urlscan.io logo urlscan.io
SecurityTrails logo

lasvegasusa.eu Open in urlscan Pro
172.64.149.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://zpr.io/shPTZ4uqiraK
Effective URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Submission: On April 17 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 14 domains to perform 41 HTTP transactions. The main IP is 172.64.149.155, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is lasvegasusa.eu.
TLS certificate: Issued by GTS CA 1P5 on March 9th 2024. Valid for: 3 months.
This is the only time lasvegasusa.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.196.162.216 14618 (AMAZON-AES)
1 172.99.173.113 398343 (BAXET-GROUP)
1 1 107.175.15.35 36352 (AS-COLOCR...)
20 172.64.149.155 13335 (CLOUDFLAR...)
2 172.253.115.97 15169 (GOOGLE)
3 151.101.1.229 54113 (FASTLY)
1 151.101.194.137 54113 (FASTLY)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 172.253.62.100 15169 (GOOGLE)
1 142.251.16.101 15169 (GOOGLE)
2 142.251.111.154 15169 (GOOGLE)
2 142.251.16.94 15169 (GOOGLE)
1 172.253.115.95 15169 (GOOGLE)
1 172.253.62.103 15169 (GOOGLE)
2 172.253.62.94 15169 (GOOGLE)
2 104.18.38.101 13335 (CLOUDFLAR...)
41 14
1    34.196.162.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-162-216.compute-1.amazonaws.com
zpr.io
1    172.99.173.113 (United States)

ASN398343 (BAXET-GROUP, US)
locomotorsalt.com
1    107.175.15.35 (Dallas, United States)

ASN36352 (AS-COLOCROSSING, CA)
PTR: 107-175-15-35-host.colocrossing.com
www.erasetrains.com
20    172.64.149.155 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
lasvegasusa.eu
www.lasvegasusa.eu
2    172.253.115.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f97.1e100.net
www.googletagmanager.com
3    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    172.253.62.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f100.1e100.net
www.google-analytics.com
1    142.251.16.101 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f101.1e100.net
analytics.google.com
2    142.251.111.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net
stats.g.doubleclick.net
2    142.251.16.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
www.google.ca
1    172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
fonts.googleapis.com
1    172.253.62.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f103.1e100.net
www.google.com
2    172.253.62.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f94.1e100.net
fonts.gstatic.com
2    104.18.38.101 (None, )

ASN13335 (CLOUDFLARENET, US)
www.lasvegasusa.eu
Apex Domain
Subdomains		 Transfer
22 lasvegasusa.eu
lasvegasusa.eu
www.lasvegasusa.eu
2 MB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
50 KB
2 gstatic.com
fonts.gstatic.com
24 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9881
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
395 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 145
www.google.com — Cisco Umbrella Rank: 2
307 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
161 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
934 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
5 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 767
75 KB
1 erasetrains.com
www.erasetrains.com
630 B
1 locomotorsalt.com
locomotorsalt.com
439 B
1 zpr.io
zpr.io — Cisco Umbrella Rank: 862366
120 B
41 14
Domain Requested by
12 www.lasvegasusa.eu lasvegasusa.eu
code.jquery.com
10 lasvegasusa.eu locomotorsalt.com
lasvegasusa.eu
3 cdn.jsdelivr.net lasvegasusa.eu
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.ca lasvegasusa.eu
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com lasvegasusa.eu
www.googletagmanager.com
1 www.google.com lasvegasusa.eu
1 fonts.googleapis.com lasvegasusa.eu
1 analytics.google.com www.googletagmanager.com
1 cdnjs.cloudflare.com lasvegasusa.eu
1 code.jquery.com lasvegasusa.eu
1 www.erasetrains.com 1 redirects
1 locomotorsalt.com
1 zpr.io 1 redirects
41 16

This site contains no links.

