promo.leovegas.com
Open in
urlscan Pro
2a03:b0c0:3:d0::d19:7001
Public Scan
Submitted URL: https://www.verifycaptcha.com/cl.php?id=be1912e3fc61ad93c6b2e3085cc69481
Effective URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D660085%5FE18F491F1D17418497579E6E07EA490B%2526subid%253D102ca86790c38b...
Submission: On June 13 via manual from IL
Effective URL: https://promo.leovegas.com/de/mc-casino/?qs=btag%253D660085%5FE18F491F1D17418497579E6E07EA490B%2526subid%253D102ca86790c38b...
Submission: On June 13 via manual from IL
Summary
This website contacted 26 IPs
in 9 countries
across 30 domains to perform 66 HTTP transactions.
The main IP is 2a03:b0c0:3:d0::d19:7001, located in
Frankfurt am Main, Germany and
belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US.
The main domain is promo.leovegas.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 8th 2019. Valid for: 3 months.
This is the only time promo.leovegas.com was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on June 8th 2019. Valid for: 3 months.
This is the only time promo.leovegas.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 3 | 35.174.174.254 35.174.174.254 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 | 13.35.254.190 13.35.254.190 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 | 35.190.88.7 35.190.88.7 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 2 | 104.130.187.126 104.130.187.126 | 27357 (RACKSPACE) (RACKSPACE - Rackspace Hosting) | |
| 1 3 | 99.198.108.197 99.198.108.197 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC) | |
| 1 3 | 107.6.174.196 107.6.174.196 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC) | |
| 1 | 205.147.93.131 205.147.93.131 | 393676 (ZENEDGE) (ZENEDGE - Oracle Corporation) | |
| 2 | 31.170.100.126 31.170.100.126 | 201942 (SOLTIA) (SOLTIA) | |
| 1 | 138.201.194.170 138.201.194.170 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 | 136.243.30.161 136.243.30.161 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 1 | 34.192.150.50 34.192.150.50 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 1 | 18.197.88.156 18.197.88.156 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 2 | 52.50.109.222 52.50.109.222 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 1 | 107.154.248.103 107.154.248.103 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
| 1 1 | 52.212.106.249 52.212.106.249 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 10 | 2a03:b0c0:3:d... 2a03:b0c0:3:d0::d19:7001 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:819::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a02:26f0:6c0... 2a02:26f0:6c00:181::13b8 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 18 | 2600:9000:200... 2600:9000:200d:4000:12:94b3:c380:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:824::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 147.75.83.19 147.75.83.19 | 54825 (PACKET) (PACKET - Packet Host) | |
| 1 2 | 2a00:1450:400... 2a00:1450:4001:81e::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 1 | 2a00:1450:400... 2a00:1450:400c:c08::9b | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 1 | 2a00:1450:400... 2a00:1450:4001:809::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:824::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 3.122.215.132 3.122.215.132 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 4 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 6 | 37.157.4.25 37.157.4.25 | 198622 (ADFORM) (ADFORM) | |
| 1 | 147.75.205.49 147.75.205.49 | 54825 (PACKET) (PACKET - Packet Host) | |
| 1 | 91.228.74.218 91.228.74.218 | 27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation) | |
| 1 | 2a00:1288:84:... 2a00:1288:84:800::1001 | 203219 (YAHOO-AMA) (YAHOO-AMA) | |
| 1 | 2600:9000:200... 2600:9000:200d:8000:6:44e3:f8c0:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 91.228.74.231 91.228.74.231 | 27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation) | |
| 66 | 26 |
3
35.174.174.254
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-174-174-254.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-174-174-254.compute-1.amazonaws.com
| www.verifycaptcha.com |
1
13.35.254.190
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-190.fra6.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-190.fra6.r.cloudfront.net
| d2wy8f7a9ursnm.cloudfront.net |
2
35.190.88.7
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: 7.88.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE - Google LLC, US)
PTR: 7.88.190.35.bc.googleusercontent.com
| sessions.bugsnag.com |
2
104.130.187.126
(San Antonio, United States)
ASN27357 (RACKSPACE - Rackspace Hosting, US)
ASN27357 (RACKSPACE - Rackspace Hosting, US)
| ogmobi.com |
3
99.198.108.197
(Chicago, United States)
ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
