Submitted URL: http://mpwnqgrz.success-building.com/68b7c
Effective URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=6...
Submission: On February 25 via api from BE

Summary

This website contacted 20 IPs in 7 countries across 17 domains to perform 77 HTTP transactions. The main IP is 104.16.26.10, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.casumo.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 6th 2019. Valid for: 2 years.
This is the only time www.casumo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 46.41.136.19 12824 (HOMEPL-AS)
2 2 212.32.249.99 60781 (LEASEWEB-...)
1 185.255.179.132 202933 (CLOUDSOLU...)
1 1 107.154.251.88 19551 (INCAPSULA)
4 25 104.16.26.10 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
23 104.17.251.25 13335 (CLOUDFLAR...)
3 7 2a00:1450:400... 15169 (GOOGLE)
4 104.17.169.42 13335 (CLOUDFLAR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 4 172.217.22.70 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 5 2.18.233.201 16625 (AKAMAI-AS)
1 172.217.21.198 15169 (GOOGLE)
1 2 185.33.223.197 29990 (ASN-APPNEX)
2 40.119.158.131 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 143.204.202.5 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.57.217.255 16509 (AMAZON-02)
77 20
Domain Requested by
25 www.casumo.com 4 redirects www.casumo.com
23 images.casumo.com www.casumo.com
7 www.google-analytics.com 3 redirects www.googletagmanager.com
www.google-analytics.com
5 pixel.mathtag.com 2 redirects www.casumo.com
4 5903415.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 mp-proxy-aws.casumo.com www.casumo.com
mp-proxy-aws.casumo.com
3 stats.g.doubleclick.net 1 redirects www.casumo.com
3 www.google.com 1 redirects www.casumo.com
www.gstatic.com
2 casumo.regily.com www.casumo.com
casumo.regily.com
2 trck.spoteffects.net mpwnqgrz.success-building.com
www.casumo.com
2 secure.adnxs.com 1 redirects www.casumo.com
2 bat.bing.com www.googletagmanager.com
www.casumo.com
2 www.googletagmanager.com www.casumo.com
2 url-partners.g2afse.com 2 redirects
1 backoffice.regily.com casumo.regily.com
1 fonts.googleapis.com casumo.regily.com
1 www.google.de www.casumo.com
1 www.gstatic.com www.google.com
1 ad.doubleclick.net mpwnqgrz.success-building.com
1 ads.casumoaffiliates.com 1 redirects
1 fdfjhks.com
1 mpwnqgrz.success-building.com
77 22
Subject Issuer Validity Valid
www.casumo.com
DigiCert SHA2 Extended Validation Server CA
2019-11-06 -
2021-11-10
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
ssl410548.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-10-29 -
2020-05-06
6 months crt.sh
www.google.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2
2019-04-30 -
2021-04-30
2 years crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA
2019-01-25 -
2020-04-25
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
trck.spoteffects.net
Sectigo RSA Domain Validation Secure Server CA
2019-08-09 -
2021-11-06
2 years crt.sh
*.google.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
www.google.de
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.regily.com
Amazon
2019-12-05 -
2021-01-05
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Frame ID: 6013F4E562D4E6CDA974F14F72CFEBC9
Requests: 73 HTTP requests in this frame

Frame: https://5903415.fls.doubleclick.net/activityi;dc_pre=CK7FoeGo7ecCFZzjuwgd8bwCCw;src=5903415;type=uk;cat=home01;ord=7679753298517;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341
Frame ID: E465A61F5A6A31545232DDEE2D3CF50F
Requests: 1 HTTP requests in this frame

Frame: https://5903415.fls.doubleclick.net/activityi;dc_pre=CI7IoeGo7ecCFfrjuwgd7kMHSQ;src=5903415;type=uk;cat=casum00;ord=1;num=8684190911753;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341
Frame ID: AA01B1B46AB71B2BEC0072EAEED12028
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxidQUAAAAAHT6LisjVHo6ONOKnfcWzSLhOnBc&co=aHR0cHM6Ly93d3cuY2FzdW1vLmNvbTo0NDM.&hl=en&v=61bII03-TtCmSUR7dw9MJF9q&size=invisible&cb=h8ib5zxil8qf
Frame ID: 26D7E68F0F712C8F68835F0572AE5ECE
Requests: 1 HTTP requests in this frame

Frame: https://casumo.regily.com/otp-internal/index.html
Frame ID: 8ED2FD4E20D591D8C628DD10EB674450
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://mpwnqgrz.success-building.com/68b7c Page URL
  2. http://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
    https://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
    http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875 Page URL
  3. https://ads.casumoaffiliates.com/redirect.aspx?pid=1124341&bid=12181&click_id=01-akfhtfmx4khvfljudzgigmwht1n HTTP 301
    https://www.casumo.com/signup?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khv... HTTP 301
    https://www.casumo.com/de/signup?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4... HTTP 301
    https://www.casumo.com/de/signup/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx... HTTP 301
    https://www.casumo.com/de/registrieren/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-ak... HTTP 301
    https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvflj... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

77
Requests

97 %
HTTPS

36 %
IPv6

17
Domains

22
Subdomains

20
IPs

7
Countries

1112 kB
Transfer

3408 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mpwnqgrz.success-building.com/68b7c Page URL
  2. http://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
    https://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
    http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875 Page URL
  3. https://ads.casumoaffiliates.com/redirect.aspx?pid=1124341&bid=12181&click_id=01-akfhtfmx4khvfljudzgigmwht1n HTTP 301
    https://www.casumo.com/signup?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341 HTTP 301
    https://www.casumo.com/de/signup?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341 HTTP 301
    https://www.casumo.com/de/signup/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341 HTTP 301
    https://www.casumo.com/de/registrieren/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341 HTTP 301
    https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
  • https://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
  • http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875
Request Chain 25
  • https://5903415.fls.doubleclick.net/activityi;src=5903415;type=uk;cat=home01;ord=7679753298517;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341 HTTP 302
  • https://5903415.fls.doubleclick.net/activityi;dc_pre=CK7FoeGo7ecCFZzjuwgd8bwCCw;src=5903415;type=uk;cat=home01;ord=7679753298517;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341
Request Chain 26
  • https://5903415.fls.doubleclick.net/activityi;src=5903415;type=uk;cat=casum00;ord=1;num=8684190911753;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341 HTTP 302
  • https://5903415.fls.doubleclick.net/activityi;dc_pre=CI7IoeGo7ecCFfrjuwgd7kMHSQ;src=5903415;type=uk;cat=casum00;ord=1;num=8684190911753;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341
Request Chain 28
  • https://pixel.mathtag.com/event/js?mt_id=618789&mt_adid=129668&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=undefined HTTP 302
  • https://pixel.mathtag.com/event/js?mt_id=618789&mt_adid=129668&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=undefined&mm_bnc&mm_bct&UUID=38625e55-6582-4800-9ceb-39ec8884a211
Request Chain 30
  • https://secure.adnxs.com/seg?add=11451491&t=1 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11451491%26t%3D1
Request Chain 31
  • https://pixel.mathtag.com/event/js?mt_id=1399311&mt_adid=129668&mt_exem=&mt_excl=&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=undefined HTTP 302
  • https://pixel.mathtag.com/event/js?mt_id=1399311&mt_adid=129668&mt_exem=&mt_excl=&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=undefined&mm_bnc&mm_bct&UUID=f4825e55-6582-4b00-b2c2-91ca9bf0c3d8
Request Chain 63
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=409698775&t=pageview&_s=1&dl=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341&ul=en-us&de=UTF-8&dt=Casumo%20-%20ein%20Online%20Casino%20100%25%20Bonus%20von%20bis%20zu%20500%E2%82%AC%20und%20120%20Freispiele*&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGBAAUADQ~&jid=515073518&gjid=1874098567&cid=1365643567.1582654850&tid=UA-41199862-1&_gid=575770988.1582654850&_r=1&gtm=2ou2c0&z=464224959 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41199862-1&cid=1365643567.1582654850&jid=515073518&_gid=575770988.1582654850&gjid=1874098567&_v=j81&z=464224959
Request Chain 64
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=409698775&t=pageview&_s=1&dl=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341%23signup&dp=www.casumo.com%2Fde%2F&ul=en-us&de=UTF-8&dt=Casumo%20-%20ein%20Online%20Casino%20100%25%20Bonus%20von%20bis%20zu%20500%E2%82%AC%20und%20120%20Freispiele*&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAUADQ~&jid=1791525283&gjid=92183101&cid=1226836730.1582654850&tid=UA-41199862-1&_gid=1911181861.1582654850&_r=1&gtm=2wg2c023P4&cd5=2020-02-25T19%3A20%3A50.492%2B01%3A00&cd9=Logged%20Out&cd10=de&cd14=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341&cd15=(not%20set)&cd16=casino&cd17=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341%23signup&z=335740551 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41199862-1&cid=1226836730.1582654850&jid=1791525283&_gid=1911181861.1582654850&gjid=92183101&_v=j81&z=335740551
Request Chain 65
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=409698775&t=pageview&_s=1&dl=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341%23signup&ul=en-us&de=UTF-8&dt=Casumo%20-%20ein%20Online%20Casino%20100%25%20Bonus%20von%20bis%20zu%20500%E2%82%AC%20und%20120%20Freispiele*&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAUADQ~&jid=1819858695&gjid=1420012923&cid=1226836730.1582654850&tid=UA-113820013-2&_gid=1911181861.1582654850&_r=1&gtm=2wg2c023P4&cd5=2020-02-25T19%3A20%3A50.254%2B01%3A00&z=1732003473 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-113820013-2&cid=1226836730.1582654850&jid=1819858695&_gid=1911181861.1582654850&gjid=1420012923&_v=j81&z=1732003473 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113820013-2&cid=1226836730.1582654850&jid=1819858695&_v=j81&z=1732003473 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113820013-2&cid=1226836730.1582654850&jid=1819858695&_v=j81&z=1732003473&slf_rd=1&random=1203742769