Subject Issuer Validity Valid
locomotorsalt.com
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
lasvegasusa.eu
GTS CA 1P5		 2024-03-09 -
2024-06-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Frame ID: 26BAA2607F03544BB597811173F4B871
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Chip - VOH40 - 400% Welcome Bonus + $40 Free Chip | Las Vegas USA Casino 2024

Page URL History Show full URLs

  1. https://zpr.io/shPTZ4uqiraK HTTP 302
    https://locomotorsalt.com/0/0/0/8b897b32661070f3a43d4d1ff650410b/08/04/ofc02 Page URL
  2. https://www.erasetrains.com/28KL6/HGGXW9/?sub1=351066&sub2=1170082158&sub3=6963 HTTP 302
    https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

14
IPs

2
Countries

2845 kB
Transfer

3669 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zpr.io/shPTZ4uqiraK HTTP 302
    https://locomotorsalt.com/0/0/0/8b897b32661070f3a43d4d1ff650410b/08/04/ofc02 Page URL
  2. https://www.erasetrains.com/28KL6/HGGXW9/?sub1=351066&sub2=1170082158&sub3=6963 HTTP 302
    https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://zpr.io/shPTZ4uqiraK HTTP 302
  • https://locomotorsalt.com/0/0/0/8b897b32661070f3a43d4d1ff650410b/08/04/ofc02

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ofc02
locomotorsalt.com/0/0/0/8b897b32661070f3a43d4d1ff650410b/08/04/
Redirect Chain
  • https://zpr.io/shPTZ4uqiraK
  • https://locomotorsalt.com/0/0/0/8b897b32661070f3a43d4d1ff650410b/08/04/ofc02
142 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://locomotorsalt.com/0/0/0/8b897b32661070f3a43d4d1ff650410b/08/04/ofc02
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.99.173.113 , United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
142
content-type
text/html; charset=UTF-8
date
Wed, 17 Apr 2024 19:15:50 GMT
server
Apache

Redirect headers

content-length
359
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 19:15:50 GMT
location
https://locomotorsalt.com/0/0/0/8b897b32661070f3a43d4d1ff650410b/08/04/ofc02
Primary Request index.html
lasvegasusa.eu/24/122221/VOH40/
Redirect Chain
  • https://www.erasetrains.com/28KL6/HGGXW9/?sub1=351066&sub2=1170082158&sub3=6963
  • https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Requested by
Host: locomotorsalt.com
URL: https://locomotorsalt.com/0/0/0/8b897b32661070f3a43d4d1ff650410b/08/04/ofc02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da114953d698ceb2fc09180f6c581952d7ca2bf0a00bf754ab875409a98b9aea

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://locomotorsalt.com/0/0/0/8b897b32661070f3a43d4d1ff650410b/08/04/ofc02
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
875ebf072fafa1ed-YYZ
content-encoding
br
content-type
text/html
date
Wed, 17 Apr 2024 19:15:51 GMT
last-modified
Mon, 25 Mar 2024 19:05:14 GMT
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
content-length
114
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 19:15:51 GMT
location
https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
server
nginx
vary
Origin
x-eflow-request-id
c7243b9d-4448-4118-8e2c-962bf00c74e1
js
www.googletagmanager.com/gtag/ 		197 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-147262723-1
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
7dc138efe48a18839bb522a7c63d73077bc736e7cf7ae88f480a60b2ef5754bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72874
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Apr 2024 19:15:52 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/css/ 		159 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/css/bootstrap.min.css
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cfc391e34328c09f0680ae8ff3d63e86224ae7e71c973147ccb84540b2fdd9b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Origin
https://lasvegasusa.eu
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 Apr 2024 19:15:51 GMT
x-content-type-options
nosniff
content-encoding
br
age
6802520
x-jsd-version
5.1.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26318
x-served-by
cache-fra-eddf8230053-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
etag
W/"27ba0-OW9RszP/bwkm9uZ61ubJxpvqezE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery-2.2.4.js
code.jquery.com/ 		252 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.js
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Origin
https://lasvegasusa.eu
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:51 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3589793
x-cache
HIT, HIT
content-length
76245
x-served-by
cache-lga21969-LGA, cache-yyz4571-YYZ
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1713381352.991499,VS0,VE0
etag
W/"28feccc0-3ee0f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1618, 3528
style.css
lasvegasusa.eu/24/122221/VOH40/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lasvegasusa.eu/24/122221/VOH40/css/style.css
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d219d8ee5f872f5cbcc2ef9c387676c82f6c4fc2c4b31b24bbe4b88d6b2710

