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/1B5mtmyuEge4YyymckMo6C/805733bf8a4efb2bb936c07a803471bc/DE_-_New_BoD-_LP_pop_up_paypal.png?w=635&h=210&q=50
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c27655230d3d38cff2a504b0286d5d583c4aca4ed6efb6bd5b493a1726f615b8

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:42:14 GMT
via: 1.1 varnish, 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4568948
etag: "33422541f80cdcc02523c437530ebe28"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 196119
x-amz-cf-id: -DMSIr_TcDuyZbBBhIuijFnZP-dXN7Ka4cmKWCbClb-P3a-4D3bA9g==

GET
H2 200 DE_Casino_Desktop_.png
images.ctfassets.net/kijvoxi4q0zn/1oIrQIQwuQIQyA0G8AQyYC/c7c4194d3ff2e0981eef3b9ce9887bdf/ 3 MB
3 MB 10ms
10ms Image
image/png 2600:9000:200c:6a00:12:94b3:c380:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/1oIrQIQwuQIQyA0G8AQyYC/c7c4194d3ff2e0981eef3b9ce9887bdf/DE_Casino_Desktop_.png?w=1920&h=1080&q=50
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0cbffceeee02084e8fdd49271f763d11f58d87eb1fc3e5d14b1cb30ef75dd552

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 15 Nov 2018 14:42:45 GMT
via: 1.1 varnish, 1.1 35df23774438ec8a6c97dd0fb08fcb73.cloudfront.net (CloudFront)
server: Contentful Images API
age: 4568917
etag: "bf9fc0dd573f475288f927cf19ce9792"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
access-control-allow-origin: *
content-length: 2680520
x-amz-cf-id: mpE8aK5Su2TuBTMZA27dObpqpJHg9GStW4fsDXjrnoIYy3w_8a4EGg==

GET
H2 200 rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
vars.hotjar.com/ Frame DD46 0
0 74ms
17ms Document
text/html 147.75.204.215
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-150438.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.204.215 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-22
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186

Response headers

status: 200
date: Mon, 07 Jan 2019 11:51:22 GMT
content-type: text/html
content-length: 857
cache-control: max-age=31536000
last-modified: Wed, 26 Dec 2018 17:42:40 GMT
x-amz-version-id: r21unyjRaeSnpbfdAFfXa49OG_A_M8ik
section-io-origin-status: 200
section-io-origin-time-seconds: 0.038
etag: W/"da10bd4908deb9e19dfde013ec3fe4ff"
content-encoding: gzip
accept-ranges: bytes
section-io-id: d895908bcb1a670b9f8094fdfe1a8400

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 18 KB
9 KB 31ms
30ms Script
text/javascript 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7C&ord=775585552145&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fimaxil.com%2F198bf62525341e1800%2F9b-1077316-943617-45271-10887-%2F333819870&ADFtpmode=2&loc=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: d5abec9be7a0d47daad01036cbcffbe2215a3ccd87277d5ae869761beb33d770

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jan 2019 11:51:22 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 8727
expires: -1

GET
H2 200 / Show response
track.adform.net/wpf/v2/7la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... 3 KB
2 KB 36ms
35ms Script
text/javascript 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/wpf/v2/7la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2FrYelnbgPrabmOneNufuyPBDjaY2ftckuyPB884akHGOg4B36J0TjKF49ik.uJtHoqvynx9MsFyxYM914Ve_clr9kkkJuJtG2hiwdMtXjp9y85icCmVWN9e4WX3NlY5DtI25BNkOmqw0GY5aw7vrNidNc1lF4XVA4.L9.gJ0Nc0KXV4.hL9.KHpNc5jaYZtNc5jaYZtNc0FAKXV4.hL9.LxU..4R./serving/trackpoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7c&ord=775585552145&Set1=en-US%7cen-US%7c1600x1200%7c24&CPref=https%3a%2f%2fimaxil.com%2f198bf62525341e1800%2f9b-1077316-943617-45271-10887-%2f333819870&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526&catdt=0
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 4bb697dee56b4fcd6721210588a87cbaa3da180586e87188d9407c0d6d428885

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jan 2019 11:51:22 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 1796
expires: -1