| temp.yetioffer.com |
3
107.6.174.196
(Amsterdam, Netherlands)
ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: bigfish.setupcentral.network
ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: bigfish.setupcentral.network
| up.trkgenius.com |
1
138.201.194.170
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.170.194.201.138.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.170.194.201.138.clients.your-server.de
| s1-989db.kiwitrack.pro |
1
136.243.30.161
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.161.30.243.136.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.161.30.243.136.clients.your-server.de
| s2-fd35988b-78ef-4acf-a28c-178c0be0b34d-1560425078-233111.qclick.pro |
1
34.192.150.50
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-192-150-50.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-192-150-50.compute-1.amazonaws.com
| ca.fastwebopt.com |
1
18.197.88.156
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-197-88-156.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-197-88-156.eu-central-1.compute.amazonaws.com
| heased-congham.com |
2
52.50.109.222
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-109-222.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-109-222.eu-west-1.compute.amazonaws.com
| www.affboutiques.com |
1
107.154.248.103
(United States)
ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.248.103.ip.incapdns.net
ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.248.103.ip.incapdns.net
| ads.leovegas.com |
1
52.212.106.249
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-212-106-249.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-212-106-249.eu-west-1.compute.amazonaws.com
| leo-promo-redirect-service.herokuapp.com |
10
2a03:b0c0:3:d0::d19:7001
(Frankfurt am Main, Germany)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
| promo.leovegas.com |
1
2a00:1450:4001:819::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.googleapis.com |
18
2600:9000:200d:4000:12:94b3:c380:93a1
(United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
| images.ctfassets.net |
1
2a00:1450:4001:824::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.googletagmanager.com |
2
147.75.83.19
(Parsippany, United States)
ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-24
ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-24
| static.hotjar.com | |
| vars.hotjar.com |
2
2a00:1450:4001:81e::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google-analytics.com |
1
2a00:1450:400c:c08::9b
(Brussels, Belgium)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| stats.g.doubleclick.net |
1
2a00:1450:4001:809::2004
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google.com |
1
2a00:1450:4001:824::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| www.google.de |
1
3.122.215.132
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-215-132.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-215-132.eu-central-1.compute.amazonaws.com
| api.ipdata.co |
4
2a00:1450:4001:820::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.gstatic.com |
1
147.75.205.49
(Chicago, United States)
ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-26
ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-26
| script.hotjar.com |
1
91.228.74.218
(United Kingdom)
ASN27281 (QUANTCAST - Quantcast Corporation, US)
ASN27281 (QUANTCAST - Quantcast Corporation, US)
| secure.quantserve.com |
1
2600:9000:200d:8000:6:44e3:f8c0:93a1
(United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
| rules.quantcount.com |
1
91.228.74.231
(United Kingdom)
ASN27281 (QUANTCAST - Quantcast Corporation, US)
ASN27281 (QUANTCAST - Quantcast Corporation, US)
| pixel.quantserve.com |
| Domain | Requested by | |
|---|---|---|
| 18 | images.ctfassets.net |
promo.leovegas.com
|
| 10 | promo.leovegas.com |
1 redirects
s2-fd35988b-78ef-4acf-a28c-178c0be0b34d-1560425078-233111.qclick.pro
promo.leovegas.com |
| 6 | track.adform.net |
www.verifycaptcha.com
track.adform.net |
| 4 | fonts.gstatic.com |
promo.leovegas.com
|
| 3 | up.trkgenius.com |
1 redirects
temp.yetioffer.com
up.trkgenius.com |
| 3 | temp.yetioffer.com |
1 redirects
www.verifycaptcha.com
temp.yetioffer.com |
| 3 | www.verifycaptcha.com |
www.verifycaptcha.com
|
| 2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
| 2 | www.affboutiques.com | 2 redirects |
| 2 | track.fungiers.com |
minently.com
track.fungiers.com |
| 2 | ogmobi.com | 2 redirects |
| 2 | sessions.bugsnag.com |
d2wy8f7a9ursnm.cloudfront.net
|
| 1 | pixel.quantserve.com |
promo.leovegas.com
|
| 1 | rules.quantcount.com |
secure.quantserve.com
|
| 1 | s.yimg.com |
track.adform.net
|
| 1 | secure.quantserve.com |
track.adform.net
|
| 1 | vars.hotjar.com |
static.hotjar.com
|
| 1 | script.hotjar.com |