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 15:28:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
875ebf09ab60a1ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 19:15:52 GMT
button.css
lasvegasusa.eu/24/122221/VOH40/css/ 		42 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lasvegasusa.eu/24/122221/VOH40/css/button.css
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40977373f8ffdad8b3f92860491435d1c54eae56a0ad7a7fd4e7e9540130d3a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 15:28:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
875ebf09ab67a1ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 19:15:52 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
125218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rVtowOj5r49MC7FutyvoX7wZgWn7LTkaZOYyEWpqdc%2FPK8FH8K6fm3gZ9XPj6q6Q%2BtLQgJYXgtwCXWiMakFTQFx3XX9Y4nup%2F0e0ZN5h4ruVG%2B8r4ng6E82SMjMKrwLq18lB%2BCDL"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
875ebf09dff236c3-YYZ
expires
Mon, 07 Apr 2025 19:15:51 GMT
logo.png
lasvegasusa.eu/24/122221/VOH40/img/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lasvegasusa.eu/24/122221/VOH40/img/logo.png
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9cbc30d379aa95d2bc6fac02deeebb277414e5ab9f10b6c4e2236bdce190868

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 15:28:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875ebf09ab6da1ed-YYZ
alt-svc
h3=":443"; ma=86400
content-length
71088
expires
Wed, 24 Apr 2024 19:15:52 GMT
charDesktop.png
lasvegasusa.eu/24/122221/VOH40/img/ 		871 KB
872 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lasvegasusa.eu/24/122221/VOH40/img/charDesktop.png
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091ee77bac6468932a33c766203e8b30dd836b571cd9bca92fecd319c67b1e50

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 15:28:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875ebf09bb74a1ed-YYZ
alt-svc
h3=":443"; ma=86400
content-length
891811
expires
Wed, 24 Apr 2024 19:15:52 GMT
charMobile.png
lasvegasusa.eu/24/122221/VOH40/img/ 		730 KB
730 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lasvegasusa.eu/24/122221/VOH40/img/charMobile.png
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81ad198be2ebf946f49c6e91441356768300608c44479a875bd9481f31aa8514

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 15:28:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875ebf0a7fc03a0a-YYZ
alt-svc
h3=":443"; ma=86400
content-length
747072
expires
Wed, 24 Apr 2024 19:15:52 GMT
cards.png
lasvegasusa.eu/24/122221/VOH40/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lasvegasusa.eu/24/122221/VOH40/img/cards.png
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af47c306ccad1e1880f1758fe4835524508a9147ac78396949fe84806c7ac39

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 15:28:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875ebf0a7fc33a0a-YYZ
alt-svc
h3=":443"; ma=86400
content-length
6780
expires
Wed, 24 Apr 2024 19:15:52 GMT
slot.png
lasvegasusa.eu/24/122221/VOH40/img/ 		736 KB
736 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lasvegasusa.eu/24/122221/VOH40/img/slot.png
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18fd7cf4bad8916b558ead9aed53028dd9b5f0614bc0dd70981817d00bf2e332