77 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
68b7c
mpwnqgrz.success-building.com/
2 KB
2 KB
Document
General
Full URL
http://mpwnqgrz.success-building.com/68b7c
Protocol
HTTP/1.1
Server
46.41.136.19 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.2.10
Resource Hash
fb9268bec728737ca15294021d2de745dbba0a16c27feb05893c4867f2cfca23

Request headers

Host
mpwnqgrz.success-building.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Tue, 25 Feb 2020 18:20:46 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1658
Connection
keep-alive
X-Powered-By
PHP/7.2.10
Cookie set xAkYYsMCA
fdfjhks.com/
Redirect Chain
  • http://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875
  • https://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875
  • http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875
236 B
482 B
Document
General
Full URL
http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875
Protocol
HTTP/1.1
Server
185.255.179.132 Riga, Latvia, ASN202933 (CLOUDSOLUTIONS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e55081e13799d54eade64284f842f1297531e6f29c927ecf987577d8e956ff93

Request headers

Host
fdfjhks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://mpwnqgrz.success-building.com/68b7c
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://mpwnqgrz.success-building.com/68b7c

Response headers

Server
nginx
Date
Tue, 25 Feb 2020 18:20:46 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Set-Cookie
cco_10573_12484=1; path=/; expires=Wed, 26 Feb 2020 18:20:46 GMT; httponly

Redirect headers

status
302
server
nginx
date
Tue, 25 Feb 2020 18:20:46 GMT
content-type
text/html; charset=utf-8
content-length
103
location
http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875
Primary Request /
www.casumo.com/de/
Redirect Chain
  • https://ads.casumoaffiliates.com/redirect.aspx?pid=1124341&bid=12181&click_id=01-akfhtfmx4khvfljudzgigmwht1n
  • https://www.casumo.com/signup?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
  • https://www.casumo.com/de/signup?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
  • https://www.casumo.com/de/signup/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
  • https://www.casumo.com/de/registrieren/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
  • https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
133 KB
23 KB
Document
General
Full URL
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f149ba818fa5b433471f453577026204171689e6157ec90904d6c65eb81eafe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.casumo.com
:scheme
https
:path
/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
kazumo=eyJ0ZXN0U3ViamVjdElkIjoiMzUxNTY5MjQtZDJjZC00NzEwLWIyYzItZWY1MDJkOWExM2Y2IiwibWFya2V0Q29kZSI6ImRlX2RlIn0-; kazumoSession=eyJpc1RhZ2dlZCI6dHJ1ZSwidGFyZ2V0Q2FtcGFpZ25JZCI6bnVsbCwicHJlU2VsZWN0ZWRXZWxjb21lT2ZmZXJJZCI6bnVsbH0-; kazumoMedium=eyJyZWZlcnJlckluZm8iOnsicmVmZXJyZXIiOiJuZXRyZWZlciIsIm9mZmVySWQiOm51bGwsInRhcmdldENhbXBhaWduSWQiOm51bGwsIm1ldGFkYXRhIjp7ImJhbm5lcklkIjoiNjYwNTA1X0VGOUUyREQyQzE2QzQzOUQ4M0Y3Qzc2ODZFMzBFMzMxIiwiYWZmSWQiOiI2NjA1MDUiLCJtYXJrZXRpbmdTb3VyY2VJZCI6IjExMjQzNDEifX19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875

Response headers

status
200
date
Tue, 25 Feb 2020 18:20:49 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd0c6686608d7bad7add060a46bae5ac21582654849; expires=Thu, 26-Mar-20 18:20:49 GMT; path=/; domain=.casumo.com; HttpOnly; SameSite=Lax kazumoTrackingId=05cf45b5-89f5-45da-b30f-c771f0fbfaa0; Path=/; Expires=Fri, 22 Feb 2030 18:20:49 GMT; Secure; SameSite=Lax kazumo=eyJ0ZXN0U3ViamVjdElkIjoiMDVjZjQ1YjUtODlmNS00NWRhLWIzMGYtYzc3MWYwZmJmYWEwIiwibWFya2V0Q29kZSI6ImRlX2RlIn0-; Path=/; Expires=Wed, 24-Feb-2021 18:20:49 GMT; Max-Age=31536000; Secure kazumo=eyJ0ZXN0U3ViamVjdElkIjoiMDVjZjQ1YjUtODlmNS00NWRhLWIzMGYtYzc3MWYwZmJmYWEwIiwibWFya2V0Q29kZSI6ImRlX2RlIn0-; Path=/; Expires=Wed, 24-Feb-2021 18:20:49 GMT; Max-Age=31536000; Secure kazumoSession=eyJpc1RhZ2dlZCI6dHJ1ZSwidGFyZ2V0Q2FtcGFpZ25JZCI6bnVsbCwicHJlU2VsZWN0ZWRXZWxjb21lT2ZmZXJJZCI6bnVsbH0-; Path=/; Secure kazumoSession=eyJpc1RhZ2dlZCI6dHJ1ZSwidGFyZ2V0Q2FtcGFpZ25JZCI6bnVsbCwicHJlU2VsZWN0ZWRXZWxjb21lT2ZmZXJJZCI6bnVsbH0-; Path=/; Secure kazumoSession=eyJpc1RhZ2dlZCI6dHJ1ZSwidGFyZ2V0Q2FtcGFpZ25JZCI6bnVsbCwicHJlU2VsZWN0ZWRXZWxjb21lT2ZmZXJJZCI6bnVsbH0-; Path=/; Secure kazumoMedium=eyJyZWZlcnJlckluZm8iOnsicmVmZXJyZXIiOiJuZXRyZWZlciIsIm9mZmVySWQiOm51bGwsInRhcmdldENhbXBhaWduSWQiOm51bGwsIm1ldGFkYXRhIjp7ImJhbm5lcklkIjoiNjYwNTA1X0VGOUUyREQyQzE2QzQzOUQ4M0Y3Qzc2ODZFMzBFMzMxIiwiYWZmSWQiOiI2NjA1MDUiLCJtYXJrZXRpbmdTb3VyY2VJZCI6IjExMjQzNDEifX19; Path=/; Expires=Thu, 26-Mar-2020 18:20:49 GMT; Max-Age=2592000; Secure
cf-ray
56abb20839dbd8c1-AMS
cache-control
no-cache, no-store, must-revalidate, max-age=0, smax-age=0
content-encoding
gzip
etag
W/"215c8-JA/LjzegoHxdK3GpRhXqTnPFj/I"
strict-transport-security
max-age=3600
vary
Accept-Encoding
cf-cache-status
DYNAMIC
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
cloudflare