GET
H2 200 /
track.adform.net/serving/container/ Frame 59D6 0
0 30ms
30ms Document
text/html 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/container/?pm=497538&lid=31340545&ctype=0&media=0&PageName=mc-casino-lp&rnd=1289732158&cpref=https%3a%2f%2fimaxil.com%2f198bf62525341e1800%2f9b-1077316-943617-45271-10887-%2f333819870&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526tracking%255Fvariable%25253D801719892%252526unique%255Ftransaction%255Fid%25253D471253%252526pid%25253D3596701%252526bid%25253D13186
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: track.adform.net
:scheme: https
:path: /serving/container/?pm=497538&lid=31340545&ctype=0&media=0&PageName=mc-casino-lp&rnd=1289732158&cpref=https%3a%2f%2fimaxil.com%2f198bf62525341e1800%2f9b-1077316-943617-45271-10887-%2f333819870&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526tracking%255Fvariable%25253D801719892%252526unique%255Ftransaction%255Fid%25253D471253%252526pid%25253D3596701%252526bid%25253D13186
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
accept-encoding: gzip, deflate, br
cookie: cid=-5750631979060554427,0,0,0,0; uid=-5750631979060554427
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186

Response headers

status: 200
server: nginx
date: Mon, 07 Jan 2019 11:51:22 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 12 KB
6 KB 110ms
19ms Script
application/x-javascript 35.177.2.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/wpf/v2/7la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2FrYelnbgPrabmOneNufuyPBDjaY2ftckuyPB884akHGOg4B36J0TjKF49ik.uJtHoqvynx9MsFyxYM914Ve_clr9kkkJuJtG2hiwdMtXjp9y85icCmVWN9e4WX3NlY5DtI25BNkOmqw0GY5aw7vrNidNc1lF4XVA4.L9.gJ0Nc0KXV4.hL9.KHpNc5jaYZtNc5jaYZtNc0FAKXV4.hL9.LxU..4R./serving/trackpoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7c&ord=775585552145&Set1=en-US%7cen-US%7c1600x1200%7c24&CPref=https%3a%2f%2fimaxil.com%2f198bf62525341e1800%2f9b-1077316-943617-45271-10887-%2f333819870&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526&catdt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.2.75 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-177-2-75.eu-west-2.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 11:51:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07-Jan-2019 11:51:22 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Mon, 14 Jan 2019 11:51:22 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
5 KB 103ms
40ms Script
application/javascript 2a00:1288:7c:800::4001
YAHOO-ULS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: track.adform.net
URL: https://track.adform.net/wpf/v2/7la44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2FrYelnbgPrabmOneNufuyPBDjaY2ftckuyPB884akHGOg4B36J0TjKF49ik.uJtHoqvynx9MsFyxYM914Ve_clr9kkkJuJtG2hiwdMtXjp9y85icCmVWN9e4WX3NlY5DtI25BNkOmqw0GY5aw7vrNidNc1lF4XVA4.L9.gJ0Nc0KXV4.hL9.KHpNc5jaYZtNc5jaYZtNc0FAKXV4.hL9.LxU..4R./serving/trackpoint/?pm=497538&ADFPageName=mc-casino-lp&ADFdivider=%7c&ord=775585552145&Set1=en-US%7cen-US%7c1600x1200%7c24&CPref=https%3a%2f%2fimaxil.com%2f198bf62525341e1800%2f9b-1077316-943617-45271-10887-%2f333819870&ADFtpmode=2&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526&catdt=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:7c:800::4001 , United Kingdom, ASN43428 (YAHOO-ULS, GB),

Reverse DNS

Software

ATS /

Resource Hash

bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 11:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Accept-Encoding
content-length: 4111
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Oct 2018 11:04:14 GMT
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
via: http/1.1 spdc0013.pbp.ir2.yahoo.com (ApacheTrafficServer), https/1.1 e19.ycpi.lob.yahoo.com (ApacheTrafficServer [cMsSf ])
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges: bytes