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 15:28:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875ebf0a7fc63a0a-YYZ
alt-svc
h3=":443"; ma=86400
content-length
753801
expires
Wed, 24 Apr 2024 19:15:52 GMT
script.js
lasvegasusa.eu/24/122221/VOH40/js/ 		479 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lasvegasusa.eu/24/122221/VOH40/js/script.js?v=1
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d99e1cef479ca253b8193534d57311ba10e9f50a3ca71df4b9dceb0cda6448c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 25 Mar 2024 19:04:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
875ebf0a7fc73a0a-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 19:15:52 GMT
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.9.3/dist/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.3/dist/umd/popper.min.js
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ccc0ee783158d1ab3ae590ef8c982a827e38e8b82fd121551cdd4c20041fcd1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Origin
https://lasvegasusa.eu
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 Apr 2024 19:15:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
1072905
x-jsd-version
2.9.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7057
x-served-by
cache-fra-eddf8230146-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
etag
W/"49b9-9uMDnVtkfnyfeSk9x8RssoYAPWw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/js/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/js/bootstrap.min.js
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7382e5e9e48883a128b6193ca4258017c684f76dc4bed535d69aa3072f8d8cd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Origin
https://lasvegasusa.eu
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 17 Apr 2024 19:15:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
2375268
x-jsd-version
5.1.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17201
x-served-by
cache-fra-etou8220062-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
etag
W/"e877-9yckUENWCCfKhSMedSSnRg02T0c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
brand-v2.js
www.lasvegasusa.eu/casino/VUE/AID/ 		10 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lasvegasusa.eu/casino/VUE/AID/brand-v2.js
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4109cef8bb0961b44ae526c83e495e6c495c29ce19f31a61bf282fdf6e647a35

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Feb 2022 18:16:10 GMT
server
cloudflare
age
11172
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
875ebf0a8ca0a1ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 19:15:52 GMT
script.js
www.lasvegasusa.eu/api/tnc_free_chip/ 		624 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lasvegasusa.eu/api/tnc_free_chip/script.js
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8145cb6f5888497c325e4a5e5046761b9cccc34980d21bf407bf8381dbbc7e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Apr 2022 16:04:27 GMT
server
cloudflare
age
41270
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
875ebf0a8ca3a1ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 19:15:52 GMT
script.js
www.lasvegasusa.eu/api/tnc_400_bonus/ 		597 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lasvegasusa.eu/api/tnc_400_bonus/script.js
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
472805098a161a70426ddbaf4cfcf1f45dff4b78ac29c6f601139e6f883f8d30

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 05:13:41 GMT
server
cloudflare
age
36589
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
875ebf0a8c9da1ed-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 19:15:52 GMT
js
www.googletagmanager.com/gtag/ 		256 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H5GDL7WTMP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-147262723-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
91a337c19caf1034cdb476fc1ef11e15581ba8a97fecbdd29bac4837f5bf3c23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91100
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Apr 2024 19:15:52 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-147262723-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Apr 2024 18:48:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1645
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Apr 2024 20:48:27 GMT
collect
analytics.google.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-H5GDL7WTMP&gtm=45je44f0v9122488297za200&_p=1713381351954&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1257746200.1713381352&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1713381352&sct=1&seg=0&dl=https%3A%2F%2Flasvegasusa.eu%2F24%2F122221%2FVOH40%2Findex.html%3Fclick_id%3Db8581e353dc6426a80e34f930da70e12&dr=https%3A%2F%2Flocomotorsalt.com%2F&dt=Free%20Chip%20-%20VOH40%20-%20400%25%20Welcome%20Bonus%20%2B%20%2440%20Free%20Chip%20%7C%20Las%20Vegas%20USA%20Casino%202024&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1165
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5GDL7WTMP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 19:15:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lasvegasusa.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H5GDL7WTMP&cid=1257746200.1713381352&gtm=45je44f0v9122488297za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5GDL7WTMP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 19:15:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lasvegasusa.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H5GDL7WTMP&cid=1257746200.1713381352&gtm=45je44f0v9122488297za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1466350786
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 19:15:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		2 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Glory:wght@700&family=Poppins&display=swap
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
2ef5f0d68342bfebeb266dbd2b0cef2da985db1328d1e046bb6821fda232935a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 19:15:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Apr 2024 19:15:52 GMT
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=733759704&t=pageview&_s=1&dl=https%3A%2F%2Flasvegasusa.eu%2F24%2F122221%2FVOH40%2Findex.html%3Fclick_id%3Db8581e353dc6426a80e34f930da70e12&dr=https%3A%2F%2Flocomotorsalt.com%2F&ul=en-ca&de=UTF-8&dt=Free%20Chip%20-%20VOH40%20-%20400%25%20Welcome%20Bonus%20%2B%20%2440%20Free%20Chip%20%7C%20Las%20Vegas%20USA%20Casino%202024&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=393278808&gjid=273797721&cid=1257746200.1713381352&tid=UA-147262723-1&_gid=517310246.1713381352&_r=1&gtm=457e44f0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=738103638
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 19:15:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lasvegasusa.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-147262723-1&cid=1257746200.1713381352&jid=393278808&gjid=273797721&_gid=517310246.1713381352&_u=YADAAUAAAAAAACAAI~&z=381400099
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 17 Apr 2024 19:15:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lasvegasusa.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-147262723-1&cid=1257746200.1713381352&jid=393278808&_u=YADAAUAAAAAAACAAI~&z=367218726
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 19:15:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-147262723-1&cid=1257746200.1713381352&jid=393278808&_u=YADAAUAAAAAAACAAI~&z=367218726
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 19:15:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
backdesktop.jpg
lasvegasusa.eu/24/122221/VOH40/img/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lasvegasusa.eu/24/122221/VOH40/img/backdesktop.jpg
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c99266914a7981752ede6a106f653ee12c8b5b3f78366530d688f4cd9da3a46