Redirect headers

status
301
date
Tue, 25 Feb 2020 18:20:49 GMT
content-type
text/html; charset=utf-8
location
/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341#signup
cf-ray
56abb2037b10d8c1-AMS
cache-control
no-cache, no-store, must-revalidate, max-age=0, smax-age=0
content-encoding
gzip
set-cookie
kazumo=eyJ0ZXN0U3ViamVjdElkIjoiMzUxNTY5MjQtZDJjZC00NzEwLWIyYzItZWY1MDJkOWExM2Y2IiwibWFya2V0Q29kZSI6ImRlX2RlIn0-; Path=/; Expires=Wed, 24-Feb-2021 18:20:48 GMT; Max-Age=31536000; Secure kazumo=eyJ0ZXN0U3ViamVjdElkIjoiMzUxNTY5MjQtZDJjZC00NzEwLWIyYzItZWY1MDJkOWExM2Y2IiwibWFya2V0Q29kZSI6ImRlX2RlIn0-; Path=/; Expires=Wed, 24-Feb-2021 18:20:48 GMT; Max-Age=31536000; Secure kazumoSession=eyJpc1RhZ2dlZCI6dHJ1ZSwidGFyZ2V0Q2FtcGFpZ25JZCI6bnVsbCwicHJlU2VsZWN0ZWRXZWxjb21lT2ZmZXJJZCI6bnVsbH0-; Path=/; Secure kazumoSession=eyJpc1RhZ2dlZCI6dHJ1ZSwidGFyZ2V0Q2FtcGFpZ25JZCI6bnVsbCwicHJlU2VsZWN0ZWRXZWxjb21lT2ZmZXJJZCI6bnVsbH0-; Path=/; Secure kazumoSession=eyJpc1RhZ2dlZCI6dHJ1ZSwidGFyZ2V0Q2FtcGFpZ25JZCI6bnVsbCwicHJlU2VsZWN0ZWRXZWxjb21lT2ZmZXJJZCI6bnVsbH0-; Path=/; Secure kazumoMedium=eyJyZWZlcnJlckluZm8iOnsicmVmZXJyZXIiOiJuZXRyZWZlciIsIm9mZmVySWQiOm51bGwsInRhcmdldENhbXBhaWduSWQiOm51bGwsIm1ldGFkYXRhIjp7ImJhbm5lcklkIjoiNjYwNTA1X0VGOUUyREQyQzE2QzQzOUQ4M0Y3Qzc2ODZFMzBFMzMxIiwiYWZmSWQiOiI2NjA1MDUiLCJtYXJrZXRpbmdTb3VyY2VJZCI6IjExMjQzNDEifX19; Path=/; Expires=Thu, 26-Mar-2020 18:20:48 GMT; Max-Age=2592000; Secure
strict-transport-security
max-age=3600
vary
Accept, Accept-Encoding
cf-cache-status
DYNAMIC
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
cloudflare
Casumo-Bold.f2ebc4e1beda3904da399b2b60306314.woff2
www.casumo.com/los2assets/
20 KB
20 KB
Font
General
Full URL
https://www.casumo.com/los2assets/Casumo-Bold.f2ebc4e1beda3904da399b2b60306314.woff2
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d075dbe87ef00d631717a3e578f737c407adb9ea26c53195cb8cb343c11699d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Origin
https://www.casumo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
15046
status
200
vary
Accept-Encoding
content-length
20228
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"4f04-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
font/woff2
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
accept-ranges
bytes
cf-ray
56abb20bbcfad8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
Casumo-Medium.d88bf80bad8982dd79f883f91f2529b9.woff2
www.casumo.com/los2assets/
20 KB
20 KB
Font
General
Full URL
https://www.casumo.com/los2assets/Casumo-Medium.d88bf80bad8982dd79f883f91f2529b9.woff2
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
775cd327ae970c9120d9002dbd53d5296b37182bf39a7816f652f6b4fc6f2d15
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Origin
https://www.casumo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
15046
status
200
vary
Accept-Encoding
content-length
20268
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"4f2c-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
font/woff2
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
accept-ranges
bytes
cf-ray
56abb20bbcfbd8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
js
www.googletagmanager.com/gtag/
74 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-41199862-1
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c31dc6fa0b082f6f3ef0dac6077ec8f27b9f910fbb202941ac1023fec27fb4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28491
x-xss-protection
0
last-modified
Tue, 25 Feb 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Feb 2020 18:20:49 GMT
vendor.styles.d2218dd96928c24b72ea.css
www.casumo.com/los2assets/
57 KB
11 KB
Stylesheet
General
Full URL
https://www.casumo.com/los2assets/vendor.styles.d2218dd96928c24b72ea.css
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ad1d7f2b20d795185de9d731a3e0937dd0ba5b933cf1774fd5ca8a1ad79944
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15046
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"e5ae-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20bbd00d8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
main.styles.2331bf6681fa2872053c.css
www.casumo.com/los2assets/
132 KB
18 KB
Stylesheet
General
Full URL
https://www.casumo.com/los2assets/main.styles.2331bf6681fa2872053c.css
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec800fac80d6c3174a7092299ac66bfff65050bc5cf7cc34718d947313a181a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15064
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"20f77-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20bbd03d8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
casumo.cudl.31d6cfe0d16ae931b73c.css
www.casumo.com/los2assets/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.casumo.com/los2assets/casumo.cudl.31d6cfe0d16ae931b73c.css
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
decaa7e9b7f1202395a20d3ba5972789bc9427fc06a90f8cad5f03d362a39eec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15046
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"126a-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20bbd05d8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
homePage.bffc7f57b6553183bc66.js
www.casumo.com/los2assets/
2 KB
1 KB
Script
General
Full URL
https://www.casumo.com/los2assets/homePage.bffc7f57b6553183bc66.js
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aac3fdbecdc202f07c8887c13209bd48db64e3ae49effe8b9a32fd6546a9b48c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15046
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"7d3-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20bbd07d8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
vendor.03f4a3db6da0c3640a3d.js
www.casumo.com/los2assets/
968 KB
275 KB
Script
General
Full URL
https://www.casumo.com/los2assets/vendor.03f4a3db6da0c3640a3d.js
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
973ad4fe29b3e58befebd30c2be81719cd248b7f86953a71e925eb997e0ccf37
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15046
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"f1f85-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20bfdf4d8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
main.5e74fef3901e12ed9f2d.js
www.casumo.com/los2assets/
354 KB
94 KB
Script
General
Full URL
https://www.casumo.com/los2assets/main.5e74fef3901e12ed9f2d.js
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0229142ca0205538eb9eeb31ac7950edc2a9e3c6cb93c45038f2c58ba3ba3c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
11679
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 14:56:12 GMT
server
cloudflare
etag
W/"5899b-1707cd92ae0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20c0e54d8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
runtime.dca7da87935c436c84e8.js
www.casumo.com/los2assets/
30 KB
12 KB
Script
General
Full URL
https://www.casumo.com/los2assets/runtime.dca7da87935c436c84e8.js
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e81633e106381557db1d19a249eca6ca0cf692ebb8783d2a0530e7086a7f91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
11679
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 14:56:12 GMT
server
cloudflare
etag
W/"79a1-1707cd92ae0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20c1e6bd8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
casumo.6a704ae6acd8662698a1.js
www.casumo.com/los2assets/
45 KB
12 KB
Script
General
Full URL
https://www.casumo.com/los2assets/casumo.6a704ae6acd8662698a1.js
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d59b2768f277ff6df51bba7055f856d7d1209a7d47f2abf0d3e3bd7d3b50040a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15046
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"b590-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20c1e71d8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
casumo-logo.70548c30a11d566d2324742e01cfb392.svg
www.casumo.com/los2assets/
3 KB
1 KB
Image
General
Full URL
https://www.casumo.com/los2assets/casumo-logo.70548c30a11d566d2324742e01cfb392.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fbfebdb2614226930abc54288b66b1b45144b9374ef2157e50951389785544
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15046
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"bbc-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
image/svg+xml
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20c1e76d8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
2020-Q1_ROW_LOS_PopularGames-BookOfDead_v01.png
images.casumo.com/2020/02/
76 KB
77 KB
Image
General
Full URL
https://images.casumo.com/2020/02/2020-Q1_ROW_LOS_PopularGames-BookOfDead_v01.png?w=1020&fit=clamp&markscale=95&auto=compress&fm=jpg&markalign=top%2Ccenter&markfit=max&dpr=1&q=70
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6782134ffc59c05f9f5c556f7447c7c88d46cdf1c03fb33abe37f69fdc53121
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
14317
cf-polished
degrade=85, origSize=93125
x-cache
MISS, HIT
status
200
last-modified
Thu, 20 Feb 2020 09:40:37 GMT
x-imgix-id
5024061bc64169cf5cac1c078ac6aba981897f5e
content-length
77831
x-served-by
cache-lax8625-LAX, cache-fra19139-FRA
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
56abb20c9ab6c781-AMS
expires
Fri, 27 Mar 2020 18:20:50 GMT
pixel.5308eb7bcc5d24831125d1dacb2fda36.png
www.casumo.com/los2assets/
138 B
910 B
Image
General
Full URL
https://www.casumo.com/los2assets/pixel.5308eb7bcc5d24831125d1dacb2fda36.png
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c38b0dd7042e6d50f189921a0a909b9c417b6b4c6b6c7fcbc2f4c4d005fcff4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
15046
cf-polished
pngoptimizer, origSize=2871
status
200
cf-bgj
imgq:85
vary
Accept-Encoding
content-length
138
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"b37-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
image/png
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
accept-ranges
bytes
cf-ray
56abb20c1e79d8c1-AMS
expires
Wed, 24 Feb 2021 18:20:49 GMT
dotsDesktop.74858631ab7f09a08c5459e9c244c359.svg
www.casumo.com/los2assets/
9 KB
3 KB
Image
General
Full URL
https://www.casumo.com/los2assets/dotsDesktop.74858631ab7f09a08c5459e9c244c359.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c6f2dbfa0e11ced02b48a215801538c08a846c61ecad272e1be41eca1b8a0e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15047
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"23b1-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
image/svg+xml
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20c4f0bd8c1-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
dots.b6c68ff50fae51a0cab51dee0e505a7d.svg
www.casumo.com/los2assets/
2 KB
784 B
Image
General
Full URL
https://www.casumo.com/los2assets/dots.b6c68ff50fae51a0cab51dee0e505a7d.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a4e5b002975267ab78d1fcfcec217617b01b1d677facfa80505fa12be103da
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15047
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"66b-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
image/svg+xml
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20c5f2fd8c1-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
expand.29248e8900a64a0abe63e20006f57dfd.svg
www.casumo.com/los2assets/
1 KB
629 B
Image
General
Full URL
https://www.casumo.com/los2assets/expand.29248e8900a64a0abe63e20006f57dfd.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1586153caa2acf9cdd27f4f9214845543130d319ea803186b6e9f61f246941a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15047
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"458-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
image/svg+xml
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20c5f3ed8c1-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41199862-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1718
date
Tue, 25 Feb 2020 17:52:11 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Tue, 25 Feb 2020 19:52:11 GMT
gtm.js
www.googletagmanager.com/
181 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-23P4
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b4c5b31f0cfb9e90460fa673290e25cb09d49b506a5bbb1e76147dcaf0c7af9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38974
x-xss-protection
0
last-modified
Tue, 25 Feb 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Feb 2020 18:20:49 GMT
external-link.99253b85dd24dfe0647e78ad7406dbb6.png
www.casumo.com/los2assets/
549 B
664 B
Image
General
Full URL
https://www.casumo.com/los2assets/external-link.99253b85dd24dfe0647e78ad7406dbb6.png
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b4f269427a7c71226348a30129e1bcfcaf30f12a3a387df26283dec0d08e29
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/los2assets/main.styles.2331bf6681fa2872053c.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
15047
cf-polished
origSize=655
status
200
cf-bgj
imgq:85
vary
Accept-Encoding
content-length
549
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"28f-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
image/png
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
accept-ranges
bytes
cf-ray
56abb20c6f56d8c1-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
mp.js
mp-proxy-aws.casumo.com/
72 KB
24 KB
Script
General
Full URL
https://mp-proxy-aws.casumo.com/mp.js
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.169.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51b93d3a0f08a7a996cd669bae8b086be6a590d49f18406716c495f8f339a5aa

