promo.leovegas.com Open in urlscan Pro
2a03:b0c0:3:d0::d26:4001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.cut.li/DW5/uTA
Effective URL:
https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
Submission: On August 23 via manual (August 23rd 2021, 4:22:58 pm UTC) from DK

Summary HTTP 37 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 37 HTTP transactions. The main IP is 2a03:b0c0:3:d0::d26:4001, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is promo.leovegas.com.
TLS certificate: Issued by R3 on July 22nd 2021. Valid for: 3 months.

This is the only time promo.leovegas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	35.158.112.30 35.158.112.30	16509 (AMAZON-02) (AMAZON-02)
1 1	52.174.133.36 52.174.133.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	34.117.190.191 34.117.190.191	15169 (GOOGLE) (GOOGLE)
9	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d26:4001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	143.204.214.63 143.204.214.63	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
7	2600:9000:219... 2600:9000:2190:7600:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.102.20 13.224.102.20	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	107.154.248.168 107.154.248.168	19551 (INCAPSULA) (INCAPSULA)
1	13.224.102.122 13.224.102.122	16509 (AMAZON-02) (AMAZON-02)
1	13.224.102.79 13.224.102.79	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
37	16

2 35.158.112.30 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-112-30.eu-central-1.compute.amazonaws.com

www.cut.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.174.133.36 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ads.leovegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.190.191 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 191.190.117.34.bc.googleusercontent.com

leo-promo-redirect-service.leo-prod-common.lvg-tech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:b0c0:3:d0::d26:4001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

promo.leovegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-63.fra53.r.cloudfront.net

d33wubrfki0l68.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2190:7600:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-20.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.248.168 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.248.168.ip.incapdns.net

www.leovegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-122.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-79.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	leovegas.com 1 redirects ads.leovegas.com promo.leovegas.com www.leovegas.com	202 KB
7	google-analytics.com www.google-analytics.com	98 KB
7	ctfassets.net images.ctfassets.net	86 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	gstatic.com fonts.gstatic.com	69 KB
2	cloudfront.net d33wubrfki0l68.cloudfront.net	219 KB
2	cut.li 2 redirects www.cut.li	361 B
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	doubleclick.net stats.g.doubleclick.net	90 B
1	googletagmanager.com www.googletagmanager.com	58 KB
1	googleapis.com fonts.googleapis.com	1017 B
1	lvg-tech.net 1 redirects leo-promo-redirect-service.leo-prod-common.lvg-tech.net	155 B
37	13

	Domain	Requested by
9	promo.leovegas.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	images.ctfassets.net	promo.leovegas.com
3	fonts.gstatic.com	fonts.googleapis.com
2	d33wubrfki0l68.cloudfront.net	promo.leovegas.com
2	www.cut.li	2 redirects
1	www.google.de	promo.leovegas.com
1	www.google.com	promo.leovegas.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.leovegas.com	d33wubrfki0l68.cloudfront.net
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	promo.leovegas.com
1	fonts.googleapis.com	promo.leovegas.com
1	leo-promo-redirect-service.leo-prod-common.lvg-tech.net	1 redirects
1	ads.leovegas.com	1 redirects
37	17

This site contains links to these domains. Also see Links.

Domain
www.leovegas.com
stopspillet.dk
www.leovegasaffiliates.com
spillemyndigheden.dk
www.rofus.nu
www.stopspillet.dk
www.spillemyndigheden.dk
www.gamblersanonymous.org
www.leosafeplay.com

Subject Issuer	Validity	Valid
brand.leovegas.com R3	`2021-07-22` - `2021-10-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
images.ctfassets.net Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.leovegas.com DigiCert SHA2 Extended Validation Server CA	`2020-03-06` - `2022-06-02`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
Frame ID: E7DE988CBE36CA7C007D4B82B7E552F4
Requests: 42 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: FBEE44D3B303EA36F78B35E8F4E1CCD9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mobile casino and online casino - Play casino games in your mobile and online | LeoVegas Casino

Page URL History Show full URLs

http://www.cut.li/DW5/uTA HTTP 301
https://www.cut.li/DW5/uTA HTTP 307
https://ads.leovegas.com/redirect.aspx?pid=3702266&bid=17083 HTTP 301
https://leo-promo-redirect-service.leo-prod-common.lvg-tech.net/dk/50fs?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083 HTTP 301
https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702... Page URL

Detected technologies

Gatsby (Static Site Generator) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Gatsby(?: ([0-9.]+))?$/i

Netlify (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Netlify/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i
meta generator /^Gatsby(?: ([0-9.]+))?$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Gatsby(?: ([0-9.]+))?$/i

Page Statistics

37
Requests

100 %
HTTPS

56 %
IPv6

13
Domains

17
Subdomains

16
IPs

4
Countries

795 kB
Transfer

2120 kB
Size

9
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.leovegas.com/da-dk/kampagner/bonusser/c?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083&lobby=casino