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/24/122221/VOH40/css/style.css
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:53 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 15:28:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875ebf0cbb8e3a0a-YYZ
alt-svc
h3=":443"; ma=86400
content-length
72532
expires
Wed, 24 Apr 2024 19:15:52 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Glory:wght@700&family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://lasvegasusa.eu
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 14 Apr 2024 08:02:13 GMT
x-content-type-options
nosniff
age
299619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Apr 2025 08:02:13 GMT
q5uasoi9Lf1w5t3Est24nq9blIRQJ46zoXWc.woff2
fonts.gstatic.com/s/glory/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/glory/v15/q5uasoi9Lf1w5t3Est24nq9blIRQJ46zoXWc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Glory:wght@700&family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
b1bb6db49aad9afb4a940cb9be2bba1ae0860c1b52372e7e20a9f5a679df444f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://lasvegasusa.eu
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 18:28:19 GMT
x-content-type-options
nosniff
age
2853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16476
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:59:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Apr 2025 18:28:19 GMT
index.php
www.lasvegasusa.eu/api/tnc_free_chip/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lasvegasusa.eu/api/tnc_free_chip/index.php?code=VOH40&qty=40&withdraw=100
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.38.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b6556a5246205a30d3cdb39d4e74365ebf53510bb8bcb225c3d1a16eba1429

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-max-age
3600
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json; charset=UTF-8
x-turbo-charged-by
LiteSpeed
cf-ray
875ebf0d0b0f711d-YYZ
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
alt-svc
h3=":443"; ma=86400
script.js
www.lasvegasusa.eu/api/crypto-tabs/ 		839 B
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lasvegasusa.eu/api/crypto-tabs/script.js?_=1713381352054
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
428b7a885dadf4486fe6d3484633f0296575c6c79ed5c215508889b14bb3185f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 01 Sep 2022 15:17:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
875ebf0cdbc63a0a-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 19:15:52 GMT
index.php
www.lasvegasusa.eu/api/tnc_400_bonus/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lasvegasusa.eu/api/tnc_400_bonus/index.php?bonus=400
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.38.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa428b5936a70dd677a26d71c69de626dc5793b9fe27d4a89e20f5c8a552e86