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
cf-cache-status
HIT
age
15047
x-guploader-uploadid
AEnB2Uo-c61NIzjplIAY-wA2Y4wt9Y6BM7CgFXkeb-S_dahbaJY-BTA9hdmSM9lfQ54ZZxQKejdQ9MocAhZ5nUJrggGoLNo_Z6a8n8CEwfWDKWM_NwIXgxo
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
24310
cf-ray
56abb20c9b9ac771-AMS
access-control-allow-origin
*
last-modified
Wed, 05 Feb 2020 00:17:19 GMT
server
cloudflare
etag
"77f71aec224927ea65e55fb94c97632f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=d/v9hw==, md5=d/ca7CJJJ+pl5V+5TJdjLw==
content-language
en
x-goog-generation
1580861839915277
cache-control
public, max-age=2678400
x-goog-stored-content-length
24310
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 27 Mar 2020 18:20:50 GMT
js
www.google-analytics.com/gtm/
95 KB
28 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KQ8DNWJ&t=gtag_UA_41199862_1&cid=1365643567.1582654850
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9529046a898f47a3b7cbd88a09dfb3b9d8ff0152a80db52d552b5e9bd371700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:49 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Cache-Control
content-length
28435
x-xss-protection
0
expires
Tue, 25 Feb 2020 18:20:49 GMT
api.js
www.google.com/recaptcha/
708 B
572 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LdxidQUAAAAAHT6LisjVHo6ONOKnfcWzSLhOnBc
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/los2assets/vendor.03f4a3db6da0c3640a3d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ec48bb4f5e8333410e0b65d5d0c1f8d1a3fc76b0448b3cb99cd4b97cc46a79f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
478
x-xss-protection
1; mode=block
expires
Tue, 25 Feb 2020 18:20:50 GMT
activityi;dc_pre=CK7FoeGo7ecCFZzjuwgd8bwCCw;src=5903415;type=uk;cat=home01;ord=7679753298517;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefin...
5903415.fls.doubleclick.net/ Frame E465
Redirect Chain
  • https://5903415.fls.doubleclick.net/activityi;src=5903415;type=uk;cat=home01;ord=7679753298517;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undef...
  • https://5903415.fls.doubleclick.net/activityi;dc_pre=CK7FoeGo7ecCFZzjuwgd8bwCCw;src=5903415;type=uk;cat=home01;ord=7679753298517;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c...
0
0
Document
General
Full URL
https://5903415.fls.doubleclick.net/activityi;dc_pre=CK7FoeGo7ecCFZzjuwgd8bwCCw;src=5903415;type=uk;cat=home01;ord=7679753298517;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-23P4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5903415.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CK7FoeGo7ecCFZzjuwgd8bwCCw;src=5903415;type=uk;cat=home01;ord=7679753298517;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 25 Feb 2020 18:20:50 GMT
expires
Tue, 25 Feb 2020 18:20:50 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
486
x-xss-protection
0
set-cookie
IDE=AHWqTUm0payi5eq4Ai-HZa6yXWBkuJVwnjq-pacYwZPqaLbbzOcGbi_KvPuU5p3k; expires=Sun, 21-Mar-2021 18:20:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 25 Feb 2020 18:20:50 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5903415.fls.doubleclick.net/activityi;dc_pre=CK7FoeGo7ecCFZzjuwgd8bwCCw;src=5903415;type=uk;cat=home01;ord=7679753298517;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 25-Feb-2020 18:35:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
activityi;dc_pre=CI7IoeGo7ecCFfrjuwgd7kMHSQ;src=5903415;type=uk;cat=casum00;ord=1;num=8684190911753;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=...
5903415.fls.doubleclick.net/ Frame AA01
Redirect Chain
  • https://5903415.fls.doubleclick.net/activityi;src=5903415;type=uk;cat=casum00;ord=1;num=8684190911753;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u1...
  • https://5903415.fls.doubleclick.net/activityi;dc_pre=CI7IoeGo7ecCFfrjuwgd7kMHSQ;src=5903415;type=uk;cat=casum00;ord=1;num=8684190911753;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da...
0
0
Document
General
Full URL
https://5903415.fls.doubleclick.net/activityi;dc_pre=CI7IoeGo7ecCFfrjuwgd7kMHSQ;src=5903415;type=uk;cat=casum00;ord=1;num=8684190911753;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-23P4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5903415.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CI7IoeGo7ecCFfrjuwgd7kMHSQ;src=5903415;type=uk;cat=casum00;ord=1;num=8684190911753;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 25 Feb 2020 18:20:50 GMT
expires
Tue, 25 Feb 2020 18:20:50 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
491
x-xss-protection
0
set-cookie
IDE=AHWqTUmBACk4fQP1h4-OI2i9Zk00mgUPHoowVBb6bYZy2kTQYGp8Cnn_XqKQ2d80; expires=Sun, 21-Mar-2021 18:20:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 25 Feb 2020 18:20:50 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5903415.fls.doubleclick.net/activityi;dc_pre=CI7IoeGo7ecCFfrjuwgd7kMHSQ;src=5903415;type=uk;cat=casum00;ord=1;num=8684190911753;gtm=2wg2c0;auiddc=1253960294.1582654850;u1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0;u9=undefined;u10=undefined;u18=de;u15=undefined;u3=%2Fde%2F;u5=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341;~oref=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 25-Feb-2020 18:35:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
bat.js
bat.bing.com/
23 KB
7 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-23P4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
last-modified
Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref
Ref A: 2032B345683D4FD288AE50088E2401AA Ref B: FRAEDGE0822 Ref C: 2020-02-25T18:20:50Z
access-control-allow-origin
*
etag
"8087c39c79d8d51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7295
js
pixel.mathtag.com/event/
Redirect Chain
  • https://pixel.mathtag.com/event/js?mt_id=618789&mt_adid=129668&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=undefined
  • https://pixel.mathtag.com/event/js?mt_id=618789&mt_adid=129668&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=undefined&mm_bnc&mm_b...
597 B
1 KB
Script
General
Full URL
https://pixel.mathtag.com/event/js?mt_id=618789&mt_adid=129668&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=undefined&mm_bnc&mm_bct&UUID=38625e55-6582-4800-9ceb-39ec8884a211
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 2129 8dd2d16 master cdg-pixel-x15 /
Resource Hash
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Feb 2020 18:20:50 GMT
Server
MT3 2129 8dd2d16 master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Tue, 25 Feb 2020 18:20:49 GMT

Redirect headers

Date
Tue, 25 Feb 2020 18:20:50 GMT
Server
MT3 2129 8dd2d16 master cdg-pixel-x16
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://pixel.mathtag.com/event/js?mt_id=618789&mt_adid=129668&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=undefined&mm_bnc&mm_bct&UUID=38625e55-6582-4800-9ceb-39ec8884a211
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
0
Expires
Tue, 25 Feb 2020 18:20:49 GMT
B10286344.137561937;sz=1x2;ord=434700207078
ad.doubleclick.net/ddm/adj/N410415.197812NSO.CODESRV/
11 B
625 B
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N410415.197812NSO.CODESRV/B10286344.137561937;sz=1x2;ord=434700207078?
Requested by
Host: mpwnqgrz.success-building.com
URL: http://mpwnqgrz.success-building.com/68b7c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=11451491&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11451491%26t%3D1
0
1 KB
Script
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11451491%26t%3D1
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Feb 2020 18:20:52 GMT
AN-X-Request-Uuid
a184c60a-6553-4b5c-8314-b7a976160c94
Content-Type
application/javascript; charset=utf-8
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.249.64.198; 89.249.64.198; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Feb 2020 18:20:52 GMT
AN-X-Request-Uuid
77d5a28b-bf04-4905-8e97-5a17dc34a975
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D11451491%26t%3D1
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.249.64.198; 89.249.64.198; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.47:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
js
pixel.mathtag.com/event/
Redirect Chain
  • https://pixel.mathtag.com/event/js?mt_id=1399311&mt_adid=129668&mt_exem=&mt_excl=&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=un...
  • https://pixel.mathtag.com/event/js?mt_id=1399311&mt_adid=129668&mt_exem=&mt_excl=&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=un...
597 B
1 KB
Script
General
Full URL
https://pixel.mathtag.com/event/js?mt_id=1399311&mt_adid=129668&mt_exem=&mt_excl=&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=undefined&mm_bnc&mm_bct&UUID=f4825e55-6582-4b00-b2c2-91ca9bf0c3d8
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 2129 8dd2d16 master cdg-pixel-x19 /
Resource Hash
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Feb 2020 18:20:50 GMT
Server
MT3 2129 8dd2d16 master cdg-pixel-x19
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Tue, 25 Feb 2020 18:20:49 GMT

Redirect headers

Date
Tue, 25 Feb 2020 18:20:50 GMT
Server
MT3 2165 69226c8 master cdg-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://pixel.mathtag.com/event/js?mt_id=1399311&mt_adid=129668&mt_exem=&mt_excl=&v1=&v2=undefined&v3=undefined&s1=05cf45b5-89f5-45da-b30f-c771f0fbfaa0&s2=&s3=de&s4=&s5=undefined&s6=undefined&s7=undefined&mm_bnc&mm_bct&UUID=f4825e55-6582-4b00-b2c2-91ca9bf0c3d8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
0
Expires
Tue, 25 Feb 2020 18:20:49 GMT
spef.min.js
trck.spoteffects.net/analytics/
77 KB
22 KB
Script
General
Full URL
https://trck.spoteffects.net/analytics/spef.min.js
Requested by
Host: mpwnqgrz.success-building.com
URL: http://mpwnqgrz.success-building.com/68b7c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.119.158.131 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
90ba2ef9ef8fb5fd2c6a50ffa0fc4339690c58902bbb7948bc86405735f8e463