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
449 B 111ms
31ms Script
application/x-javascript 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&d=Mon%2C%2007%20Jan%202019%2011%3A51%3A22%20GMT&n=0&b=Casino%20f%C3%BCr%20Mobilger%C3%A4te%20und%20Online-Casino%20-%20Spielen%20Sie%20Casino-Spiele%20online%20oder%20auf%20Ihrem%20Mobilger%C3%A4t%20%7C%20LeoVegas%20Casino&.yp=10064881&f=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526tracking%255Fvariable%25253D801719892%252526unique%255Ftransaction%255Fid%25253D471253%252526pid%25253D3596701%252526bid%25253D13186&e=https%3A%2F%2Fimaxil.com%2F198bf62525341e1800%2F9b-1077316-943617-45271-10887-%2F333819870&enc=UTF-8

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 11:51:22 GMT
via: http/1.1 spdc0027.pbp.ir2.yahoo.com (ApacheTrafficServer)
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Mon, 07 Jan 2019 11:51:22 GMT

GET
H2 200 rules-p-qv3RqfmexMYyL.js Show response
rules.quantcount.com/ 741 B
1 KB 259ms
218ms Script
application/x-javascript 2600:9000:200c:f000:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-qv3RqfmexMYyL.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:f000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3cb39e0ced352a1ba59a392589953e3ad7a1520a6e92fd65b9e676c48ecdad48

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 07 Jan 2019 11:45:59 GMT
via: 1.1 e7c35757c4581d46396ae4c0a48815ef.cloudfront.net (CloudFront)
last-modified: Tue, 29 May 2018 13:38:10 GMT
server: AmazonS3
age: 324
etag: "8f941d23a1f316fadd6bc7fb6b5233f2"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 741
x-amz-cf-id: a7H8D-TGgSNZZH2XYBaI8r1BYo7GkUyn8JQ6LaGpKhJV1mntbBtpQQ==

GET
H/1.1 200
OK pixel;r=358103214;labels=_fp.event.Homepage;rf=0;a=p-qv3RqfmexMYyL;url=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526track...
pixel.quantserve.com/ 35 B
479 B 108ms
21ms Image
image/gif 35.177.70.111
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=358103214;labels=_fp.event.Homepage;rf=0;a=p-qv3RqfmexMYyL;url=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D661653%255FBE2C47C1652B4940A8CCBCAFB2ABA06F%252526tracking%255Fvariable%25253D801719892%252526unique%255Ftransaction%255Fid%25253D471253%252526pid%25253D3596701%252526bid%25253D13186;ref=https%3A%2F%2Fimaxil.com%2F198bf62525341e1800%2F9b-1077316-943617-45271-10887-%2F333819870;fpan=1;fpa=P0-1471121944-1546861883064;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1546861883064;tzo=0;ogl=
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.70.111 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-177-70-111.eu-west-2.compute.amazonaws.com
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 11:51:23 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
410 B 391ms
94ms XHR
text/plain 34.194.168.70
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9430800627.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.168.70 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-194-168-70.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://promo.leovegas.com
Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 07 Jan 2019 11:51:23 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://promo.leovegas.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
244 B 95ms
95ms XHR
text/plain 34.194.168.70
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.168.70 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-194-168-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
Origin: https://promo.leovegas.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://promo.leovegas.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Mon, 07 Jan 2019 11:51:23 GMT
Content-Type: text/plain

GET
H/1.1

200
OK

pixel Show response
ads.creative-serving.com/ul_cb/
Redirect Chain

https://ads.creative-serving.com/pixel?id=3151410&type=js
https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js

1 KB
2 KB

22ms
22ms

Script
text/javascript

104.155.76.175
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.76.175 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 175.76.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b0a2bba15331d68ccd76b44df1d9daba089be9fa170c79251cea8cdea3f74d57

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 11:51:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 1530
Content-Type: text/javascript

Redirect headers

Location: https://ads.creative-serving.com/ul_cb/pixel?id=3151410&type=js
Date: Mon, 07 Jan 2019 11:51:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=505
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=505
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c2588ff4-a914-4a00-8105-9d686d774fc6

1 B
804 B

17ms
17ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c2588ff4-a914-4a00-8105-9d686d774fc6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 11:51:32 GMT
X-lat: Pug22064:0:315
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Date: Mon, 07 Jan 2019 11:51:32 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c2588ff4-a914-4a00-8105-9d686d774fc6
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=454
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=454
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=ad5a893d-a49a-4316-8f95-d1950b217e4e&expires=30