Search URL Search Domain Scan URL

URL: http://stopspillet.dk/
Title: StopSpillet.dk

Search URL Search Domain Scan URL

URL: https://www.leovegas.com/signup/?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083&lobby=casino
Title: Opret konto Det tager kun ét minut Dansk kundeservice

Search URL Search Domain Scan URL

URL: https://www.leovegas.com/cookie-policy/?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083
Title: Cookie- og privatlivspolitik

Search URL Search Domain Scan URL

URL: https://www.leovegasaffiliates.com/
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://www.leovegas.com/support/about/?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083
Title: Om LeoVegas

Search URL Search Domain Scan URL

URL: https://www.leovegas.com/support/responsible-gaming/?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083
Title: Ansvarligt spil

Search URL Search Domain Scan URL

URL: https://www.leovegas.com/support/articles/RkFRQ2F0ZWdvcnk6MTE1MDAwNDAyODg1/?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083
Title: Spilleregler

Search URL Search Domain Scan URL

URL: https://www.leovegas.com/terms/?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083
Title: Regler og vilkår

Search URL Search Domain Scan URL

URL: https://www.leovegas.com/privacy-policy/?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083
Title: Privatlivspolitik

Search URL Search Domain Scan URL

URL: https://spillemyndigheden.dk/

Search URL Search Domain Scan URL

URL: https://www.rofus.nu/

Search URL Search Domain Scan URL

URL: https://www.stopspillet.dk/

Search URL Search Domain Scan URL

URL: https://www.spillemyndigheden.dk/tilladelsesindehaver/leovegas-gaming-plc-0/
Title: 15-1660384

Search URL Search Domain Scan URL

URL: https://www.gamblersanonymous.org/ga/

Search URL Search Domain Scan URL

URL: https://www.leosafeplay.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.cut.li/DW5/uTA HTTP 301
https://www.cut.li/DW5/uTA HTTP 307
https://ads.leovegas.com/redirect.aspx?pid=3702266&bid=17083 HTTP 301
https://leo-promo-redirect-service.leo-prod-common.lvg-tech.net/dk/50fs?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083 HTTP 301
https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 50fs Show response
promo.leovegas.com/dk/
Redirect Chain

http://www.cut.li/DW5/uTA
https://www.cut.li/DW5/uTA
https://ads.leovegas.com/redirect.aspx?pid=3702266&bid=17083
https://leo-promo-redirect-service.leo-prod-common.lvg-tech.net/dk/50fs?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083
https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083

61 KB
16 KB

475ms
416ms

Document
text/html

2a03:b0c0:3:d0::d26:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

b39639e64fad9d0383a9c3630d20376354312908bb70ec3dfb73a84c8e14ffdd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: promo.leovegas.com
:scheme: https
:path: /dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3702266%2c%22BID%22%3a17083%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1629735758779)%5c%2f%22%2c%22CookieTag%22%3a%221708337022662142101C20218231622%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222111146343%7c1%22%7d%5d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: text/html; charset=UTF-8
date: Mon, 23 Aug 2021 16:22:39 GMT
etag: "f7628cf957a354cd95730b25e4b120af-ssl-df"
link: </webpack-runtime.js>; rel=preload; as=script, </framework.js>; rel=preload; as=script, </dc6a8720040df98778fe970bf6c000a41750d3ae.js>; rel=preload; as=script, </app.js>; rel=preload; as=script, </commons.js>; rel=preload; as=script, </component---src-templates-leo-universe-index-jsx.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/dk/50fs/page-data.json>; rel=preload; as=fetch; crossorigin
referrer-policy: same-origin
strict-transport-security: max-age=31536000
x-nf-request-id: 01FDSX4B5T61GFDHFC9P3XGBKV
vary: Accept-Encoding
server: Netlify
content-encoding: br
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
age: 0

Redirect headers

location: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
date: Mon, 23 Aug 2021 16:22:38 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 webpack-runtime.js Show response
promo.leovegas.com/ 3 KB
1 KB 8ms
7ms Script
application/javascript 2a03:b0c0:3:d0::d26:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/webpack-runtime.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

e8f2778a8339a3700bb05d5371d34852857b983f3ae79889e52e382cba0acc17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FDSX4BKKBBXHVTF169EXCTER
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "a1d6ecf94ac14ad423598b0d415095b7-ssl-df"
age: 11801
strict-transport-security: max-age=31536000
content-length: 1257
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Mon, 23 Aug 2021 13:05:58 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 framework.js Show response
promo.leovegas.com/ 127 KB
39 KB 9ms
8ms Script
application/javascript 2a03:b0c0:3:d0::d26:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/framework.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

fae6e6a877ee144971cc6efc25a1a2ff83c44e13896ffc2577ac2afc30434d76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FDSX4BKK8RMSMFZA6F4R9ZF1
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "1c20dd4c79ef777fea66ab4b32a9d4a4-ssl-df"
age: 11801
strict-transport-security: max-age=31536000
content-length: 40016
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Mon, 23 Aug 2021 13:05:58 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 dc6a8720040df98778fe970bf6c000a41750d3ae.js Show response
promo.leovegas.com/ 9 KB
3 KB 36ms
34ms Script
application/javascript 2a03:b0c0:3:d0::d26:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/dc6a8720040df98778fe970bf6c000a41750d3ae.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