static.hotjar.com
|
| 1 | api.ipdata.co |
www.verifycaptcha.com
|
| 1 | www.google.de |
promo.leovegas.com
|
| 1 | www.google.com | 1 redirects |
| 1 | stats.g.doubleclick.net | 1 redirects |
| 1 | static.hotjar.com |
www.googletagmanager.com
|
| 1 | www.googletagmanager.com |
promo.leovegas.com
|
| 1 | cdn.optimizely.com |
promo.leovegas.com
|
| 1 | fonts.googleapis.com |
promo.leovegas.com
|
| 1 | leo-promo-redirect-service.herokuapp.com | 1 redirects |
| 1 | ads.leovegas.com | 1 redirects |
| 1 | heased-congham.com | 1 redirects |
| 1 | ca.fastwebopt.com | 1 redirects |
| 1 | s2-fd35988b-78ef-4acf-a28c-178c0be0b34d-1560425078-233111.qclick.pro |
s1-989db.kiwitrack.pro
|
| 1 | s1-989db.kiwitrack.pro |
track.fungiers.com
|
| 1 | minently.com | |
| 1 | d2wy8f7a9ursnm.cloudfront.net |
www.verifycaptcha.com
|
| 66 | 34 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| ads.leovegas.com |
| www.authorisation.mga.org.mt |
| secure.gamblingcommission.gov.uk |
| spillemyndigheden.dk |
| www.begambleaware.org |
| www.gamcare.org.uk |
| www.gamblersanonymous.org |
| www.leosafeplay.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.verifycaptcha.com Let's Encrypt Authority X3 |
2019-04-16 - 2019-07-15 |
3 months | crt.sh |
| *.cloudfront.net DigiCert Global CA G2 |
2018-10-08 - 2019-10-09 |
a year | crt.sh |
| *.bugsnag.com COMODO RSA Domain Validation Secure Server CA |
2018-05-18 - 2020-06-01 |
2 years | crt.sh |
| temp.yetioffer.com Let's Encrypt Authority X3 |
2019-04-22 - 2019-07-21 |
3 months | crt.sh |
| up.trkgenius.com Let's Encrypt Authority X3 |
2019-05-22 - 2019-08-20 |
3 months | crt.sh |
| minently.com Let's Encrypt Authority X3 |
2019-04-16 - 2019-07-15 |
3 months | crt.sh |
| track.fathew.com Let's Encrypt Authority X3 |
2019-04-01 - 2019-06-30 |
3 months | crt.sh |
| 1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
| kiwitrack.pro Let's Encrypt Authority X3 |
2019-04-25 - 2019-07-24 |
3 months | crt.sh |
| qclick.pro Let's Encrypt Authority X3 |
2019-04-25 - 2019-07-24 |
3 months | crt.sh |
| brand.leovegas.com Let's Encrypt Authority X3 |
2019-06-08 - 2019-09-06 |
3 months | crt.sh |
| *.googleapis.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
| cdn.optimizely.com DigiCert ECC Secure Server CA |
2018-11-24 - 2020-02-23 |
a year | crt.sh |
| images.contentful.com Amazon |
2019-04-06 - 2020-05-06 |
a year | crt.sh |
| *.google-analytics.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
| static.hotjar.com Let's Encrypt Authority X3 |
2019-06-08 - 2019-09-06 |
3 months | crt.sh |
| www.google.de Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
| *.ipdata.co Amazon |
2018-09-27 - 2019-10-27 |
a year | crt.sh |
| *.google.com Google Internet Authority G3 |
2019-05-21 - 2019-08-13 |
3 months | crt.sh |
| track.adform.net DigiCert SHA2 Secure Server CA |
2018-02-02 - 2019-10-02 |
2 years | crt.sh |
| script.hotjar.com Let's Encrypt Authority X3 |
2019-06-08 - 2019-09-06 |
3 months | crt.sh |
| vars.hotjar.com Let's Encrypt Authority X3 |
2019-06-08 - 2019-09-06 |
3 months | crt.sh |
| *.quantserve.com DigiCert SHA2 High Assurance Server CA |
2018-10-16 - 2019-10-21 |
a year | crt.sh |
| *.yahoo.com DigiCert SHA2 High Assurance Server CA |
2019-06-03 - 2019-07-18 |
a month | crt.sh |
This page contains 4 frames:
Primary Page:
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D660085%5FE18F491F1D17418497579E6E07EA490B%2526subid%253D102ca86790c38b3f2a0c841d36fb16%2526transactionid%253D1473%2526pid%253D3579447%2526bid%253D13186
Frame ID: 54D58DBB7DB828235309FD9CF8BA1426
Requests: 74 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 27F61DC8D2B42B8A42230E3FBFC63928
Requests: 1 HTTP requests in this frame
Frame:
https://track.adform.net/serving/container/?pm=497538&lid=31340545&ctype=0&media=0&PageName=mc-casino-lp&rnd=1614519898&cpref=&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D660085%255FE18F491F1D17418497579E6E07EA490B%252526subid%25253D102ca86790c38b3f2a0c841d36fb16%252526transactionid%25253D1473%252526pid%25253D3579447%252526bid%25253D13186
Frame ID: 201E70C2A1D5792BF45381C3EC3AF7B0
Requests: 1 HTTP requests in this frame
Frame:
https://track.adform.net/serving/container/?pm=497538&lid=49848318&ctype=0&media=0&PageName=Sc_Ret&rnd=1369911842&cpref=&loc=https%3a%2f%2fpromo.leovegas.com%2fde%2fmc-casino%2f%3fqs%3dbtag%25253D660085%255FE18F491F1D17418497579E6E07EA490B%252526subid%25253D102ca86790c38b3f2a0c841d36fb16%252526transactionid%25253D1473%252526pid%25253D3579447%252526bid%25253D13186
Frame ID: CC8378235E16BF93000A75973B2E5482
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.verifycaptcha.com/cl.php?id=be1912e3fc61ad93c6b2e3085cc69481 Page URL
-
http://ogmobi.com/jp-redirect.php?reason=bad_lockerid&url=www.verifycaptcha.com%2Fcontentlocke...