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
last-modified
Mon, 11 Mar 2019 16:40:52 GMT
server
nginx
etag
W/"5c868f94-1323e"
content-type
application/javascript
status
200
cache-control
max-age=604800, public
expires
Tue, 03 Mar 2020 18:20:50 GMT
graphql
www.casumo.com/api/los/
1 KB
651 B
Fetch
General
Full URL
https://www.casumo.com/api/los/graphql
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/los2assets/vendor.03f4a3db6da0c3640a3d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3600893e9a92b6fee7057d0bf8e78e67d07ebd4d3b155873675716488b5f1a5c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Origin
https://www.casumo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"4bb-w/OY9VYc4zoq1MlF0ldUE+541wA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casumo.com
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20e3c8fd8c1-AMS
graphql
www.casumo.com/api/los/
239 B
299 B
Fetch
General
Full URL
https://www.casumo.com/api/los/graphql
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/los2assets/vendor.03f4a3db6da0c3640a3d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b27167988e45b99ba7eafa23006b3522c1fd1d79a505aa782a1a44b5be595d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Origin
https://www.casumo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"ef-EgBiJiJDwh6diOlG+0Pfwfw3h0k"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casumo.com
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20e3cb1d8c1-AMS
button-idle.9cb499f2999ebd429d07b88b023067e4.svg
www.casumo.com/los2assets/
2 KB
1 KB
Image
General
Full URL
https://www.casumo.com/los2assets/button-idle.9cb499f2999ebd429d07b88b023067e4.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df13324f01b8a8089a126ee5a299203aba77607208b680c93342e2d124aed08f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15046
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 25 Feb 2020 13:44:04 GMT
server
cloudflare
etag
W/"7c8-1707c9720a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
image/svg+xml
cache-control
public, max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20ebe16d8c1-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
18-white.svg
images.casumo.com/2019/08/
2 KB
827 B
Image
General
Full URL
https://images.casumo.com/2019/08/18-white.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48144deee26ac29f833b7945ccb190d81f4f3fa4c2d6278ee6c5d5ac50e8120e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
HIT, HIT
status
200
x-imgix-id
d69b1045846af990a21d26170733de0a5afe75ae
content-length
677
x-served-by
cache-lax8640-LAX, cache-fra19129-FRA
last-modified
Fri, 09 Aug 2019 09:12:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20f198bc781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
sofortPayment.svg
images.casumo.com/2019/07/
4 KB
2 KB
Image
General
Full URL
https://images.casumo.com/2019/07/sofortPayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abba059e4f95d6baa5a64df09988756662f593bd227f51e6b979a5f66fdaa31b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
HIT, HIT
status
200
x-imgix-id
9cc659ca8c052d3afae780b8d0ee81471c447636
content-length
1780
x-served-by
cache-lax8641-LAX, cache-fra19130-FRA
last-modified
Mon, 15 Jul 2019 09:42:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
56abb20f198cc781-AMS
expires
Fri, 27 Mar 2020 18:20:50 GMT
giroPayPayment.svg
images.casumo.com/2019/07/
4 KB
2 KB
Image
General
Full URL
https://images.casumo.com/2019/07/giroPayPayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97f56de52f760d4317fc40bb1e22d827cdf6434c7527e265af6b7461f8a24754
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
HIT, HIT
status
200
x-imgix-id
3bf9192fd00591cb06ebe15056c1028482882bec
content-length
1548
x-served-by
cache-lax8637-LAX, cache-fra19166-FRA
last-modified
Mon, 15 Jul 2019 09:41:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
56abb20f198ec781-AMS
expires
Fri, 27 Mar 2020 18:20:50 GMT
paysafePayment.svg
images.casumo.com/2019/07/
12 KB
4 KB
Image
General
Full URL
https://images.casumo.com/2019/07/paysafePayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6310c28a5390fb8a60efd017f8c3b6db3080fc9cd59a0ee2565e293be19ef364
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
MISS, HIT
status
200
x-imgix-id
0646ed560aa2fd453448191a7a3c404b6f1f0da1
content-length
4281
x-served-by
cache-lax8645-LAX, cache-fra19122-FRA
last-modified
Mon, 15 Jul 2019 09:42:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20f1991c781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
visaPayment.svg
images.casumo.com/2019/07/
1 KB
978 B
Image
General
Full URL
https://images.casumo.com/2019/07/visaPayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61932678d8dea7fe802d3aa51f7f66b9a313b16ee7388027909f388b803af39f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
HIT, HIT
status
200
x-imgix-id
47602e76a9cba42bcf3b6e5376e69614fcdca234
content-length
785
x-served-by
cache-lax8628-LAX, cache-fra19132-FRA
last-modified
Mon, 15 Jul 2019 09:42:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20f1992c781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
mastercardPayment.svg
images.casumo.com/2019/07/
785 B
566 B
Image
General
Full URL
https://images.casumo.com/2019/07/mastercardPayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a28b2521c82ff6f34f5a93e4df72927f4af9267a5febeafdbf34483c806611f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
MISS, HIT
status
200
x-imgix-id
b788026e620ad98814f27900c6e73385537daf09
content-length
415
x-served-by
cache-lax8620-LAX, cache-fra19163-FRA
last-modified
Mon, 15 Jul 2019 09:42:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20f1993c781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
skrillPayment.svg
images.casumo.com/2019/07/
2 KB
1 KB
Image
General
Full URL
https://images.casumo.com/2019/07/skrillPayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329427543edc80efec73e83a76f287deb7c61e81e7e48714dbaec4eeecc26102
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
HIT, HIT
status
200
x-imgix-id
95d07773bf358dbe4650221188fc20846a0b0f22
content-length
849
x-served-by
cache-lax8635-LAX, cache-fra19180-FRA
last-modified
Mon, 15 Jul 2019 09:42:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20f5a38c781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
trustlyPayment.svg
images.casumo.com/2019/07/
5 KB
2 KB
Image
General
Full URL
https://images.casumo.com/2019/07/trustlyPayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d04d1f28b45ce2166775db3d18f009f3db0dda88112e788ec1e51eea21b879
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
HIT, HIT
status
200
x-imgix-id
738ac9148204e94c69e3de03bd89f68e5f9867b7
content-length
2138
x-served-by
cache-lax8633-LAX, cache-fra19134-FRA
last-modified
Mon, 15 Jul 2019 09:42:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20f6a4ec781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
netellerPayment.svg
images.casumo.com/2019/07/
1 KB
880 B
Image
General
Full URL
https://images.casumo.com/2019/07/netellerPayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeb4b51eff88707469ff6eae50c25e6b024649d63e46a44c05672ffcde3a6e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
HIT, HIT
status
200
x-imgix-id
5d5a240ea53ee4ac35d2dd5e188200f3dc8523da
content-length
729
x-served-by
cache-lax8649-LAX, cache-fra19146-FRA
last-modified
Mon, 15 Jul 2019 09:42:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20f6a54c781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
muchBetterPayment.svg
images.casumo.com/2019/07/
18 KB
7 KB
Image
General
Full URL
https://images.casumo.com/2019/07/muchBetterPayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba6c38f5a765649d8bf61137958395bd9406c29130ae1a547f7bf47395257938
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
MISS, HIT
status
200
x-imgix-id
f0ba254bd0e66cb78861bd1017f4073afd53915a
content-length
6651
x-served-by
cache-lax8630-LAX, cache-fra19125-FRA
last-modified
Mon, 15 Jul 2019 09:42:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
56abb20f6a6ec781-AMS
expires
Fri, 27 Mar 2020 18:20:50 GMT
ecoPayzPayment.svg
images.casumo.com/2019/07/
6 KB
3 KB
Image
General
Full URL
https://images.casumo.com/2019/07/ecoPayzPayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8e8940b2cbf73a135ec690c45877d7c540ff2650d376a16c3351db635bc170
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
HIT, HIT
status
200
x-imgix-id
4597b8c75519e7432c34fa95e06b7f0c8a47a1ef
content-length
2660
x-served-by
cache-lax8638-LAX, cache-fra19122-FRA
last-modified
Mon, 15 Jul 2019 09:41:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20f7a89c781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
cashtoCodePayment.svg
images.casumo.com/2019/07/
9 KB
4 KB
Image
General
Full URL
https://images.casumo.com/2019/07/cashtoCodePayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f14ef9514f4a9dbf5b4d4a8ed5ba7a2a65eb2c3acc0b889c7a11b8bf7e00da74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
MISS, HIT
status
200
x-imgix-id
1131e0ceb5d1278c164ed85cd65d59cee0b9a955
content-length
4099
x-served-by
cache-lax8622-LAX, cache-fra19121-FRA
last-modified
Mon, 15 Jul 2019 09:41:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
56abb20f7a8dc781-AMS
expires
Fri, 27 Mar 2020 18:20:50 GMT
applePayPayment.svg
images.casumo.com/2019/07/
6 KB
3 KB
Image
General
Full URL
https://images.casumo.com/2019/07/applePayPayment.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84669f5b709071e792fe5cb329205dcfe1ceddee6181c3bb24c565d810823003
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
HIT, HIT
status
200
x-imgix-id
9c7afc623f2bdd1d1dc87d25f785a430d9ac312c
content-length
2624
x-served-by
cache-lax8636-LAX, cache-fra19164-FRA
last-modified
Mon, 15 Jul 2019 09:41:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
56abb20fab30c781-AMS
expires
Fri, 27 Mar 2020 18:20:50 GMT
image-5.png
images.casumo.com/2019/11/
4 KB
4 KB
Image
General
Full URL
https://images.casumo.com/2019/11/image-5.png?w=1&fit=clamp&markscale=95&auto=compress&fm=png&markalign=top%2Ccenter&markfit=max&dpr=1&q=70
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f541ff08773addb07acb41416a1b65a3b4770f168c7732be925a9dcae7751a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
cf-polished
degrade=85, origSize=4835
x-cache
HIT, HIT
status
200
last-modified
Fri, 07 Feb 2020 11:37:05 GMT
x-imgix-id
787902a432668ee9fa6fc1d53ca9beee03e8f05a
content-length
4276
x-served-by
cache-lax8625-LAX, cache-fra19134-FRA
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20fbb3cc781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
Frame-219.svg
images.casumo.com/2019/11/
7 KB
3 KB
Image
General
Full URL
https://images.casumo.com/2019/11/Frame-219.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e7215e382047ef6670f500cf85aed0d31f12b8614f7833a5a04390f345b262d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
HIT, HIT
status
200
x-imgix-id
c02efccc4f777d29aad22d9edbaaf57408d80eed
content-length
2964
x-served-by
cache-lax8632-LAX, cache-fra19147-FRA
last-modified
Tue, 19 Nov 2019 10:02:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20fbb57c781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
Frame-220.svg
images.casumo.com/2019/11/
7 KB
3 KB
Image
General
Full URL
https://images.casumo.com/2019/11/Frame-220.svg
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2952d1786a904acb009c3332b7dac0d955f54cf440a0c650a4065dd23169c232
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15045
x-cache
HIT, HIT
status
200
x-imgix-id
cda3455eb73a46ba7f99334a6321835229787c47
content-length
2796
x-served-by
cache-lax8634-LAX, cache-fra19178-FRA
last-modified
Tue, 19 Nov 2019 10:02:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
56abb20fbb5cc781-AMS
expires
Fri, 27 Mar 2020 18:20:50 GMT
book-of-dead-backplate.jpg
images.casumo.com/2016/01/
6 KB
7 KB
Image
General
Full URL
https://images.casumo.com/2016/01/book-of-dead-backplate.jpg?w=170&fit=clamp&markscale=95&auto=compress&fm=jpg&markalign=top%2Ccenter&markfit=max&dpr=1&q=70&mark=https%3A%2F%2Fimages.casumo.com%2F2017%2F09%2Fbook_of_dead_logo.png
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbda5186d99121a3285e192b86da2818042bdcc68a27b638ab3d64fc65dac5a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
15022
cf-polished
degrade=85, origSize=7563
x-cache
MISS, HIT
status
200
last-modified
Tue, 25 Feb 2020 01:05:22 GMT
x-imgix-id
65f22dd6227bad2a226d39483963e398e2f90e03
content-length
6643
x-served-by
cache-lax8646-LAX, cache-fra19177-FRA
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20fbb5ec781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
bonanza_thumbnail.jpg
images.casumo.com/2017/08/
15 KB
15 KB
Image
General
Full URL
https://images.casumo.com/2017/08/bonanza_thumbnail.jpg?w=170&fit=clamp&markscale=95&auto=compress&fm=jpg&markalign=top%2Ccenter&markfit=max&dpr=1&q=70&mark=https%3A%2F%2Fimages.casumo.com%2F2017%2F09%2Fbonanza-logo.png
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7486f5c988e54470059b89b64aa6d3cd603e76a2fcd7e9c80e2920f75ca45cd4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
15022
cf-polished
degrade=85, origSize=17198
x-cache
HIT, HIT
status
200
last-modified
Fri, 08 Nov 2019 13:38:37 GMT
x-imgix-id
a0b6fb013aa1b4a6d0bbda80adecd8cf95d96bdc