22869c49866ea3c43fac41caed52c9a6eef7d317b589ccb6f7f1f16c1858867c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FDSX4BKK1YSNWR0CHHFHPD3G
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "8287b5b4af80770ef3250dda608821f1-ssl-df"
age: 11801
strict-transport-security: max-age=31536000
content-length: 3186
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Mon, 23 Aug 2021 13:05:58 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 app.js Show response
promo.leovegas.com/ 50 KB
14 KB 32ms
31ms Script
application/javascript 2a03:b0c0:3:d0::d26:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

a8342fae1f9129dc550a6fbcb2e26302d97dab4a815acdd8b0a025e95d89ea8b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FDSX4BKK3H2AW03R12J3S7RR
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "bef807c0a7bf66468e1a65928bf0725e-ssl-df"
age: 11801
strict-transport-security: max-age=31536000
content-length: 14700
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Mon, 23 Aug 2021 13:05:58 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 commons.js Show response
promo.leovegas.com/ 379 KB
113 KB 20ms
19ms Script
application/javascript 2a03:b0c0:3:d0::d26:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/commons.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

0fbec79b07cceeeb9d25fd6022e6a9e7e921524a99b980933a06938737235286

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FDSX4BKK8K8TS61KP1X968P2
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "2b46157a90e56d360a94672273088915-ssl-df"
age: 11801
strict-transport-security: max-age=31536000
content-length: 115141
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Mon, 23 Aug 2021 13:05:58 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 component---src-templates-leo-universe-index-jsx.js Show response
promo.leovegas.com/ 25 KB
8 KB 10ms
9ms Script
application/javascript 2a03:b0c0:3:d0::d26:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/component---src-templates-leo-universe-index-jsx.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

54f0d25559d521c7c5602f3cd110a3c45a6a7afc3e92175867667782060f8f18

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FDSX4BKKASB7RDVAWGEWN0MZ
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
etag: "aafa181d98c1c27e72da09cdc5476ac0-ssl-df"
age: 5590
strict-transport-security: max-age=31536000
content-length: 8110
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Mon, 23 Aug 2021 14:49:29 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 app-data.json
promo.leovegas.com/page-data/ 50 B
157 B 9ms
8ms Other
application/json 2a03:b0c0:3:d0::d26:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/page-data/app-data.json

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

66dbe24faceb2f050f7b61ebdb0b19a600e4f863f38f05af1781cf7a7c09b035

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://promo.leovegas.com
Referer: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FDSX4BKKW97ZQ3SPEX8XQ7DA
content-security-policy: frame-ancestors 'self' https://optimize.google.com
referrer-policy: same-origin
server: Netlify
age: 11801
etag: "55d24a60d9c35f8b5e73bd4d57180b5e-ssl"
x-frame-options: DENY
content-type: application/json
x-xss-protection: 1; mode=block
cache-control: public, max-age=0, must-revalidate
date: Mon, 23 Aug 2021 13:05:58 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 50
x-content-type-options: nosniff

GET
H2 200 page-data.json
promo.leovegas.com/page-data/dk/50fs/ 19 KB
5 KB 8ms
7ms Other
application/json 2a03:b0c0:3:d0::d26:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.leovegas.com/page-data/dk/50fs/page-data.json

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

293b1d5ab89e991aa5fe3bce5307e759309fa728504b59fbe899e6619876eb1f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://promo.leovegas.com
Referer: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FDSX4BKK901EQTP2Y7SM7A69
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-encoding: br
x-content-type-options: nosniff
age: 193
vary: Accept-Encoding
content-length: 5008
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
date: Mon, 23 Aug 2021 16:19:27 GMT
strict-transport-security: max-age=31536000
content-type: application/json
cache-control: public, max-age=0, must-revalidate
etag: "688a3cffca85d61950ffa152a4860a36-ssl-df"
accept-ranges: bytes

GET
H3-29 200 css2
fonts.googleapis.com/ 17 KB
1017 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Requested by

Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87f4c62396a4e59f57ae100d6b1ca4779709ad02d1ae652c524a703e1f99d620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 16:21:10 GMT
server: ESF
date: Mon, 23 Aug 2021 16:22:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Aug 2021 16:22:39 GMT