42 B
371 B

27ms
26ms

Image
image/gif

213.19.162.90
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=ad5a893d-a49a-4316-8f95-d1950b217e4e&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.90 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 11:51:31 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: bLzRuccbX6qDGlR58khg5A
Expires: 0

Redirect headers

Date: Mon, 07 Jan 2019 11:51:32 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: //pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=ad5a893d-a49a-4316-8f95-d1950b217e4e&expires=30
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1

200
OK

google_sync_status
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=667
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&ssp=&expires=30&user_group=2&cb=667
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=pi7RMx8CQc6-5f39-YN3cg==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDRj8vdNUa-WNxOfLegmm-U&google_cver=1

43 B
346 B

19ms
18ms

Image
image/gif

18.153.11.15
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDRj8vdNUa-WNxOfLegmm-U&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.11.15 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-153-11-15.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 11:51:32 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 43

Redirect headers

pragma: no-cache
date: Mon, 07 Jan 2019 11:51:32 GMT
server: HTTP server (unknown)
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDRj8vdNUa-WNxOfLegmm-U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 316
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
ad.360yield.com/ul_cb/
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=79&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=79&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d

43 B
2 KB

30ms
30ms

Image
image/gif

3.121.161.12
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=79&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.161.12 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-121-161-12.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 11:51:32 GMT
Server: nginx
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Mon, 07 Jan 2019 11:51:32 GMT
Server: nginx
Location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=79&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

gcm
ads.creative-serving.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm=&google_sc=&google_tc=
https://ads.creative-serving.com/gcm?google_gid=CAESELKItfUOd5CUrYyNq6o7KAs&google_cver=1

43 B
615 B

29ms
28ms

Image
image/gif

104.155.76.175
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/gcm?google_gid=CAESELKItfUOd5CUrYyNq6o7KAs&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.76.175 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 175.76.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 11:51:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 07 Jan 2019 11:51:32 GMT
server: HTTP server (unknown)
location: https://ads.creative-serving.com/gcm?google_gid=CAESELKItfUOd5CUrYyNq6o7KAs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 290
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

info2
uip.semasio.net/platform161/1/
Redirect Chain

https://uip.semasio.net/platform161/1/info?sType=sync&sExtCookieId=e7c14185-5aa3-4322-9e6e-705be1c8455d&sInitiator=external
https://uip.semasio.net/platform161/1/info2?sType=sync&sExtCookieId=e7c14185-5aa3-4322-9e6e-705be1c8455d&sInitiator=external

42 B
578 B

30ms
30ms

Image
image/gif

77.66.11.200
NGDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uip.semasio.net/platform161/1/info2?sType=sync&sExtCookieId=e7c14185-5aa3-4322-9e6e-705be1c8455d&sInitiator=external
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 77.66.11.200 , Denmark, ASN16245 (NGDC, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 11:51:32 GMT
Frontend-ID: 1
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin: *
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: image/gif
Content-Length: 42
Routing-Server-ID: 1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 11:51:32 GMT
Frontend-ID: 4
Access-Control-Allow-Origin: *
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /platform161/1/info2?sType=sync&sExtCookieId=e7c14185-5aa3-4322-9e6e-705be1c8455d&sInitiator=external
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 0
Routing-Server-ID: 1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 204
No Content usermatch.gif
beacon.krxd.net/ 0
453 B 141ms
33ms Image
text/plain 176.34.180.203
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=platform161&partner_uid=e7c14185-5aa3-4322-9e6e-705be1c8455d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.180.203 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-180-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 11:51:32 GMT
Cache-Control: private, no-cache, no-store
X-Request-Time: D=58 t=1546861892
Connection: keep-alive
X-Served-By: beacon-n027-dub.krxd.net
P3P: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=172&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=172&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&C=1