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-max-age
3600
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json; charset=UTF-8
x-turbo-charged-by
LiteSpeed
cf-ray
875ebf0d0b0b711d-YYZ
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
alt-svc
h3=":443"; ma=86400
style.css
www.lasvegasusa.eu//api/crypto-tabs/ 		2 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lasvegasusa.eu//api/crypto-tabs/style.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e03fe39744806d03763f0444f485b511b2edc2f8c0c27862b0e2f556c922ac1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 04:34:44 GMT
server
cloudflare
age
213868
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
875ebf0f1f603a0a-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 19:15:52 GMT
bitcoin.png
www.lasvegasusa.eu//api/crypto-tabs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lasvegasusa.eu//api/crypto-tabs/bitcoin.png
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
355e8af15b4c229399c186be39eb56ae0d0fd6ad49c4d3c328d26c0b41832ac1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
cf-cache-status
HIT
age
75514
cf-polished
origFmt=png, origSize=1705
content-disposition
inline; filename="bitcoin.webp"
alt-svc
h3=":443"; ma=86400
content-length
1118
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Jun 2022 04:34:43 GMT
server
cloudflare
vary
Accept
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875ebf0f1f633a0a-YYZ
expires
Wed, 24 Apr 2024 19:15:52 GMT
litecoin.png
www.lasvegasusa.eu//api/crypto-tabs/ 		872 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lasvegasusa.eu//api/crypto-tabs/litecoin.png
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c4e8ba64f98f468c900de67cf7894e5107a965b7cd0883eeb9afe51fddb06c0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
cf-cache-status
HIT
age
41269
cf-polished
origFmt=png, origSize=1538
content-disposition
inline; filename="litecoin.webp"
alt-svc
h3=":443"; ma=86400
content-length
872
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Jun 2022 04:34:44 GMT
server
cloudflare
vary
Accept
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875ebf0f1f643a0a-YYZ
expires
Wed, 24 Apr 2024 19:15:52 GMT
ethereum.png
www.lasvegasusa.eu//api/crypto-tabs/ 		954 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lasvegasusa.eu//api/crypto-tabs/ethereum.png
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
489d127a8b2f5abb869f35a9b45023b3a94a4ef1f0e731d192041b4fbe9294e2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
cf-cache-status
HIT
age
213868
cf-polished
origFmt=png, origSize=1602
content-disposition
inline; filename="ethereum.webp"
alt-svc
h3=":443"; ma=86400
content-length
954
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Jun 2022 04:34:43 GMT
server
cloudflare
vary
Accept
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875ebf0f1f663a0a-YYZ
expires
Wed, 24 Apr 2024 19:15:52 GMT
tether.png
www.lasvegasusa.eu//api/crypto-tabs/ 		872 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lasvegasusa.eu//api/crypto-tabs/tether.png
Requested by
Host: lasvegasusa.eu
URL: https://lasvegasusa.eu/24/122221/VOH40/index.html?click_id=b8581e353dc6426a80e34f930da70e12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4680e4a349bba13df17847532147d23f6a7e5aa9febe6685349a9948f91a5dd2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:52 GMT
cf-cache-status
HIT
age
14375
cf-polished
origFmt=png, origSize=1359
content-disposition
inline; filename="tether.webp"
alt-svc
h3=":443"; ma=86400
content-length
872
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Jun 2022 04:34:43 GMT
server
cloudflare
vary
Accept
content-type
image/webp
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
875ebf0f1f693a0a-YYZ
expires
Wed, 24 Apr 2024 19:15:52 GMT
favicon.ico
www.lasvegasusa.eu/casino/VUE/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.lasvegasusa.eu/casino/VUE/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.149.155 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4425417c88f968855d8b8c83142abf48726899b8f2755b3026c52ee5081ad58

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://lasvegasusa.eu/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 19:15:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Apr 2021 17:42:09 GMT
server
cloudflare
age
145405
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
875ebf10a9c83a0a-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 19:15:53 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| Popper number| uidEvent object| bootstrap function| get_params object| params