GET
H2 200 leovegas-casino-logo-303a40e8ff4725493d0d2eac998219ea.png
d33wubrfki0l68.cloudfront.net/c818ec80d6e62941b42b67882bad573e7368d801/c4d7c/static/ 24 KB
24 KB 86ms
26ms Image
image/png 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/c818ec80d6e62941b42b67882bad573e7368d801/c4d7c/static/leovegas-casino-logo-303a40e8ff4725493d0d2eac998219ea.png
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: Netlify /
Resource Hash: 0163e1e689f26f9d4162e1d731525521a975eb299449ecc789e7c6d335f78e85

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 0df67ae1-4009-4237-a59b-70b25eb345ef
date: Fri, 11 Jun 2021 11:05:51 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
server: Netlify
age: 6326208
etag: 47262b62fb231e87722d31776845e7499242a80d
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 24411
x-amz-cf-id: arkpYErDXmTl2Totg95OE-6QE-YmdXZy3aKOr-5TkSiDvpd8eLUkiQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
58 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD

Requested by

Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9208d6f0d46ac8f08fc982c122dc172fdafc01ae60c61f950d7c0ebfc94833b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:22:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59146
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 15:46:13 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 23 Aug 2021 16:22:39 GMT

GET
DATA 200
OK truncated
/ 888 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efbca75e75bf7edf0b472b278382f5ef8cae6f7196b668146deeee37c9460447

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b75d234109aa6a75af132fe1d6b1c449b5cf70756a249820cc944bc644ab770

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5131807562e3dedcb52155f46518aa2ecac054fa328e0d695088327009af3c9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7d3e140962f096ad69827239ff6f7ebbfac28ec43e0195c0495bf275ba94e0e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 60b9e6d18c0dff3db441be564618fb67bf604f7f.js Show response
d33wubrfki0l68.cloudfront.net/bundles/ 590 KB
194 KB 92ms
43ms Script
application/javascript 143.204.214.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33wubrfki0l68.cloudfront.net/bundles/60b9e6d18c0dff3db441be564618fb67bf604f7f.js
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-63.fra53.r.cloudfront.net
Software: Netlify /
Resource Hash: 82cd0d9f964c8132b92b1e29f74a334d5425707fd99f7110e95e79b373b5843d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FCAXSQQRGS5DRH59FWJS0C2D
date: Thu, 05 Aug 2021 10:30:01 GMT
content-encoding: gzip
server: Netlify
age: 1576358
etag: 8c660bac4451cb6bb922fc333bb1770936f1969b-df
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: zhnqzvDG9DnUIZxAHmbXoBvnUeOoGYoV9lAo3edyDy8LBEbkhK6h4Q==
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 39 KB
39 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://promo.leovegas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 18:42:40 GMT
x-content-type-options: nosniff
age: 509999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39440
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:03:59 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 18:42:40 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://promo.leovegas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 597375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 18:26:24 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://promo.leovegas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 534158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 12:00:01 GMT

GET
H2 200 MP_RGB_NoTM_Logo_Type_Horisontal_Blue_copy__1_.png
images.ctfassets.net/kijvoxi4q0zn/3DOVlUZpAT9Xi8ZviTe2rO/078527f57402ce1fd8a7828a9127202c/ 1 KB
2 KB 55ms
23ms Image
image/webp 2600:9000:2190:7600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/3DOVlUZpAT9Xi8ZviTe2rO/078527f57402ce1fd8a7828a9127202c/MP_RGB_NoTM_Logo_Type_Horisontal_Blue_copy__1_.png?w=99&h=32&q=50&fm=webp&fit=fill
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 683f4eb8bbbfa4c2aa65e8975b6d9ea6aaa2f4b34b6b0de97bf056f5fbb54ace

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 21:00:50 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jul 2021 20:07:14 GMT
server: Contentful Images API
age: 69709
etag: "634f90cc4429781ceea298ee1d5b7e8a"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-length: 1210
x-amz-cf-id: EbOUwp-4OgB2lQZliyIWnb0rmYZ4qDWxVg5MGUnM75ffOtpJ88RCxg==

GET
H2 200 Dankort.png
images.ctfassets.net/kijvoxi4q0zn/3ybvKIe0c8WSKCieiwe2UY/5dbbeb1d15b981d933e0e039d45d858e/ 842 B
1 KB 59ms
28ms Image
image/webp 2600:9000:2190:7600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/3ybvKIe0c8WSKCieiwe2UY/5dbbeb1d15b981d933e0e039d45d858e/Dankort.png?w=82&h=32&q=50&fm=webp&fit=fill
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: daa8fff38bc9f07c33e3c6c49064e2518bf3921cb2ee5be9b668bcbf8950187e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 21:00:50 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jul 2021 12:49:49 GMT
server: Contentful Images API
age: 69709
etag: "dde43b0555d50193f06295c8dc36fec3"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-length: 842
x-amz-cf-id: wQnOww9bfmdRdI-hdnugp7uwptMGfgjSOZurU6N1AuAZMntgSHtcIw==