content-length
15538
x-served-by
cache-lax8626-LAX, cache-fra19162-FRA
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20fdba5c781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
PlayNGo-FireJoker-Thumb.jpg
images.casumo.com/2016/06/
10 KB
10 KB
Image
General
Full URL
https://images.casumo.com/2016/06/PlayNGo-FireJoker-Thumb.jpg?w=170&fit=clamp&markscale=95&auto=compress&fm=jpg&markalign=top%2Ccenter&markfit=max&dpr=1&q=70&mark=https%3A%2F%2Fimages.casumo.com%2F2016%2F06%2FPlayNGo-FireJoker-Logo.png
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a9dc335d8405d049522971b9568f13b53af99876fe4282411172c3e8590dde
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
14974
cf-polished
degrade=85, origSize=11599
x-cache
HIT, HIT
status
200
last-modified
Fri, 07 Feb 2020 09:18:28 GMT
x-imgix-id
17e6070505fe672fe446a07b8ecba08c255dbb9f
content-length
10247
x-served-by
cache-lax8622-LAX, cache-fra19162-FRA
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20ffc03c781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
reactoonz_thumbnail.jpg
images.casumo.com/2017/10/
5 KB
6 KB
Image
General
Full URL
https://images.casumo.com/2017/10/reactoonz_thumbnail.jpg?w=170&fit=clamp&markscale=95&auto=compress&fm=jpg&markalign=top%2Ccenter&markfit=max&dpr=1&q=70&mark=https%3A%2F%2Fimages.casumo.com%2F2017%2F10%2Freactoonz_logo.png
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b9787979d58269f9f54635d8b83fd7e9e07079f60ebb299062cb5d74546bcd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
15022
cf-polished
degrade=85, origSize=6136
x-cache
MISS, HIT
status
200
last-modified
Mon, 25 Nov 2019 16:49:58 GMT
x-imgix-id
268d86948057ead65c039ad6f3de77cbdcb22506
content-length
5452
x-served-by
cache-lax8630-LAX, cache-fra19122-FRA
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20ffc0bc781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
sweet_bonanza_Thumbnail_BG.png
images.casumo.com/2019/06/
11 KB
12 KB
Image
General
Full URL
https://images.casumo.com/2019/06/sweet_bonanza_Thumbnail_BG.png?w=170&fit=clamp&markscale=95&auto=compress&fm=png&markalign=top%2Ccenter&markfit=max&dpr=1&q=70&mark=https%3A%2F%2Fimages.casumo.com%2F2019%2F06%2Fsweet_bonanza_Thumbnail_Logo.png
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
255eb46cd6dba9848ab63a4d6a495c0b4f8ab6aa838da1df1cb49b5ac3cd2ce7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
14974
cf-polished
degrade=85, origSize=13532
x-cache
HIT, HIT
status
200
last-modified
Fri, 07 Feb 2020 10:06:47 GMT
x-imgix-id
eaa106850c2f496c66321c0694f88fe200b4c619
content-length
11647
x-served-by
cache-lax8625-LAX, cache-fra19157-FRA
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb20ffc1fc781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
rise_of_merlin_thumbnail.jpg
images.casumo.com/2019/06/
10 KB
11 KB
Image
General
Full URL
https://images.casumo.com/2019/06/rise_of_merlin_thumbnail.jpg?w=170&fit=clamp&markscale=95&auto=compress&fm=jpg&markalign=top%2Ccenter&markfit=max&dpr=1&q=70&mark=https%3A%2F%2Fimages.casumo.com%2F2019%2F06%2Frise_of_merlin_logo.png
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.251.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bfb33bde29d57b0c15f204c075153bc3a5eee0f0537fbe5c872a39e298b18a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
13233
cf-polished
degrade=85, origSize=11948
x-cache
MISS, HIT
status
200
last-modified
Fri, 20 Dec 2019 05:31:03 GMT
x-imgix-id
5ec4c078eba46f4f7dd4e5924f8d6e1b6aad926f
content-length
10670
x-served-by
cache-lax8639-LAX, cache-fra19157-FRA
cf-bgj
imgq:85
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56abb2100c43c781-AMS
expires
Wed, 24 Feb 2021 18:20:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/61bII03-TtCmSUR7dw9MJF9q/
259 KB
92 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/61bII03-TtCmSUR7dw9MJF9q/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdxidQUAAAAAHT6LisjVHo6ONOKnfcWzSLhOnBc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e24eebce672e525c8268db380a3e65b3369b7c5335c7888d5b08554cbde79863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 19:50:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 23 Feb 2020 21:06:15 GMT
server
sffe
age
81046
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94565
x-xss-protection
0
expires
Tue, 23 Feb 2021 19:50:04 GMT
/
mp-proxy-aws.casumo.com/decide/
65 B
329 B
XHR
General
Full URL
https://mp-proxy-aws.casumo.com/decide/?verbose=1&version=1&lib=web&token=5bd509a1e84434bc4a4b633700523be6&ip=0&_=1582654850460
Requested by
Host: mp-proxy-aws.casumo.com
URL: https://mp-proxy-aws.casumo.com/mp.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.169.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Origin
https://www.casumo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
via
1.1 google
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
content-encoding
gzip
alt-svc
clear
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.casumo.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
56abb20f6c4ac771-AMS
access-control-allow-headers
X-Requested-With
/
mp-proxy-aws.casumo.com/track/
1 B
125 B
XHR
General
Full URL
https://mp-proxy-aws.casumo.com/track/?ip=0&_=1582654850464
Requested by
Host: mp-proxy-aws.casumo.com
URL: https://mp-proxy-aws.casumo.com/mp.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.169.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Origin
https://www.casumo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
status
200
access-control-max-age
1728000
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
1
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.casumo.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
56abb20f7c4dc771-AMS
access-control-allow-headers
X-Requested-With
0
bat.bing.com/action/
0
148 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5650033&Ver=2&mid=ff5568bb-1431-bcd9-cbaf-32fe7aac5c3c&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Casumo%20-%20ein%20Online%20Casino%20100%25%20Bonus%20von%20bis%20zu%20500%E2%82%AC%20und%20120%20Freispiele*&p=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341%23signup&r=&lt=3806&evt=pageLoad&msclkid=N&rn=396812
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
pragma
no-cache
date
Tue, 25 Feb 2020 18:20:50 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 4967CD7B05BD4D598716758A390A36C0 Ref B: FRAEDGE0822 Ref C: 2020-02-25T18:20:50Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
casumo-regily.js
www.casumo.com/casumo-regily/
236 KB
71 KB
Script
General
Full URL
https://www.casumo.com/casumo-regily/casumo-regily.js
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/los2assets/vendor.03f4a3db6da0c3640a3d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.26.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bc8c9db950434dcd6d60dd35d0346c5b5e98f8e54aa51e7c79264aa453e2a2f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Mon, 24 Feb 2020 12:11:04 GMT
server
cloudflare
etag
W/"5e53bd58-3b197"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=3600
content-type
application/javascript
cache-control
no-store, no-cache, max-age=0
content-security-policy
frame-ancestors 'self' https://*.casumo.com https://umo-egb.allianceservices.im https://evo-livecasino.casumo.com https://nrgs-b2b.greentube.com https://mobile2.gameassists.co.uk https://casumo-static.casinomodule.com https://casumose-static.casinomodule.com https://casumodk-static.casinomodule.com https://dpovs7i3r9tz1.cloudfront.net https://nyxmaltargs.blueprintgaming.com https://casumo-cw.playngonetwork.com https://adkcw.playngonetwork.com https://d1k6j4zyghhevb.cloudfront.net https://platform.rgsgames.com https://rgs-cust02.lab.wagerworks.com https://casumo-game.thunderkick.com https://lon-portfolio.wimobile.casinarena.com https://staticlive.yggdrasilgaming.com https://clients.casumogames.com https://regily.com https://*.regily.com https://*.contentful.com
cf-ray
56abb20f888dd8c1-AMS
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=409698775&t=pageview&_s=1&dl=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4k...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41199862-1&cid=1365643567.1582654850&jid=515073518&_gid=575770988.1582654850&gjid=1874098567&_v=j81&z=464224959
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41199862-1&cid=1365643567.1582654850&jid=515073518&_gid=575770988.1582654850&gjid=1874098567&_v=j81&z=464224959
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Tue, 25 Feb 2020 18:20:50 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Feb 2020 18:20:50 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41199862-1&cid=1365643567.1582654850&jid=515073518&_gid=575770988.1582654850&gjid=1874098567&_v=j81&z=464224959
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=409698775&t=pageview&_s=1&dl=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4k...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41199862-1&cid=1226836730.1582654850&jid=1791525283&_gid=1911181861.1582654850&gjid=92183101&_v=j81&z=335740551
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41199862-1&cid=1226836730.1582654850&jid=1791525283&_gid=1911181861.1582654850&gjid=92183101&_v=j81&z=335740551
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Tue, 25 Feb 2020 18:20:50 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Feb 2020 18:20:50 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41199862-1&cid=1226836730.1582654850&jid=1791525283&_gid=1911181861.1582654850&gjid=92183101&_v=j81&z=335740551
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=409698775&t=pageview&_s=1&dl=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4k...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-113820013-2&cid=1226836730.1582654850&jid=1819858695&_gid=1911181861.1582654850&gjid=1420012923&_v=j81&z=1732003473
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113820013-2&cid=1226836730.1582654850&jid=1819858695&_v=j81&z=1732003473
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113820013-2&cid=1226836730.1582654850&jid=1819858695&_v=j81&z=1732003473&slf_rd=1&random=1203742769
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113820013-2&cid=1226836730.1582654850&jid=1819858695&_v=j81&z=1732003473&slf_rd=1&random=1203742769
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Feb 2020 18:20:50 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Feb 2020 18:20:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113820013-2&cid=1226836730.1582654850&jid=1819858695&_v=j81&z=1732003473&slf_rd=1&random=1203742769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
piwik.php
trck.spoteffects.net/analytics/
43 B
139 B
Image
General
Full URL
https://trck.spoteffects.net/analytics/piwik.php?action_name=Casumo%20-%20ein%20Online%20Casino%20100%25%20Bonus%20von%20bis%20zu%20500%E2%82%AC%20und%20120%20Freispiele*&idsite=770&rec=1&r=456810&h=19&m=20&s=50&url=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341%23signup&_id=047fac46bcae7342&_idts=1582654851&_idvc=1&_idn=0&_refts=0&_viewts=1582654851&send_image=1&cookie=1&res=1600x1200&gt_ms=552&pv_id=ea4S1M
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.119.158.131 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PHP/7.2.15
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
200
date
Tue, 25 Feb 2020 18:20:50 GMT
cache-control
no-store
server
nginx
x-powered-by
PHP/7.2.15
content-type
image/gif
anchor
www.google.com/recaptcha/api2/ Frame 26D7
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxidQUAAAAAHT6LisjVHo6ONOKnfcWzSLhOnBc&co=aHR0cHM6Ly93d3cuY2FzdW1vLmNvbTo0NDM.&hl=en&v=61bII03-TtCmSUR7dw9MJF9q&size=invisible&cb=h8ib5zxil8qf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/61bII03-TtCmSUR7dw9MJF9q/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DSBY8PxQqdUd5Or5DGVwEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdxidQUAAAAAHT6LisjVHo6ONOKnfcWzSLhOnBc&co=aHR0cHM6Ly93d3cuY2FzdW1vLmNvbTo0NDM.&hl=en&v=61bII03-TtCmSUR7dw9MJF9q&size=invisible&cb=h8ib5zxil8qf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=198=c_YBnOsc9BoMCoCPz57bHbsPgI__Rh4s3xmu9ROVS-QrX4LBXbQ1SydfZX7FqwuWkAsaTuT5s6J3GH4BUlvp97nKCZii3-ymfs97MkZWNbO_VHzci0e-so0itsS5UEwgRnQf6lo7s3wH2UaA1NEQVBbDdt9MfniP00xapQTp7PE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 25 Feb 2020 18:20:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-DSBY8PxQqdUd5Or5DGVwEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9291
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
img
pixel.mathtag.com/misc/
43 B
626 B
Image
General
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 2129 8dd2d16 master cdg-pixel-x20 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 25 Feb 2020 18:20:50 GMT
Server
MT3 2129 8dd2d16 master cdg-pixel-x20
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 25 Feb 2020 18:20:49 GMT
AB243986EA6900962FA49BCD6E5B5FF1.js
casumo.regily.com/
330 KB
100 KB
Script
General
Full URL
https://casumo.regily.com/AB243986EA6900962FA49BCD6E5B5FF1.js
Requested by
Host: www.casumo.com
URL: https://www.casumo.com/casumo-regily/casumo-regily.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-5.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
042659043344b8d3e48192f4873572afebedeb319986dd3a5525920869f7c88d