HTTP 301
https://ogmobi.com/jp-redirect.php?reason=bad_lockerid&url=www.verifycaptcha.com%2Fcontentlocke... HTTP 302
https://temp.yetioffer.com/?utm_medium=d4e7a2da8376f6b2bccc649990701698c5fd1cf4&utm_campaign=ogrd Page URL
- https://temp.yetioffer.com/?utm_term=6701974669295092302&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
-
https://temp.yetioffer.com/proc.php?12de6237d1792851e6f861c023b33734c404452c
HTTP 302
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=670197466929509... Page URL
- https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6701974669295092... Page URL
-
https://up.trkgenius.com/out.php?v=054c80cafbd0df430342958be39042c5
HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=W... Page URL
- https://track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b... Page URL
- https://s1-989db.kiwitrack.pro/?sl=63000&postbackid=M2019061311-5bdf6267c5208a80a6be7a0adc22dc1e&data1=185392 Page URL
- https://s2-fd35988b-78ef-4acf-a28c-178c0be0b34d-1560425078-233111.qclick.pro/?j=1&b=1&i=1&s%5Bh%5D=1200&s%5Bw%5D=1600&w%5Bh%5D=1200&w%5Bw%5D=1600&t=0 Page URL
-
https://ca.fastwebopt.com/t/clk?id=7923tWJJI2q88UWwpJS2&s1=8639linh3&s2=
HTTP 302
https://heased-congham.com/b8ad6486-4d45-47b0-b40c-37b451869012?placementid=%7Bplacementid%7D&affid=113... HTTP 302
http://www.affboutiques.com/aff_c?offer_id=313&aff_id=1473&aff_sub=wK7R60223U21JR5N1V5QUL6A&aff_sub2=113... HTTP 302
http://www.affboutiques.com/aff_r?offer_id=313&aff_id=1473&url=https%3A%2F%2Fads.leovegas.com%2Fredirect... HTTP 302
https://ads.leovegas.com/redirect.aspx?pid=3579447&bid=13186&subid=102ca86790c38b3f2a0c841d36fb16&tra... HTTP 301
https://leo-promo-redirect-service.herokuapp.com/mc-casino/?btag=660085_E18F491F1D17418497579E6E07EA490B&subid=102ca86790c38b... HTTP 301
https://promo.leovegas.com/mc-casino/?qs=btag%253D660085_E18F491F1D17418497579E6E07EA490B%2526subid%253... HTTP 302
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D660085%5FE18F491F1D17418497579E6E07EA490B%2526subi... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
React
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<[^>]+data-react/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- env /^google_tag_manager$/i
Hotjar
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Optimizely
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /optimizely\.com.*\.js/i
Quantcast
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^quantserve$/i
YUI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^YAHOO$/i
webpack
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^webpackJsonp$/i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
URL: http://ads.leovegas.com/redirect.aspx?redirectUrl=https%3A%2F%2Fwww.leovegas.com%2Fsignup%3Flobby%3Dcasino&pid=3601842&bid=14663
Search URL Search Domain Scan URL
URL: https://www.authorisation.mga.org.mt/verification.aspx?lang=EN&company=726b906b-4fe8-4cf9-9294-0a6a8a808d90&details=1
Search URL Search Domain Scan URL
URL: https://secure.gamblingcommission.gov.uk/PublicRegister/Search/Detail/39198
Search URL Search Domain Scan URL
URL: https://spillemyndigheden.dk/
Search URL Search Domain Scan URL
URL: https://www.begambleaware.org/
Search URL Search Domain Scan URL
URL: http://www.gamcare.org.uk/
Search URL Search Domain Scan URL
URL: http://www.gamblersanonymous.org/ga/
Search URL Search Domain Scan URL
URL: https://www.leosafeplay.com/
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.verifycaptcha.com/cl.php?id=be1912e3fc61ad93c6b2e3085cc69481 Page URL
-
http://ogmobi.com/jp-redirect.php?reason=bad_lockerid&url=www.verifycaptcha.com%2Fcontentlockers%2Fload.php%3Ff%3D1%26a%3D%26id%3Dbe1912e3fc61ad93c6b2e3085cc69481&ref=https%3A%2F%2Fwww.verifycaptcha.com%2Fcl.php%3Fid%3Dbe1912e3fc61ad93c6b2e3085cc69481&type=locker&id=be1912e3fc61ad93c6b2e3085cc69481
HTTP 301
https://ogmobi.com/jp-redirect.php?reason=bad_lockerid&url=www.verifycaptcha.com%2Fcontentlockers%2Fload.php%3Ff%3D1%26a%3D%26id%3Dbe1912e3fc61ad93c6b2e3085cc69481&ref=https%3A%2F%2Fwww.verifycaptcha.com%2Fcl.php%3Fid%3Dbe1912e3fc61ad93c6b2e3085cc69481&type=locker&id=be1912e3fc61ad93c6b2e3085cc69481 HTTP 302
https://temp.yetioffer.com/?utm_medium=d4e7a2da8376f6b2bccc649990701698c5fd1cf4&utm_campaign=ogrd Page URL
- https://temp.yetioffer.com/?utm_term=6701974669295092302&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b28186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6aa Page URL
-
https://temp.yetioffer.com/proc.php?12de6237d1792851e6f861c023b33734c404452c
HTTP 302
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6701974669295092302&pubid=4766 Page URL