GET
H2 200 visa.png
images.ctfassets.net/kijvoxi4q0zn/3ViLoK5xpS4ewO4S0uCyey/5d6f669d7115ef736e8249079161d49a/ 1 KB
1 KB 62ms
30ms Image
image/webp 2600:9000:2190:7600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/3ViLoK5xpS4ewO4S0uCyey/5d6f669d7115ef736e8249079161d49a/visa.png?w=82&h=32&q=50&fm=webp&fit=fill
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 53c3387d755445fd21c10b6c00fc6e7dc295b40478e607d35727e65e2b5391b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 09:12:14 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
last-modified: Thu, 19 Aug 2021 08:03:43 GMT
server: Contentful Images API
age: 25825
etag: "c24fbb9776b1bb67e00b1183f9705592"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-length: 1100
x-amz-cf-id: wHRxCNO92Sl_TGcWWjRx8u9msv-hiLCOM7xDbI7Faw03DhNNs39_vA==

GET
H2 200 mastercard.png
images.ctfassets.net/kijvoxi4q0zn/1humcJ0sg22sq6SyEUou02/42d1c56b1e677880de5b28f0f522209d/ 886 B
1 KB 62ms
31ms Image
image/webp 2600:9000:2190:7600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/1humcJ0sg22sq6SyEUou02/42d1c56b1e677880de5b28f0f522209d/mastercard.png?w=82&h=32&q=50&fm=webp&fit=fill
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 9d3ef0582e49083cc9b959f80648b9ba6e48bb072c49b1d73273d213c3b1a4dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 09:12:14 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jul 2021 06:40:10 GMT
server: Contentful Images API
age: 25825
etag: "390bcd287cd5f0c3cdc805ebef21508c"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-length: 886
x-amz-cf-id: NBfE06TqIXjbb3G7eRmkr3UUEDeE4EmJasSGItgBkfIWJ8IwcCecpQ==

GET
H2 200 Skrill.png
images.ctfassets.net/kijvoxi4q0zn/2CM9Z95cHY2QUWYooguGA6/4b664f79a5c2fd18ef31f9a781a93423/ 712 B
1 KB 62ms
32ms Image
image/webp 2600:9000:2190:7600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/2CM9Z95cHY2QUWYooguGA6/4b664f79a5c2fd18ef31f9a781a93423/Skrill.png?w=82&h=32&q=50&fm=webp&fit=fill
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0f5b07ce38d1b6eb95f43b3447ad7287073fbda1c1b6f7c6c156bfdb674d485b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 13:58:16 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
last-modified: Wed, 21 Jul 2021 03:01:41 GMT
server: Contentful Images API
age: 8663
etag: "e502b3fef0eb005bdda5e17e090a1f6a"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-length: 712
x-amz-cf-id: s8ulLR99iMf4xGRYBmqmzBwbje4GqlczPJHEOibDDGVHQNesCpPRVw==

GET
H2 200 paysafe.png
images.ctfassets.net/kijvoxi4q0zn/41nin6pA92SG2EO06iaYEO/76548fa568856af2df611d3fdaa5b9a0/ 820 B
1 KB 58ms
31ms Image
image/webp 2600:9000:2190:7600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/41nin6pA92SG2EO06iaYEO/76548fa568856af2df611d3fdaa5b9a0/paysafe.png?w=82&h=32&q=50&fm=webp&fit=fill
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 93105791ce95579da34d3f57a0f5aab27127a98d0a4894934e93b5084ca6800c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 05:44:05 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
last-modified: Thu, 19 Aug 2021 08:03:43 GMT
server: Contentful Images API
age: 38314
etag: "71e42e0f3249b0b9faccfaea6fca8d4f"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-length: 820
x-amz-cf-id: Ml0JaPJgsnHlTW-zLZm-F47YsMEzh3qXOv9qUBAfsRzxlErTWNFifA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2765
date: Mon, 23 Aug 2021 15:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 23 Aug 2021 17:36:34 GMT

GET
H2 200 hotjar-380080.js Show response
static.hotjar.com/c/ 5 KB
2 KB 98ms
16ms Script
application/javascript 13.224.102.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-380080.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGS5KD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-20.zrh50.r.cloudfront.net

Software

Resource Hash

d166c48c10bbd1e83a2c40213517f88877d4640e654f1ac29351cbc76e78f4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
etag: W/2b737e96e7d24c622f5ad7968e7d6aed
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: 6ZopA2XbE0sfqMAgN9lZi1ciLvsOmx78QrykLrDquuY8zeRMtmR-JQ==
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 97 KB
38 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-K5XRHTM&t=gtm46&cid=2133000315.1629735760&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4ca3748ab4134bf9f50ff9f945955349499064e7555623f54fec7368199dbb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:22:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39291
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 15:46:13 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 23 Aug 2021 16:22:39 GMT