43 B
1 KB

41ms
40ms

Image
image/gif

23.211.2.27
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=172&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.2.27 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-211-2-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 11:51:32 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 07 Jan 2019 11:51:32 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 11:51:32 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=172&external_user_id=e7c14185-5aa3-4322-9e6e-705be1c8455d&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 300
Expires: Mon, 07 Jan 2019 11:51:32 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=539091136&val=e7c14185-5aa3-4322-9e6e-705be1c8455d
https://eu-u.openx.net/w/1.0/sd?cc=1&id=539091136&val=e7c14185-5aa3-4322-9e6e-705be1c8455d

43 B
256 B

19ms
18ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=539091136&val=e7c14185-5aa3-4322-9e6e-705be1c8455d
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jan 2019 11:51:32 GMT
server: OXGW/16.117.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Mon, 07 Jan 2019 11:51:32 GMT
server: OXGW/16.117.2
content-length: 0
location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=539091136&val=e7c14185-5aa3-4322-9e6e-705be1c8455d
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

2.gif
id5-sync.com/c/101/2/0/
Redirect Chain

https://id5-sync.com/s/101/e7c14185-5aa3-4322-9e6e-705be1c8455d/1.gif
https://id5-sync.com/c/101/101/1/1.gif?puid=e7c14185-5aa3-4322-9e6e-705be1c8455d
https://secure.adnxs.com/getuid?https://id5-sync.com/c/101/2/0/2.gif?puid=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F101%2F2%2F0%2F2.gif%3Fpuid%3D%24UID
https://id5-sync.com/c/101/2/0/2.gif?puid=4377734178279608837

43 B
1 KB

24ms
23ms

Image
image/gif

54.36.123.231
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id5-sync.com/c/101/2/0/2.gif?puid=4377734178279608837
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.123.231 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS: s03.id5-sync.com
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 07 Jan 2019 11:51:32 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
Transfer-Encoding: chunked
P3P: CP="CAO PSA OUR"

Redirect headers

Pragma: no-cache
Date: Mon, 07 Jan 2019 11:51:34 GMT
AN-X-Request-Uuid: a15d0d1f-53ea-4804-8e4a-546a070ea0b2
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://id5-sync.com/c/101/2/0/2.gif?puid=4377734178279608837
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 246.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.164:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=393426&dpuuid=e7c14185-5aa3-4322-9e6e-705be1c8455d
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=e7c14185-5aa3-4322-9e6e-705be1c8455d

42 B
769 B

34ms
34ms

Image
image/gif

52.213.58.51
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=e7c14185-5aa3-4322-9e6e-705be1c8455d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.58.51 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-213-58-51.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v013-091d0f46c.edge-irl1.demdex.com 5.45.0.20181217095029 3ms
Pragma: no-cache
X-TID: /1e/oJKIQBQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: Ac24V4uPQ3E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=e7c14185-5aa3-4322-9e6e-705be1c8455d
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p161
match.justpremium.com/match/ 43 B
213 B 122ms
34ms Image
image/gif 52.17.150.45
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/p161?ex_uid=e7c14185-5aa3-4322-9e6e-705be1c8455d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.150.45 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-17-150-45.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D661653%5FBE2C47C1652B4940A8CCBCAFB2ABA06F%2526tracking%5Fvariable%253D801719892%2526unique%5Ftransaction%5Fid%253D471253%2526pid%253D3596701%2526bid%253D13186
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 07 Jan 2019 11:51:32 GMT
content-length: 43
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mathtag.com/	1970-01-19 07:06:57	Name: uuid Value: 94f45c33-33b7-4100-a9fb-2833cbb8a19b