- https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6701974669295092302&pubid=4766&m=VX8x0l83VKQwVIjF1VBI8I3jPr.DRzTydpyFE8xAWdhqzdLjE8L4zdLFETyhzGy_zX4qzen_12QgjV0fgWyoS-noSyxbGplU1xQs1xBg1V0lm8LhUr3QPrP Page URL
-
https://up.trkgenius.com/out.php?v=054c80cafbd0df430342958be39042c5
HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=22dad8fb25c45ed994adb1bb4cd28e38&ext1=dvx Page URL
- https://track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25Q4L0000V8100HIT1A9K405L1GWF0TPC19C8df8T07V905L1G00/ Page URL
- https://s1-989db.kiwitrack.pro/?sl=63000&postbackid=M2019061311-5bdf6267c5208a80a6be7a0adc22dc1e&data1=185392 Page URL
- https://s2-fd35988b-78ef-4acf-a28c-178c0be0b34d-1560425078-233111.qclick.pro/?j=1&b=1&i=1&s%5Bh%5D=1200&s%5Bw%5D=1600&w%5Bh%5D=1200&w%5Bw%5D=1600&t=0 Page URL
-
https://ca.fastwebopt.com/t/clk?id=7923tWJJI2q88UWwpJS2&s1=8639linh3&s2=
HTTP 302
https://heased-congham.com/b8ad6486-4d45-47b0-b40c-37b451869012?placementid=%7Bplacementid%7D&affid=11390_8639linh3&clickid=729ed024-3c60-460a-9568-51fa17f34972 HTTP 302
http://www.affboutiques.com/aff_c?offer_id=313&aff_id=1473&aff_sub=wK7R60223U21JR5N1V5QUL6A&aff_sub2=11390_8639linh3&aff_sub3=%7Bplacementid%7D HTTP 302
http://www.affboutiques.com/aff_r?offer_id=313&aff_id=1473&url=https%3A%2F%2Fads.leovegas.com%2Fredirect.aspx%3Fpid%3D3579447%26bid%3D13186%26subid%3D102ca86790c38b3f2a0c841d36fb16%26transactionid%3D1473&urlauth=483882120776573522777374872100 HTTP 302
https://ads.leovegas.com/redirect.aspx?pid=3579447&bid=13186&subid=102ca86790c38b3f2a0c841d36fb16&transactionid=1473 HTTP 301
https://leo-promo-redirect-service.herokuapp.com/mc-casino/?btag=660085_E18F491F1D17418497579E6E07EA490B&subid=102ca86790c38b3f2a0c841d36fb16&transactionid=1473&pid=3579447&bid=13186 HTTP 301
https://promo.leovegas.com/mc-casino/?qs=btag%253D660085_E18F491F1D17418497579E6E07EA490B%2526subid%253D102ca86790c38b3f2a0c841d36fb16%2526transactionid%253D1473%2526pid%253D3579447%2526bid%253D13186 HTTP 302
https://promo.leovegas.com/de/mc-casino/?qs=btag%253D660085%5FE18F491F1D17418497579E6E07EA490B%2526subid%253D102ca86790c38b3f2a0c841d36fb16%2526transactionid%253D1473%2526pid%253D3579447%2526bid%253D13186 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- http://ogmobi.com/jp-redirect.php?reason=bad_lockerid&url=www.verifycaptcha.com%2Fcontentlockers%2Fload.php%3Ff%3D1%26a%3D%26id%3Dbe1912e3fc61ad93c6b2e3085cc69481&ref=https%3A%2F%2Fwww.verifycaptcha.com%2Fcl.php%3Fid%3Dbe1912e3fc61ad93c6b2e3085cc69481&type=locker&id=be1912e3fc61ad93c6b2e3085cc69481 HTTP 301
- https://ogmobi.com/jp-redirect.php?reason=bad_lockerid&url=www.verifycaptcha.com%2Fcontentlockers%2Fload.php%3Ff%3D1%26a%3D%26id%3Dbe1912e3fc61ad93c6b2e3085cc69481&ref=https%3A%2F%2Fwww.verifycaptcha.com%2Fcl.php%3Fid%3Dbe1912e3fc61ad93c6b2e3085cc69481&type=locker&id=be1912e3fc61ad93c6b2e3085cc69481 HTTP 302
- https://temp.yetioffer.com/?utm_medium=d4e7a2da8376f6b2bccc649990701698c5fd1cf4&utm_campaign=ogrd
- https://temp.yetioffer.com/proc.php?12de6237d1792851e6f861c023b33734c404452c HTTP 302
- https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6701974669295092302&pubid=4766
- https://up.trkgenius.com/out.php?v=054c80cafbd0df430342958be39042c5 HTTP 302
- https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=22dad8fb25c45ed994adb1bb4cd28e38&ext1=dvx
- https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=252104148&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D660085%255FE18F491F1D17418497579E6E07EA490B%252526subid%25253D102ca86790c38b3f2a0c841d36fb16%252526transactionid%25253D1473%252526pid%25253D3579447%252526bid%25253D13186&dp=%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D660085%255FE18F491F1D17418497579E6E07EA490B%252526subid%25253D102ca86790c38b3f2a0c841d36fb16%252526transactionid%25253D1473%252526pid%25253D3579447%252526bid%25253D13186&ul=en-us&de=UTF-8&dt=Casino%20f%C3%BCr%20Mobilger%C3%A4te%20und%20Online-Casino%20-%20Spielen%20Sie%20Casino-Spiele%20online%20oder%20auf%20Ihrem%20Mobilger%C3%A4t%20%7C%20LeoVegas%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=660085&cn=13186&cs=660085&cm=affiliate&_u=YEBAAEAB~&jid=2136133472&gjid=569730211&cid=621659374.1560425082&tid=UA-25600410-30&_gid=1076529185.1560425082&_r=1>m=2wg5t2WGS5KD&cd1=660085&cd3=3579447&cd4=leo&cd7=de&cd32=67&z=1798298882 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=621659374.1560425082&jid=2136133472&_gid=1076529185.1560425082&gjid=569730211&_v=j76&z=1798298882 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=621659374.1560425082&jid=2136133472&_v=j76&z=1798298882 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=621659374.1560425082&jid=2136133472&_v=j76&z=1798298882&slf_rd=1&random=2296854289
66 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
cl.php