GET
H2 403 set-affiliate-domain-cookie
www.leovegas.com/ 0
0 115ms
16ms Fetch
text/html 107.154.248.168
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leovegas.com/set-affiliate-domain-cookie?btag=669691_656B51A6BA11446F9265E968D9489BA7&pid=3702266&bid=17083&clickid=undefined&subid=undefined&lobby=casino
Requested by: Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/bundles/60b9e6d18c0dff3db441be564618fb67bf604f7f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.248.168 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.248.168.ip.incapdns.net
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 553 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acd403fa8146f1c13f3f070d2b747ff0ff19c9d5878af8779c707b716e6bf713

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 LV_LeoUniverse_LP_Desktop_ES_DK_SV.jpg
images.ctfassets.net/kijvoxi4q0zn/1X6Fq8xtobSeWSrhcHamqB/bb886c4f5a2c3cd2b7f3b6d0b0dd2510/ 78 KB
79 KB 28ms
22ms Image
image/webp 2600:9000:2190:7600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/kijvoxi4q0zn/1X6Fq8xtobSeWSrhcHamqB/bb886c4f5a2c3cd2b7f3b6d0b0dd2510/LV_LeoUniverse_LP_Desktop_ES_DK_SV.jpg?w=1920&h=1080&q=50&fm=webp
Requested by: Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 3f704a1d3e790d3e63ce3449fb366fc36c2c3d4395604e4476f0a6d8dfc5af65

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 21:04:29 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jul 2021 20:56:39 GMT
server: Contentful Images API
age: 69491
etag: "e3371288beef87fe6f43dab7b47afbfe"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-length: 80338
x-amz-cf-id: 60DIctGkRF8AEMMVj7BLKKkJ1EExo0Pj7kjiuUJ6IAsIv2GFGqHVXw==

GET
H2 200 modules.e763089bec9f2503d752.js Show response
script.hotjar.com/ 221 KB
59 KB 68ms
21ms Script
application/javascript 13.224.102.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e763089bec9f2503d752.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-380080.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-122.zrh50.r.cloudfront.net

Software

Resource Hash

b8e39dad2211fe2aafd3c487471c94934a5230aeb00608f59b80c880ce777440

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 10:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 453035
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59555
access-control-allow-origin: *
last-modified: Wed, 18 Aug 2021 10:31:58 GMT
etag: "59b0bd2bf71a6ea4a84151c51b91fba8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: mMv6daA0KabQ94VTvZ8_rvW6vtsTWGEbb0a-MouFGpINivYj0rOiHA==

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 104 KB
40 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NZW9CHB&t=gtm94&cid=2133000315.1629735760&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5915465266b9276b5198f4c27fc93015ce0d90a022369cd9e310326a38b66795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:22:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41312
x-xss-protection: 0
expires: Mon, 23 Aug 2021 16:22:40 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame FBEE 2 KB
1 KB 50ms
15ms Document
text/html 13.224.102.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-380080.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-79.zrh50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ns-MqM-BSXIZG0J3VodHXJW_5jsJvU7PRnGF5lImeEGnJk8VxZZDsQ==
age: 3168370

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=336688148&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fdk%2F50fs%3Fqs%3Dbtag%25253D669691_656B51A6BA11446F9265E968D9489BA7%252526pid%25253D3702266%252526bid%25253D17083&dp=%2Fdk%2F50fs%3Fqs%3Dbtag%25253D669691_656B51A6BA11446F9265E968D9489BA7%252526pid%25253D3702266%252526bid%25253D17083&ul=en-us&de=UTF-8&dt=Mobile%20casino%20and%20online%20casino%20-%20Play%20casino%20games%20in%20your%20mobile%20and%20online%20%7C%20LeoVegas%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=669691&cn=17083&cs=669691&cm=affiliate&_u=aHDAAEADQAAAAC~&jid=1556454559&gjid=1607228413&cid=2133000315.1629735760&tid=UA-25600410-30&_gid=1630503261.1629735760&_r=1&gtm=2wg8i0WGS5KD&cd1=669691&cd3=3702266&cd4=leo&cd7=dk&cd32=121&cd35=8&cd36=2133000315.1629735760&cd39=https%3A%2F%2Fpromo.leovegas.com%2Fdk%2F50fs&z=1919520380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 16:22:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.leovegas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-25600410-30&cid=2133000315.1629735760&jid=1556454559&gjid=1607228413&_gid=1630503261.1629735760&_u=aHDAAEACQAAAAC~&z=4283655

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 23 Aug 2021 16:22:40 GMT
content-type: text/plain
access-control-allow-origin: https://promo.leovegas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-25600410-30&cid=2133000315.1629735760&jid=1556454559&_u=aHDAAEACQAAAAC~&z=1255636266