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 11:51:22 GMT+0000 (Coordinated Universal Time) OPTIMIZELY: Skipping JSON schema validation.
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 11:51:22 GMT+0000 (Coordinated Universal Time) DECISION_SERVICE: Feature feat-countdown is not attached to any experiments.
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 11:51:22 GMT+0000 (Coordinated Universal Time) DECISION_SERVICE: User GA1.2.935970963.1546861883 is not in any experiment on the feature feat-countdown.
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 11:51:22 GMT+0000 (Coordinated Universal Time) DECISION_SERVICE: User GA1.2.935970963.1546861883 does not meet conditions to be in experiment 12254991910.
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 11:51:22 GMT+0000 (Coordinated Universal Time) DECISION_SERVICE: User GA1.2.935970963.1546861883 is not in rollout of feature feat-countdown.
console-api	log	URL: https://promo.leovegas.com/commons-e581d391b4e7d1ecdb55.js(Line 6) Message: [OPTIMIZELY] - DEBUG Mon Jan 07 2019 11:51:22 GMT+0000 (Coordinated Universal Time) OPTIMIZELY: Feature feat-countdown is not enabled for user GA1.2.935970963.1546861883.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.creative-serving.com
ads.leovegas.com
api.ipdata.co
beacon.krxd.net
biz.99prefixes.com
cdn.optimizely.com
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
errors.client.optimizely.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
id5-sync.com
images.ctfassets.net
imaxil.com
leo-promo-redirect-service.herokuapp.com
match.justpremium.com
pixel.quantserve.com
pixel.rubiconproject.com
promo.leovegas.com
rules.quantcount.com
s.yimg.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
sp.analytics.yahoo.com
static.hotjar.com
track.adform.net
uip.semasio.net
vars.hotjar.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
104.155.76.175
107.154.248.103
147.75.204.215
147.75.80.178
147.75.83.23
173.241.240.143
176.34.180.203
176.9.114.175
18.153.11.15
18.153.11.21
185.64.189.110
188.125.66.33
213.19.162.90
216.58.210.2
23.211.2.27
2600:9000:200c:6a00:12:94b3:c380:93a1
2600:9000:200c:f000:6:44e3:f8c0:93a1
2a00:1288:7c:800::4001
2a00:1450:4001:808::200a
2a00:1450:4001:819::2008
2a00:1450:4001:81f::2003
2a00:1450:4001:821::200e
2a02:26f0:6c00:183::13b8
2a02:26f0:6c00:19b::13b8
2a03:b0c0:3:d0::d24:5001
3.121.161.12
34.194.168.70
35.177.2.75
35.177.70.111
37.157.6.252
37.252.172.39
52.17.150.45
52.18.165.114
52.213.58.51
52.28.139.186
54.36.123.231
66.70.251.114
77.66.11.200
02920491695411e238e7fbc665cb602f6f314db84721495b6d5c10b452fc9e59
07950126143ed2c7b9406fbe4b8e0974cf6555a4a099a69d4f811e8afd2e8ac9
0ab3d4ad2b0c990a9de580274dd61f2c4d4369f3b1d81a2ca1def837327bd24f
0c48b773fbf650a8222bc9b7beaaff31923a67e2adc29f42e15ac46c677d85cc
0cbffceeee02084e8fdd49271f763d11f58d87eb1fc3e5d14b1cb30ef75dd552
145f3844ee4625769479e42ed319920f5e1d65350ce8798bf44c899ef0034793
16987eaef0f4c447416e90e00afdd5790d8cef420e9b30cbca79624b6b4e6720
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
178070bb42e889b14f1aaf839aeaa6ca553bd92ebd98c918f4f2f4ebda54f655
21b0443189f0b628070b7b4fae484173a0edb5c031136340a6935b6b9c0eb73b
21bb3c933ccc576c2f6d75e583fbb2bcaac5e37c71ed4644754cdaab692bf74a
273960782964d6c98b7784d94eef99d63d8bf70c80a48a3d77da0c8191989c39
2c4e40525446376e67437bb87b5e547a5113d20ec4281de744b1f17beb18a388
2ede25a0ac2405841be39bb212ab00eb1db622ae8c06a6cbfa1f21cc20a94bf6
3cb39e0ced352a1ba59a392589953e3ad7a1520a6e92fd65b9e676c48ecdad48
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