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 18:18:48 GMT
content-encoding
gzip
last-modified
Mon, 17 Feb 2020 15:27:50 GMT
server
AmazonS3
age
124
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
l3vwwU0XvTv6KNM-wfu6A6Q9QdANFdK3RX4SU2Ke-GdedF_M6l5Mkg==
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
css
fonts.googleapis.com/
2 KB
661 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700
Requested by
Host: casumo.regily.com
URL: https://casumo.regily.com/AB243986EA6900962FA49BCD6E5B5FF1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
600d5f48dfba1019a6e4474b9f0c18dc3aaf7d6874ad319f12e635da583ab5b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Feb 2020 18:20:51 GMT
server
ESF
date
Tue, 25 Feb 2020 18:20:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Feb 2020 18:20:51 GMT
releases
backoffice.regily.com/
2 B
524 B
XHR
General
Full URL
https://backoffice.regily.com/releases?new=true&partner=casumo&env=stable
Requested by
Host: casumo.regily.com
URL: https://casumo.regily.com/AB243986EA6900962FA49BCD6E5B5FF1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.217.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-217-255.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Origin
https://www.casumo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Feb 2020 18:20:51 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept, Accept-Encoding
Server
nginx/1.16.1
X-Frame-Options
SAMEORIGIN
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
X-Download-Options
noopen
Allow
GET,POST,PUT,PATCH,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Content-Type-Options
nosniff
Connection
keep-alive
X-DNS-Prefetch-Control
off
Content-Length
2
X-XSS-Protection
1; mode=block
collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=409698775&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341%23signup&ul=en-us&de=UTF-8&dt=Casumo%20-%20ein%20Online%20Casino%20100%25%20Bonus%20von%20bis%20zu%20500%E2%82%AC%20und%20120%20Freispiele*&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=registration&ea=registrationStart&el=regily&_u=aGDAAUADQ~&jid=&gjid=&cid=1226836730.1582654850&tid=UA-113820013-2&_gid=1911181861.1582654850&gtm=2wg2c023P4&cd5=2020-02-25T19%3A20%3A51.252%2B01%3A00&cd6=registrationStart&cd7=registrationStart&cd8=regily&z=530718132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 01:19:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1789282
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
93 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=409698775&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341%23signup&ul=en-us&de=UTF-8&dt=Casumo%20-%20ein%20Online%20Casino%20100%25%20Bonus%20von%20bis%20zu%20500%E2%82%AC%20und%20120%20Freispiele*&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=registration&ea=registrationStart&el=regily&_u=aGDAAUADQ~&jid=&gjid=&cid=1226836730.1582654850&tid=UA-41199862-1&_gid=1911181861.1582654850&gtm=2wg2c023P4&cd5=2020-02-25T19%3A20%3A51.270%2B01%3A00&cd10=de&cd17=https%3A%2F%2Fwww.casumo.com%2Fde%2F%3Fbtag%3D660505_EF9E2DD2C16C439D83F7C7686E30E331%26click_id%3D01-akfhtfmx4khvfljudzgigmwht1n%26affid%3D660505%26bid%3D12181%26pid%3D1124341%23signup&cd6=registrationStart&cd7=registrationStart&cd8=regily&z=354724670
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 01:19:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1789282
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
index.html
casumo.regily.com/otp-internal/ Frame 8ED2
0
0
Document
General
Full URL
https://casumo.regily.com/otp-internal/index.html
Requested by
Host: casumo.regily.com
URL: https://casumo.regily.com/AB243986EA6900962FA49BCD6E5B5FF1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-5.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
casumo.regily.com
:scheme
https
:path
/otp-internal/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341