www.verifycaptcha.com/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v5/ |
43 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
load.php
www.verifycaptcha.com/contentlockers/ |
741 B 766 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
p.php
www.verifycaptcha.com/ |
255 B 512 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
/
sessions.bugsnag.com/ |
0 222 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
temp.yetioffer.com/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
sessions.bugsnag.com/ |
21 B 106 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
temp.yetioffer.com/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
in.html
up.trkgenius.com/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
in.php
up.trkgenius.com/ |
1 KB 984 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ
minently.com/RnSda/rDN3/ojdn/ Redirect Chain
|
6 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25Q4L0000V8100HIT1A9K405L1GWF0TPC19C8df8T07V905L1G00/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25Q4L0000V8100HIT1A9K405L1GWF0TPC19C8df8T07V905L1G00/ |
932 B 713 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
offer.png
track.fungiers.com/ |
95 B 430 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
s1-989db.kiwitrack.pro/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
s2-fd35988b-78ef-4acf-a28c-178c0be0b34d-1560425078-233111.qclick.pro/ |
658 B 712 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
promo.leovegas.com/de/mc-casino/ Redirect Chain
|
104 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
component---src-layouts-index-js-3faf9cb11a3fe3932c88.js
promo.leovegas.com/ |
1 KB 774 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
component---src-templates-casino-index-js-4d465f4ae62885f54eca.js
promo.leovegas.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
path---de-mc-casino-5d84c089913c3d33e90a.js
promo.leovegas.com/ |
17 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app-6815ad4d68571b303551.js
promo.leovegas.com/ |
89 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
commons-0cc8e558f7595133a5f9.js
promo.leovegas.com/ |
713 KB 206 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
14 KB 931 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9430800627.js
cdn.optimizely.com/js/ |
273 KB 77 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
leovegas-casino-logo.367bf0de.svg
promo.leovegas.com/static/ |
12 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sofortklarna.png
images.ctfassets.net/kijvoxi4q0zn/2CAIGpcyAQ6UGC2c00EOIw/b4e98e832fe525ce78bfbda0833264e5/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
visa.png
images.ctfassets.net/kijvoxi4q0zn/3ViLoK5xpS4ewO4S0uCyey/5d6f669d7115ef736e8249079161d49a/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
paysafe.png
images.ctfassets.net/kijvoxi4q0zn/41nin6pA92SG2EO06iaYEO/76548fa568856af2df611d3fdaa5b9a0/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trustly.png
images.ctfassets.net/kijvoxi4q0zn/4ZgGhzEvv2ACeAACUQUWKA/8ef5a9eef0ff01ed2aba14e77ba09db4/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
skrill.png
images.ctfassets.net/kijvoxi4q0zn/c9n7WDRBqosmIY4E2ugQa/7c26eb0f1c21cdd89d87720931f56e3d/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
neteller.png
images.ctfassets.net/kijvoxi4q0zn/5BDClCPzlCK06wcmCgwiIK/809768fb004de199cf7c9e94386691ae/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
75 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EGR-Nordics-CasinoOperator-2017.png
images.ctfassets.net/kijvoxi4q0zn/6f6dOX7sD6Q8ukcwOwMykE/ada4ae647e5ef6cdd7587ae7dc0b49bd/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EGR-Nordics-CasinoOperator-2016.png
images.ctfassets.net/kijvoxi4q0zn/4yEYKbj8JWEC2Gc02QuuWY/8b42c8e676005e55fe3deb01ccef0837/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iphonex-app.218eb622.png
promo.leovegas.com/static/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mga.png
images.ctfassets.net/kijvoxi4q0zn/2Uc4dcnb0cUSEgUqKeYmk8/5549d2a0745b2483ea3e5fbea1422682/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gambling-commission.png
images.ctfassets.net/kijvoxi4q0zn/4Nb9hNN54c4S0oiCUa4ESm/c6602fe3b62546091d35592a4273c530/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
license3.png
images.ctfassets.net/kijvoxi4q0zn/1QrpFMgzA4ea8gYcOmus4q/4f46552fd36bb194b222f0b6c252154a/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
eu.png
images.ctfassets.net/kijvoxi4q0zn/2nPMd5FgoYGmgmQic6QcoK/41fbb4126551a01649fc1c471864cdd8/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
begambleaware.png
images.ctfassets.net/kijvoxi4q0zn/4n5itn9bJeauCqAYGIYEc8/54f339e439f7b365d8a19824aefafbb5/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gamcare.png