Requested by

Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 16:22:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-25600410-30&cid=2133000315.1629735760&jid=1556454559&_u=aHDAAEACQAAAAC~&z=1255636266

Requested by

Host: promo.leovegas.com
URL: https://promo.leovegas.com/dk/50fs?qs=btag%253D669691_656B51A6BA11446F9265E968D9489BA7%2526pid%253D3702266%2526bid%253D17083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 16:22:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
60 B 8ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=336688148&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fdk%2F50fs%3Fqs%3Dbtag%25253D669691_656B51A6BA11446F9265E968D9489BA7%252526pid%25253D3702266%252526bid%25253D17083&dp=%2Fdk%2F50fs%3Fqs%3Dbtag%25253D669691_656B51A6BA11446F9265E968D9489BA7%252526pid%25253D3702266%252526bid%25253D17083&ul=en-us&de=UTF-8&dt=Mobile%20casino%20and%20online%20casino%20-%20Play%20casino%20games%20in%20your%20mobile%20and%20online%20%7C%20LeoVegas%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=669691&cn=17083&cs=669691&cm=affiliate&ec=Scroll%20Depth&ea=promo.leovegas.com%2Fdk%2F50fs&el=20%25&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=2133000315.1629735760&tid=UA-25600410-30&_gid=1630503261.1629735760&gtm=2wg8i0WGS5KD&cd1=669691&cd3=3702266&cd4=leo&cd7=dk&cd32=121&cd35=8&cd36=2133000315.1629735760&cd39=https%3A%2F%2Fpromo.leovegas.com%2Fdk%2F50fs&z=762032220

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 13:44:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9487
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
60 B 8ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=336688148&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fdk%2F50fs%3Fqs%3Dbtag%25253D669691_656B51A6BA11446F9265E968D9489BA7%252526pid%25253D3702266%252526bid%25253D17083&dp=%2Fdk%2F50fs%3Fqs%3Dbtag%25253D669691_656B51A6BA11446F9265E968D9489BA7%252526pid%25253D3702266%252526bid%25253D17083&ul=en-us&de=UTF-8&dt=Mobile%20casino%20and%20online%20casino%20-%20Play%20casino%20games%20in%20your%20mobile%20and%20online%20%7C%20LeoVegas%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=669691&cn=17083&cs=669691&cm=affiliate&ec=Scroll%20Depth&ea=promo.leovegas.com%2Fdk%2F50fs&el=35%25&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=2133000315.1629735760&tid=UA-25600410-30&_gid=1630503261.1629735760&gtm=2wg8i0WGS5KD&cd1=669691&cd3=3702266&cd4=leo&cd7=dk&cd32=121&cd35=8&cd36=2133000315.1629735760&cd39=https%3A%2F%2Fpromo.leovegas.com%2Fdk%2F50fs&z=428833877

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 13:44:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9487
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
60 B 8ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=336688148&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fdk%2F50fs%3Fqs%3Dbtag%25253D669691_656B51A6BA11446F9265E968D9489BA7%252526pid%25253D3702266%252526bid%25253D17083&dp=%2Fdk%2F50fs%3Fqs%3Dbtag%25253D669691_656B51A6BA11446F9265E968D9489BA7%252526pid%25253D3702266%252526bid%25253D17083&ul=en-us&de=UTF-8&dt=Mobile%20casino%20and%20online%20casino%20-%20Play%20casino%20games%20in%20your%20mobile%20and%20online%20%7C%20LeoVegas%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=669691&cn=17083&cs=669691&cm=affiliate&ec=Scroll%20Depth&ea=promo.leovegas.com%2Fdk%2F50fs&el=50%25&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=2133000315.1629735760&tid=UA-25600410-30&_gid=1630503261.1629735760&gtm=2wg8i0WGS5KD&cd1=669691&cd3=3702266&cd4=leo&cd7=dk&cd32=121&cd35=8&cd36=2133000315.1629735760&cd39=https%3A%2F%2Fpromo.leovegas.com%2Fdk%2F50fs&z=1751260359

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 13:44:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9487
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.leovegas.com/	1970-01-19 20:42:17	Name: _hjFirstSeen Value: 1
.leovegas.com/	1970-01-19 20:42:15	Name: _gat_UA-25600410-30 Value: 1
.leovegas.com/	1969-12-31 23:59:59	Name: incap_ses_445_846569 Value: WosmGTc1CAVxt7Irm/UsBk/LI2EAAAAABMkA0UG4u+O+sjoQjKZTWg==
.leovegas.com/	1970-01-20 14:13:27	Name: _ga Value: GA1.2.2133000315.1629735760
.leovegas.com/	1978-01-11 21:31:40	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a3702266%2c%22BID%22%3a17083%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1629735758779)%5c%2f%22%2c%22CookieTag%22%3a%221708337022662142101C20218231622%22%7d%5d
.leovegas.com/	1970-01-20 05:27:24	Name: visid_incap_846569 Value: IpDxZQODQvOvpaCJ+wzwH0/LI2EAAAAAQUIPAAAAAADS61wILlKSMFZj68QjVwTd
.leovegas.com/	1971-01-19 17:45:08	Name: NetReferSPS Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222111146343%7c1%22%7d%5d
.leovegas.com/	1970-01-20 05:27:51	Name: _hjid Value: b10c8777-d46e-4e75-826f-3dcafd28a0bd
.leovegas.com/	1970-01-19 20:43:42	Name: _gid Value: GA1.2.1630503261.1629735760