6 Cookies

Domain/Path Name / Value
locomotorsalt.com/ Name: uid6963
Value: 1170082158-20240417151550-a243321b391314b2558b4f8ffdffab2a-3800
.lasvegasusa.eu/ Name: _ga_H5GDL7WTMP
Value: GS1.1.1713381352.1.0.1713381352.60.0.0
.lasvegasusa.eu/ Name: _ga
Value: GA1.2.1257746200.1713381352
.lasvegasusa.eu/ Name: _gid
Value: GA1.2.517310246.1713381352
.lasvegasusa.eu/ Name: _gat_gtag_UA_147262723_1
Value: 1
www.lasvegasusa.eu/ Name: __cflb
Value: 0H28ukAGy1yYmz3jFDJUQRDgqJft7WCXDiQmRMhuUEg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
lasvegasusa.eu
locomotorsalt.com
stats.g.doubleclick.net
www.erasetrains.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.lasvegasusa.eu
zpr.io
104.17.24.14
104.18.38.101
107.175.15.35
142.251.111.154
142.251.16.101
142.251.16.94
151.101.1.229
151.101.194.137
172.253.115.95
172.253.115.97
172.253.62.100
172.253.62.103
172.253.62.94
172.64.149.155
172.99.173.113
34.196.162.216
091ee77bac6468932a33c766203e8b30dd836b571cd9bca92fecd319c67b1e50
0b8145cb6f5888497c325e4a5e5046761b9cccc34980d21bf407bf8381dbbc7e
18fd7cf4bad8916b558ead9aed53028dd9b5f0614bc0dd70981817d00bf2e332
2c4e8ba64f98f468c900de67cf7894e5107a965b7cd0883eeb9afe51fddb06c0
2d99e1cef479ca253b8193534d57311ba10e9f50a3ca71df4b9dceb0cda6448c
2ef5f0d68342bfebeb266dbd2b0cef2da985db1328d1e046bb6821fda232935a
355e8af15b4c229399c186be39eb56ae0d0fd6ad49c4d3c328d26c0b41832ac1
4109cef8bb0961b44ae526c83e495e6c495c29ce19f31a61bf282fdf6e647a35
428b7a885dadf4486fe6d3484633f0296575c6c79ed5c215508889b14bb3185f
4680e4a349bba13df17847532147d23f6a7e5aa9febe6685349a9948f91a5dd2
472805098a161a70426ddbaf4cfcf1f45dff4b78ac29c6f601139e6f883f8d30
489d127a8b2f5abb869f35a9b45023b3a94a4ef1f0e731d192041b4fbe9294e2
5fa428b5936a70dd677a26d71c69de626dc5793b9fe27d4a89e20f5c8a552e86
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6af47c306ccad1e1880f1758fe4835524508a9147ac78396949fe84806c7ac39
7382e5e9e48883a128b6193ca4258017c684f76dc4bed535d69aa3072f8d8cd3
7c99266914a7981752ede6a106f653ee12c8b5b3f78366530d688f4cd9da3a46
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dc138efe48a18839bb522a7c63d73077bc736e7cf7ae88f480a60b2ef5754bd
81ad198be2ebf946f49c6e91441356768300608c44479a875bd9481f31aa8514
85d219d8ee5f872f5cbcc2ef9c387676c82f6c4fc2c4b31b24bbe4b88d6b2710
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
91a337c19caf1034cdb476fc1ef11e15581ba8a97fecbdd29bac4837f5bf3c23
9e03fe39744806d03763f0444f485b511b2edc2f8c0c27862b0e2f556c922ac1
b1bb6db49aad9afb4a940cb9be2bba1ae0860c1b52372e7e20a9f5a679df444f
ccc0ee783158d1ab3ae590ef8c982a827e38e8b82fd121551cdd4c20041fcd1b
cfc391e34328c09f0680ae8ff3d63e86224ae7e71c973147ccb84540b2fdd9b8
d4425417c88f968855d8b8c83142abf48726899b8f2755b3026c52ee5081ad58
d5b6556a5246205a30d3cdb39d4e74365ebf53510bb8bcb225c3d1a16eba1429
d9cbc30d379aa95d2bc6fac02deeebb277414e5ab9f10b6c4e2236bdce190868
da114953d698ceb2fc09180f6c581952d7ca2bf0a00bf754ab875409a98b9aea
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40977373f8ffdad8b3f92860491435d1c54eae56a0ad7a7fd4e7e9540130d3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629