images.ctfassets.net/kijvoxi4q0zn/62kAEz4BsAEqeaCI2ciGss/6e22bf0f1696b261eeddf0a5916cfd40/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga.png
images.ctfassets.net/kijvoxi4q0zn/59JQfnohhYqM2oI0wgOQoq/26fdfac0b667ea33c73f2145447f5cf1/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
leosafeplay.png
images.ctfassets.net/kijvoxi4q0zn/7o9AdRaiWWyKm2A0qWmi62/94f9d8aa5b81a09b5d64fedadfdf07bb/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hotjar-150438.js
static.hotjar.com/c/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
469 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
558 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
api.ipdata.co/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1006 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
593 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-ExtraBlack.625fcf1e.ttf
promo.leovegas.com/static/ |
41 KB 23 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v19/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
track.adform.net/serving/scripts/trackpoint/async/ |
76 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
524 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modules.577d7cecd64e64b0b510.js
script.hotjar.com/ |
425 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CH-AT_POPUP_ARTWORK__1_.jpg
images.ctfassets.net/kijvoxi4q0zn/1CemWKxuBiMKWY8qoCuaUy/51f2e05654fea61ecbedea7d68d48ebe/ |
14 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
DE_MC-CASINO_DESKTOP.jpg
images.ctfassets.net/kijvoxi4q0zn/5vJ0jkR5LiOE6w48wmU2As/0c4161b2cd85e35c279182ff0d570d45/ |
159 KB 159 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 27F6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
track.adform.net/Serving/TrackPoint/ |
18 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
track.adform.net/wpf/v2/Nla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
track.adform.net/serving/container/ Frame 201E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
quant.js
secure.quantserve.com/ |
12 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ytc.js
s.yimg.com/wi/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
track.adform.net/Serving/TrackPoint/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
track.adform.net/serving/container/ Frame CC83 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rules-p-qv3RqfmexMYyL.js
rules.quantcount.com/ |
741 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pixel;r=664536075;labels=_fp.event.Homepage;rf=0;a=p-qv3RqfmexMYyL;url=https%3A%2F%2Fpromo.leovegas.com%2Fde%2Fmc-casino%2F%3Fqs%3Dbtag%25253D660085%255FE18F491F1D17418497579E6E07EA490B%252526subid...
pixel.quantserve.com/ |
35 B 594 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- track.fungiers.com
- URL
- https://track.fungiers.com/185392/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/kDE25Q4L0000V8100HIT1A9K405L1GWF0TPC19C8df8T07V905L1G00/?
Verdicts & Comments Add Verdict or Comment
56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer object| google_tag_manager function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| _ string| DATALAYER_OBJECT_NAME function| referrerOverride function| sendCampaignData function| initNewOptimizelyIntegration function| initOptimizelyIntegration object| webpackManifest function| webpackJsonp object| __core-js_shared__ object| core object| ___history object| ___emitter object| asyncRequires object| ___loader function| matchPath function| ___push function| ___replace function| ___navigateTo object| _crypto function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| _adftrack object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| Adform object| KJUR object| adf function| HotjarBasicDataStorage function| HotjarCollectionDataStorage object| items object| fortyone object| _qevents object| dotq object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf function| quantserve function| __qc object| ezt object| _qoptions0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.leovegas.com
api.ipdata.co
ca.fastwebopt.com
cdn.optimizely.com
d2wy8f7a9ursnm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
heased-congham.com
images.ctfassets.net
leo-promo-redirect-service.herokuapp.com
minently.com
ogmobi.com
pixel.quantserve.com
promo.leovegas.com
rules.quantcount.com
s.yimg.com
s1-989db.kiwitrack.pro
s2-fd35988b-78ef-4acf-a28c-178c0be0b34d-1560425078-233111.qclick.pro
script.hotjar.com
secure.quantserve.com
sessions.bugsnag.com
static.hotjar.com
stats.g.doubleclick.net
temp.yetioffer.com
track.adform.net
track.fungiers.com
up.trkgenius.com
vars.hotjar.com
www.affboutiques.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.verifycaptcha.com
track.fungiers.com
104.130.187.126
107.154.248.103