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.leovegas.com
d33wubrfki0l68.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
images.ctfassets.net
leo-promo-redirect-service.leo-prod-common.lvg-tech.net
promo.leovegas.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.cut.li
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.leovegas.com
107.154.248.168
13.224.102.122
13.224.102.20
13.224.102.79
143.204.214.63
2600:9000:2190:7600:12:94b3:c380:93a1
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9b
2a03:b0c0:3:d0::d26:4001
34.117.190.191
35.158.112.30
52.174.133.36
0163e1e689f26f9d4162e1d731525521a975eb299449ecc789e7c6d335f78e85
0b75d234109aa6a75af132fe1d6b1c449b5cf70756a249820cc944bc644ab770
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f5b07ce38d1b6eb95f43b3447ad7287073fbda1c1b6f7c6c156bfdb674d485b
0fbec79b07cceeeb9d25fd6022e6a9e7e921524a99b980933a06938737235286
22869c49866ea3c43fac41caed52c9a6eef7d317b589ccb6f7f1f16c1858867c
293b1d5ab89e991aa5fe3bce5307e759309fa728504b59fbe899e6619876eb1f
3f704a1d3e790d3e63ce3449fb366fc36c2c3d4395604e4476f0a6d8dfc5af65
53c3387d755445fd21c10b6c00fc6e7dc295b40478e607d35727e65e2b5391b8
54f0d25559d521c7c5602f3cd110a3c45a6a7afc3e92175867667782060f8f18
5915465266b9276b5198f4c27fc93015ce0d90a022369cd9e310326a38b66795
66dbe24faceb2f050f7b61ebdb0b19a600e4f863f38f05af1781cf7a7c09b035
683f4eb8bbbfa4c2aa65e8975b6d9ea6aaa2f4b34b6b0de97bf056f5fbb54ace
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
82cd0d9f964c8132b92b1e29f74a334d5425707fd99f7110e95e79b373b5843d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f4c62396a4e59f57ae100d6b1ca4779709ad02d1ae652c524a703e1f99d620
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff
9208d6f0d46ac8f08fc982c122dc172fdafc01ae60c61f950d7c0ebfc94833b0
93105791ce95579da34d3f57a0f5aab27127a98d0a4894934e93b5084ca6800c
9d3ef0582e49083cc9b959f80648b9ba6e48bb072c49b1d73273d213c3b1a4dc
a8342fae1f9129dc550a6fbcb2e26302d97dab4a815acdd8b0a025e95d89ea8b
acd403fa8146f1c13f3f070d2b747ff0ff19c9d5878af8779c707b716e6bf713
b39639e64fad9d0383a9c3630d20376354312908bb70ec3dfb73a84c8e14ffdd
b5131807562e3dedcb52155f46518aa2ecac054fa328e0d695088327009af3c9
b8e39dad2211fe2aafd3c487471c94934a5230aeb00608f59b80c880ce777440
c7d3e140962f096ad69827239ff6f7ebbfac28ec43e0195c0495bf275ba94e0e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d166c48c10bbd1e83a2c40213517f88877d4640e654f1ac29351cbc76e78f4b4
daa8fff38bc9f07c33e3c6c49064e2518bf3921cb2ee5be9b668bcbf8950187e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8f2778a8339a3700bb05d5371d34852857b983f3ae79889e52e382cba0acc17
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbca75e75bf7edf0b472b278382f5ef8cae6f7196b668146deeee37c9460447
f4ca3748ab4134bf9f50ff9f945955349499064e7555623f54fec7368199dbb3
fae6e6a877ee144971cc6efc25a1a2ff83c44e13896ffc2577ac2afc30434d76

promo.leovegas.com Open in urlscan Pro 2a03:b0c0:3:d0::d26:4001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

56 %IPv6

13 Domains

17 Subdomains

16 IPs

4 Countries

795 kBTransfer

2120 kBSize

9 Cookies

16 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promo.leovegas.com Open in urlscan Pro
2a03:b0c0:3:d0::d26:4001 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

56 %
IPv6

13
Domains

17
Subdomains

16
IPs

4
Countries

795 kB
Transfer

2120 kB
Size

9
Cookies

37 HTTP transactions
6 data transactions