Response headers

status
200
content-type
text/html
last-modified
Mon, 17 Feb 2020 15:32:33 GMT
server
AmazonS3
content-encoding
gzip
date
Tue, 25 Feb 2020 18:19:45 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
5n3zJ0W7w9PMkOpxeniSQGsW0y3_fb0I1Ouc2nVJKjj9jLbX3yN_bg==
age
67
/
mp-proxy-aws.casumo.com/track/
1 B
92 B
XHR
General
Full URL
https://mp-proxy-aws.casumo.com/track/?ip=0&_=1582654851306
Requested by
Host: mp-proxy-aws.casumo.com
URL: https://mp-proxy-aws.casumo.com/mp.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.169.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://www.casumo.com/de/?btag=660505_EF9E2DD2C16C439D83F7C7686E30E331&click_id=01-akfhtfmx4khvfljudzgigmwht1n&affid=660505&bid=12181&pid=1124341
Origin
https://www.casumo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Feb 2020 18:20:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
status
200
access-control-max-age
1728000
x-envoy-upstream-service-time
13
alt-svc
clear
content-length
1
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.casumo.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
56abb214bcb1c771-AMS
access-control-allow-headers
X-Requested-With

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| __APOLLO_STATE__ object| __LOS_CONFIG__ object| __LOS_TRANSLATIONS__ string| MIXPANEL_CUSTOM_LIB_URL object| mixpanel object| webpackJsonp object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| postscribe object| regeneratorRuntime object| native object| uetq number| randomNumber object| scriptTag object| insertionNode string| conversionTag object| _spef object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| UET object| google_optimize object| JSON_PIWIK object| Spef object| AnalyticsTracker function| spef_log object| recaptcha object| closure_lm_636053 function| metric function| casumoRegily function| regilyUpdateCallback function| regilyDoneCallback function| regilyIdentificationCallback function| regilyAuthenticationCallback object| regilyLos function| geolocator

13 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 198=c_YBnOsc9BoMCoCPz57bHbsPgI__Rh4s3xmu9ROVS-QrX4LBXbQ1SydfZX7FqwuWkAsaTuT5s6J3GH4BUlvp97nKCZii3-ymfs97MkZWNbO_VHzci0e-so0itsS5UEwgRnQf6lo7s3wH2UaA1NEQVBbDdt9MfniP00xapQTp7PE
.doubleclick.net/ Name: IDE
Value: AHWqTUmBACk4fQP1h4-OI2i9Zk00mgUPHoowVBb6bYZy2kTQYGp8Cnn_XqKQ2d80
www.casumo.com/ Name: _pk_ses.770.1894
Value: 1
www.casumo.com/ Name: _pk_id.770.1894
Value: 047fac46bcae7342.1582654851.1.1582654851.1582654851.
.casumo.com/ Name: _gat_UA-113820013-2
Value: 1
.casumo.com/ Name: _gid
Value: GA1.2.1911181861.1582654850
.casumo.com/ Name: _ga
Value: GA1.2.1226836730.1582654850
.casumo.com/ Name: _gat_gtag_UA_41199862_1
Value: 1
.casumo.com/ Name: _gat_UA-41199862-1
Value: 1
.casumo.com/ Name: __cfduid
Value: d7535d88d7e78683cad3ed559dbcecc3b1582654850
.casumo.com/ Name: _gcl_au
Value: 1.1.1253960294.1582654850
.casumo.com/ Name: mp_5bd509a1e84434bc4a4b633700523be6_mixpanel
Value: %7B%22distinct_id%22%3A%20%221707d948599439-064fb9dde1608d-37647e03-1d4c00-1707d94859a48%22%2C%22%24device_id%22%3A%20%221707d948599439-064fb9dde1608d-37647e03-1d4c00-1707d94859a48%22%2C%22ip%22%3A%20%2289.249.64.198%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
www.casumo.com/ Name: kazumo
Value: eyJkZXZpY2VJbmZvIjp7ImRldmljZSI6IkRFU0tUT1AiLCJmaW5nZXJwcmludCI6IiIsImRldmljZUlkIjoiYzcxZTIyMTMtMzI2Ni00N2U5LWEzODMtMGE4ZTM4NjYzMzJkIn0sImFwcEluZm8iOnsidHlwZSI6ImRlc2t0b3AiLCJkZXRhaWxzIjoid2ViIn19

1 Console Messages

Source Level URL
Text
console-api log URL: https://casumo.regily.com/AB243986EA6900962FA49BCD6E5B5FF1.js(Line 8)
Message:
Module started with language set to "de"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5903415.fls.doubleclick.net
ad.doubleclick.net
ads.casumoaffiliates.com
backoffice.regily.com
bat.bing.com
casumo.regily.com
fdfjhks.com
fonts.googleapis.com
images.casumo.com
mp-proxy-aws.casumo.com
mpwnqgrz.success-building.com
pixel.mathtag.com
secure.adnxs.com
stats.g.doubleclick.net
trck.spoteffects.net
url-partners.g2afse.com
www.casumo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.16.26.10
104.17.169.42
104.17.251.25
107.154.251.88
143.204.202.5
172.217.21.198
172.217.22.70
185.255.179.132
185.33.223.197
2.18.233.201
212.32.249.99
2620:1ec:c11::200
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:808::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:81f::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c0a::9d
40.119.158.131
46.41.136.19
52.57.217.255
042659043344b8d3e48192f4873572afebedeb319986dd3a5525920869f7c88d
08b9787979d58269f9f54635d8b83fd7e9e07079f60ebb299062cb5d74546bcd
0c38b0dd7042e6d50f189921a0a909b9c417b6b4c6b6c7fcbc2f4c4d005fcff4
0d075dbe87ef00d631717a3e578f737c407adb9ea26c53195cb8cb343c11699d
1586153caa2acf9cdd27f4f9214845543130d319ea803186b6e9f61f246941a3
1b4c5b31f0cfb9e90460fa673290e25cb09d49b506a5bbb1e76147dcaf0c7af9
1c31dc6fa0b082f6f3ef0dac6077ec8f27b9f910fbb202941ac1023fec27fb4d
1e7215e382047ef6670f500cf85aed0d31f12b8614f7833a5a04390f345b262d
255eb46cd6dba9848ab63a4d6a495c0b4f8ab6aa838da1df1cb49b5ac3cd2ce7
2952d1786a904acb009c3332b7dac0d955f54cf440a0c650a4065dd23169c232
30ad1d7f2b20d795185de9d731a3e0937dd0ba5b933cf1774fd5ca8a1ad79944
329427543edc80efec73e83a76f287deb7c61e81e7e48714dbaec4eeecc26102
3600893e9a92b6fee7057d0bf8e78e67d07ebd4d3b155873675716488b5f1a5c
40e81633e106381557db1d19a249eca6ca0cf692ebb8783d2a0530e7086a7f91
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48144deee26ac29f833b7945ccb190d81f4f3fa4c2d6278ee6c5d5ac50e8120e
51b93d3a0f08a7a996cd669bae8b086be6a590d49f18406716c495f8f339a5aa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5bfb33bde29d57b0c15f204c075153bc3a5eee0f0537fbe5c872a39e298b18a3
5eeb4b51eff88707469ff6eae50c25e6b024649d63e46a44c05672ffcde3a6e8
5f149ba818fa5b433471f453577026204171689e6157ec90904d6c65eb81eafe
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
600d5f48dfba1019a6e4474b9f0c18dc3aaf7d6874ad319f12e635da583ab5b9
60fbfebdb2614226930abc54288b66b1b45144b9374ef2157e50951389785544
61932678d8dea7fe802d3aa51f7f66b9a313b16ee7388027909f388b803af39f
6310c28a5390fb8a60efd017f8c3b6db3080fc9cd59a0ee2565e293be19ef364
6a28b2521c82ff6f34f5a93e4df72927f4af9267a5febeafdbf34483c806611f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc8c9db950434dcd6d60dd35d0346c5b5e98f8e54aa51e7c79264aa453e2a2f
70c6f2dbfa0e11ced02b48a215801538c08a846c61ecad272e1be41eca1b8a0e
7486f5c988e54470059b89b64aa6d3cd603e76a2fcd7e9c80e2920f75ca45cd4
775cd327ae970c9120d9002dbd53d5296b37182bf39a7816f652f6b4fc6f2d15
7a8e8940b2cbf73a135ec690c45877d7c540ff2650d376a16c3351db635bc170
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84669f5b709071e792fe5cb329205dcfe1ceddee6181c3bb24c565d810823003
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
90ba2ef9ef8fb5fd2c6a50ffa0fc4339690c58902bbb7948bc86405735f8e463
973ad4fe29b3e58befebd30c2be81719cd248b7f86953a71e925eb997e0ccf37
97f56de52f760d4317fc40bb1e22d827cdf6434c7527e265af6b7461f8a24754
a3f541ff08773addb07acb41416a1b65a3b4770f168c7732be925a9dcae7751a
a6d04d1f28b45ce2166775db3d18f009f3db0dda88112e788ec1e51eea21b879
a8a9dc335d8405d049522971b9568f13b53af99876fe4282411172c3e8590dde
aac3fdbecdc202f07c8887c13209bd48db64e3ae49effe8b9a32fd6546a9b48c
abba059e4f95d6baa5a64df09988756662f593bd227f51e6b979a5f66fdaa31b
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a4e5b002975267ab78d1fcfcec217617b01b1d677facfa80505fa12be103da
ba6c38f5a765649d8bf61137958395bd9406c29130ae1a547f7bf47395257938
bbda5186d99121a3285e192b86da2818042bdcc68a27b638ab3d64fc65dac5a5
cd0229142ca0205538eb9eeb31ac7950edc2a9e3c6cb93c45038f2c58ba3ba3c
cec800fac80d6c3174a7092299ac66bfff65050bc5cf7cc34718d947313a181a
d59b2768f277ff6df51bba7055f856d7d1209a7d47f2abf0d3e3bd7d3b50040a
d6782134ffc59c05f9f5c556f7447c7c88d46cdf1c03fb33abe37f69fdc53121
d8b27167988e45b99ba7eafa23006b3522c1fd1d79a505aa782a1a44b5be595d
decaa7e9b7f1202395a20d3ba5972789bc9427fc06a90f8cad5f03d362a39eec
df13324f01b8a8089a126ee5a299203aba77607208b680c93342e2d124aed08f
e1b4f269427a7c71226348a30129e1bcfcaf30f12a3a387df26283dec0d08e29
e24eebce672e525c8268db380a3e65b3369b7c5335c7888d5b08554cbde79863
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55081e13799d54eade64284f842f1297531e6f29c927ecf987577d8e956ff93
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec48bb4f5e8333410e0b65d5d0c1f8d1a3fc76b0448b3cb99cd4b97cc46a79f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14ef9514f4a9dbf5b4d4a8ed5ba7a2a65eb2c3acc0b889c7a11b8bf7e00da74
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f9529046a898f47a3b7cbd88a09dfb3b9d8ff0152a80db52d552b5e9bd371700
fb9268bec728737ca15294021d2de745dbba0a16c27feb05893c4867f2cfca23