107.6.174.196
13.35.254.190
136.243.30.161
138.201.194.170
147.75.205.49
147.75.83.19
18.197.88.156
205.147.93.131
2600:9000:200d:4000:12:94b3:c380:93a1
2600:9000:200d:8000:6:44e3:f8c0:93a1
2a00:1288:84:800::1001
2a00:1450:4001:809::2004
2a00:1450:4001:819::200a
2a00:1450:4001:81e::200e
2a00:1450:4001:820::2003
2a00:1450:4001:824::2003
2a00:1450:4001:824::2008
2a00:1450:400c:c08::9b
2a02:26f0:6c00:181::13b8
2a03:b0c0:3:d0::d19:7001
3.122.215.132
31.170.100.126
34.192.150.50
35.174.174.254
35.190.88.7
37.157.4.25
52.212.106.249
52.50.109.222
91.228.74.218
91.228.74.231
99.198.108.197
02920491695411e238e7fbc665cb602f6f314db84721495b6d5c10b452fc9e59
09bc373cc6dd2dbc375e64524de4aec3c2978912d3fcf47022d7c0441ecdfd74
0ab3d4ad2b0c990a9de580274dd61f2c4d4369f3b1d81a2ca1def837327bd24f
0c48b773fbf650a8222bc9b7beaaff31923a67e2adc29f42e15ac46c677d85cc
0d3e89aaa9b2bc6c3c9ce2d65f84afff2ee014aa105df0fc9a6eb4b6a706d38d
0ec54a58d35ac36a9f5917750661e0addae1fd94087ede2bb0fcb26d781be049
10566d0b37ba74a8ac4014cc78998205e997d6b6937799927c00fd78f8ee0bbf
145f3844ee4625769479e42ed319920f5e1d65350ce8798bf44c899ef0034793
162b8988686821843dfd88e1331c2de306caff9f33676406818a5ed4077d62dc
1697546dd005050fc2766c5e76e023f24538e5dc33ae4b18bd3252ae91fc6559
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1e735017baa896ed4d7b650177c77039c1abb6ad385bb46895534e885e10b65e
21b0443189f0b628070b7b4fae484173a0edb5c031136340a6935b6b9c0eb73b
21bb3c933ccc576c2f6d75e583fbb2bcaac5e37c71ed4644754cdaab692bf74a
227810b9148e9d4a5b8130dfe79aeb75d6dc9010729149c04455183f36daa412
273960782964d6c98b7784d94eef99d63d8bf70c80a48a3d77da0c8191989c39
2c4e40525446376e67437bb87b5e547a5113d20ec4281de744b1f17beb18a388
2ede25a0ac2405841be39bb212ab00eb1db622ae8c06a6cbfa1f21cc20a94bf6
3977b4282a00917411111d8fc338784e457991bd6cbc4d36cc758e9e33c1a57f
3cb39e0ced352a1ba59a392589953e3ad7a1520a6e92fd65b9e676c48ecdad48
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4e26ecb19c4ba59662297647d7d608a8f273c49e9c6fdd9e30a0808dfdbe5c18
4e71756647119b12b30346599f708dad212d8c887bd9772d7ab6aab0f26ddd8a
54953395dac8b47e71618606ef68ac4159638b1cd6d71b1b82b8d0cabeba7c05
56c0991ebc43b18ddb9e50c64d519e535dfb3fc72118d972a4ac6ec697eaca26
59c178261af620d9616e20161c144a8427d481bca9f6afc18de81a9c438844a5
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e6d37ad5c778b8a2319a80e5200aeb037949c6b34046048b2fe443511a9e2a5
5ffe45acf226a47230a5c69a51c1675b02ec885015106de4af29eec99961fc0a
617d2a8d89bbdbebbe32227d6a72072658bce3da4a04fc704044e92bff2f9106
6a32e11a4c8e46e4b95553e27f336bc3ff424298cb36b814dd5f8b793a06ce8a
6e1587a49a2d4640c0936ab3c7b63bc37d4186b4033ecefd256bc7c1f982bb9f
7390140e45f479773477777f85f51ac958ec958d0e01f98b1b42f8e62a3fe45b
7432ef865494c910726e0e9b7f4cd34d33ffd95a0804dfae8695872794a11e87
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
83f75b100f719fd8cf4373d6195758cd314f4866d189c8079e84c44790ec0e10
873a134767d62194e541b2b20f4cc4c9f7b38428f2f688db618058e45e7aad73
87e5dd3a67cf48be8b5c9decd5ff44b46e684f2917d54ead973eeedc196feb84
899458ccebe8bbb13f5ecb4c491e939b351702e473da6ff0186656bdf0480948
8bb3ebcf4cca106320d0a41f42ef0a791f75518d3f0216d46915f51b73e67091
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9f9b90d5869380885b9e742b34a8fd5be771de4f52eecf138404eee2c91e9e99
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a62f202a036f31afbe29957893501fd9788b8b7da68fd937f09a4748c80dfe24
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
a63d3c65ea6fb8f61859c63e4f4b966c2ffaca62733d62064acf7fcc82d0b5e8
ade492e71a709b0ae66a7d625ab7114a519ad73726eb8d079510e5af293a8f2b
b14a7f9c486e98dee1363e7fe513bfb4a1f85cccd620aa93f9492c9b1669c70d
b855baad3ab0ad04962f7f418073e6a433589e52c45c9077e82d0786077e6329
ccac1881f0aa30ce6e0b27faca92813dec7f738c9bc477de7f0ff3cd97d80e4d
ce6756a7c10ff1f8be82a1e4e94a18bb8e68c2f19df87df9cb8168c6dda2fd5a
d425a6206bc54f7f2afe868405b6f3053e4ff95caff5308b0a37f39e8c912d31
d630df8a89d2ec3c590c3b036b610c60fda3df53b3a4c81f3a9e5c94a0de5929
d911c3c9c9bb8ab4b583d2c136c8f851542095bf3c0341d50c694a60499f5bdc
db5448c194812ce8efad1c59985d077940ff131ebfba8d0f3232791136589ae2
dd963029e9637bcd6b1f91079bae39f0d7edf5d6f1b3b007d5144c1075c79d08
de8c0995b897a17da73adb4d21467bac8f270d366e277eaf57fd9ffb231de8d7
e4a27f4cc842b511ab1d2cf945b65f31401aec1423ed110d3f7103c0c817b8a5
e5b74ea28e08ec3cfc168a3d8179d4b528514e6ddd2f87af11797d126e507a6a
e80253978dc0dc2342a8d65ab609162b611901dae866a273279c23baf9d72610
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1aa27217bcc70dcac6d0771b3691f0fb7cad2b3d789c9c5a68ae3343a8f8189
f2902780cf44600bf868dd9ec81ba7862abec95b97cff8651762bf1a8b90dfb8
f5f00c0359deceea0bc873506e2ac0a37fc87218d4d524034f629d753bb05650
fc3aa232da577d5cd0e40070a0cfce5bba8255e505e115c79cd6ab180b5c1e03