47c7be6a01f296e4b0374f0a11ba2e1d5145a30f014fa03b78ef573cee8df0e3
4bb697dee56b4fcd6721210588a87cbaa3da180586e87188d9407c0d6d428885
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541035dd15ae8d0697ff07400959ffd6927c84cc918b639942d5aa36ff3c9057
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556e09ad66d48078d2ea341eff36e93dafdb56fed15e9d92e052a7cb3910e2e9
56c0991ebc43b18ddb9e50c64d519e535dfb3fc72118d972a4ac6ec697eaca26
5e33f8f81b6ba762ee90e950a44b9d4cc2d581b50862db36dfa2fc7cb1ee1ef5
5ffe45acf226a47230a5c69a51c1675b02ec885015106de4af29eec99961fc0a
617d2a8d89bbdbebbe32227d6a72072658bce3da4a04fc704044e92bff2f9106
6a32e11a4c8e46e4b95553e27f336bc3ff424298cb36b814dd5f8b793a06ce8a
6e1587a49a2d4640c0936ab3c7b63bc37d4186b4033ecefd256bc7c1f982bb9f
742bd63cde4a3dccac1860ea299ba7b1ab32a00a73f1fe2abbbc4ebe19103902
7432ef865494c910726e0e9b7f4cd34d33ffd95a0804dfae8695872794a11e87
756b31040530b22c1613e587d3576572aca537922495a816d644736e8fad454a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a32cf4cbacae0c02bd7047d9cd93b4a95ae9bfde846b27699bd643c0909eed34
a62f202a036f31afbe29957893501fd9788b8b7da68fd937f09a4748c80dfe24
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
a63d3c65ea6fb8f61859c63e4f4b966c2ffaca62733d62064acf7fcc82d0b5e8
a662b48f5c2363b832340eb5288af5df0ac51cdb4231785c0df2e18b335c959f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ade492e71a709b0ae66a7d625ab7114a519ad73726eb8d079510e5af293a8f2b
ae42dac54a6274ba896e594084b86d586253f896f85d6a80cef866e408741095
b0a2bba15331d68ccd76b44df1d9daba089be9fa170c79251cea8cdea3f74d57
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14a7f9c486e98dee1363e7fe513bfb4a1f85cccd620aa93f9492c9b1669c70d
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b855baad3ab0ad04962f7f418073e6a433589e52c45c9077e82d0786077e6329
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
c0b1ac7771517e5cb3ad55591c29b1da860791154ce96edc4bcf0242744281ae
c27655230d3d38cff2a504b0286d5d583c4aca4ed6efb6bd5b493a1726f615b8
ccac1881f0aa30ce6e0b27faca92813dec7f738c9bc477de7f0ff3cd97d80e4d
ce6756a7c10ff1f8be82a1e4e94a18bb8e68c2f19df87df9cb8168c6dda2fd5a
d5abec9be7a0d47daad01036cbcffbe2215a3ccd87277d5ae869761beb33d770
d638522ee69bf4b6b86fe37164570c5cc7952af7eec5d9aceb59954bb0228ffc
d8b1ce7fde9147b1d854684afb0cc45b8e21850539f71874afe8f73ed15adc96
db5448c194812ce8efad1c59985d077940ff131ebfba8d0f3232791136589ae2
e284438544a876c0c8d39067257088ab68a0b97942957b91e486eb8d738d1136
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b74ea28e08ec3cfc168a3d8179d4b528514e6ddd2f87af11797d126e507a6a
ead8fb782159aef821427834daeb3af3b8181704cb5e1f5838ce87c4002d2930
eccce4d3d8f23b6d31ca45a26dc910311dd9425b8667e9f5c5c11a05d791e33d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1aa27217bcc70dcac6d0771b3691f0fb7cad2b3d789c9c5a68ae3343a8f8189
f2902780cf44600bf868dd9ec81ba7862abec95b97cff8651762bf1a8b90dfb8
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559
fc3aa232da577d5cd0e40070a0cfce5bba8255e505e115c79cd6ab180b5c1e03
fd5de0cd31374f449cb6a66ebcf87b0d732a9fe3af8fe3dc4c4df1638b24040b

promo.leovegas.com Open in urlscan Pro 2a03:b0c0:3:d0::d24:5001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

26 %IPv6

31 Domains

36 Subdomains

33 IPs

8 Countries

3625 kBTransfer

5044 kBSize

1 Cookies

7 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promo.leovegas.com Open in urlscan Pro
2a03:b0c0:3:d0::d24:5001 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

26 %
IPv6

31
Domains

36
Subdomains

33
IPs

8
Countries

3625 kB
Transfer

5044 kB
Size

1
Cookies

67 HTTP transactions
11 data transactions