urlscan.io logo urlscan.io
SecurityTrails logo

welcome.vladcazino.ro Open in urlscan Pro
2606:4700:4400::ac40:9098  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rtbbhub.com/script/s2iurl.php?stamat=m%7C%2C%2CAhY_t2NyoGU3B__GH0dEdHP3xP.a38%2CVKJJ5F1uKXKl6GpWN3M7_q8ue03n...
Effective URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag...
Submission: On September 10 via api from LU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 6 countries across 13 domains to perform 41 HTTP transactions. The main IP is 2606:4700:4400::ac40:9098, located in United States and belongs to CLOUDFLARENET, US. The main domain is welcome.vladcazino.ro.
TLS certificate: Issued by E5 on August 21st 2024. Valid for: 3 months.
This is the only time welcome.vladcazino.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
2 2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 5 85.184.96.0 47171 (UNIBET-AS)
16 2606:4700:440... 13335 (CLOUDFLAR...)
2 85.184.96.5 47171 (UNIBET-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 157.240.251.9 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 104.19.147.8 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 52.16.138.83 16509 (AMAZON-02)
1 13.35.58.58 16509 (AMAZON-02)
1 18.66.122.74 16509 (AMAZON-02)
41 15
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
rtbbhub.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adserving.unibet.com
api.ntrftrk.com
5    85.184.96.0 (Malta)

ASN47171 (UNIBET-AS, MT)
www.vladcazino.ro
kndcdn.unicdn.net
growthbook-api.kindredext.net
16    2606:4700:4400::ac40:9098 (United States)

ASN13335 (CLOUDFLARENET, US)
welcome.vladcazino.ro
2    85.184.96.5 (Malta)

ASN47171 (UNIBET-AS, MT)
a1s-cdn.unibet.com
a1s.unibet.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.16.138.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-138-83.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
1    13.35.58.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-58.fra60.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-74.fra60.r.cloudfront.net
assets-tracking.crazyegg.com
Apex Domain
Subdomains		 Transfer
19 vladcazino.ro
www.vladcazino.ro
welcome.vladcazino.ro
2 MB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 4547
tracking.crazyegg.com — Cisco Umbrella Rank: 8138
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 9978
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 9638
41 KB
3 gstatic.com
fonts.gstatic.com
83 KB
3 unibet.com
adserving.unibet.com — Cisco Umbrella Rank: 168790
a1s-cdn.unibet.com — Cisco Umbrella Rank: 216694
a1s.unibet.com — Cisco Umbrella Rank: 232227
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
71 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
fonts.googleapis.com — Cisco Umbrella Rank: 110
31 KB
1 kindredext.net
growthbook-api.kindredext.net — Cisco Umbrella Rank: 421145
2 KB
1 unicdn.net
kndcdn.unicdn.net
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
111 KB
1 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 8599
5 KB
1 ntrftrk.com
api.ntrftrk.com
405 B
1 rtbbhub.com
rtbbhub.com — Cisco Umbrella Rank: 90007
501 B
41 13
Domain Requested by
16 welcome.vladcazino.ro welcome.vladcazino.ro
4 script.crazyegg.com welcome.vladcazino.ro
script.crazyegg.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.vladcazino.ro 2 redirects welcome.vladcazino.ro
2 www.facebook.com welcome.vladcazino.ro
2 connect.facebook.net welcome.vladcazino.ro
connect.facebook.net
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 tracking.crazyegg.com script.crazyegg.com
1 growthbook-api.kindredext.net kndcdn.unicdn.net
1 kndcdn.unicdn.net welcome.vladcazino.ro
1 www.googletagmanager.com welcome.vladcazino.ro
1 a1s.unibet.com welcome.vladcazino.ro
1 fonts.googleapis.com welcome.vladcazino.ro
1 netdna.bootstrapcdn.com welcome.vladcazino.ro
1 ajax.googleapis.com welcome.vladcazino.ro
1 a1s-cdn.unibet.com welcome.vladcazino.ro
1 api.ntrftrk.com 1 redirects
1 adserving.unibet.com 1 redirects
1 rtbbhub.com 1 redirects
41 20
Subject Issuer Validity Valid
welcome.vladcazino.ro
E5		 2024-08-21 -
2024-11-19		 3 months crt.sh
unibet.com
R11		 2024-09-01 -
2024-11-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-20 -
2024-09-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
unicdn.net
R11		 2024-07-21 -
2024-10-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
script.crazyegg.com
Cloudflare Inc ECC CA-3		 2024-08-02 -
2024-12-31		 5 months crt.sh
kindredext.net
R10		 2024-09-06 -
2024-12-05		 3 months crt.sh
vladcazino.ro
R11		 2024-08-09 -
2024-11-07		 3 months crt.sh
crazyegg.com
Amazon RSA 2048 M03		 2024-05-24 -
2025-06-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Frame ID: F806F452C90A7A90321BA699F7DE2FD8
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vlad Cazino

Page URL History Show full URLs

  1. https://rtbbhub.com/script/s2iurl.php?stamat=m%7C%2C%2CAhY_t2NyoGU3B__GH0dEdHP3xP.a38%2CVKJJ5F1u... HTTP 302
    https://adserving.unibet.com/redirect.aspx?bid=40059&pid=2100237&sref=ADC&ADC=8287842-93157252-0_Adsterra HTTP 307
    https://api.ntrftrk.com/tracking-click/v2/click?bid=40059&pid=2100237&sref=ADC&ADC=8287842-93157252-... HTTP 307
    https://www.vladcazino.ro/stan/campaign.do?cmpId=2068491&affiliateId=1&unibetTarget=/ro/pop/casino-onl... HTTP 301
    https://www.vladcazino.ro/stan/redirecttocampaign.do?cmpId=2068491&affiliateId=1&unibetTarget=/ro/pop/... HTTP 301
    https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

95 %
HTTPS

44 %
IPv6

13
Domains

20
Subdomains

15
IPs

6
Countries

1912 kB
Transfer

2662 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rtbbhub.com/script/s2iurl.php?stamat=m%7C%2C%2CAhY_t2NyoGU3B__GH0dEdHP3xP.a38%2CVKJJ5F1uKXKl6GpWN3M7_q8ue03nlQ3rl1UCfpqc8qEbUjPtcDsZhwCBCX6u9mfwhkydjxiavQXLni_DBK16cD9ftgxOg4fDkZn12FteSNXFJXdOwSbXt4LjjnwVFHTlBLoHQaJ9K5GgSKvqhdj_-PxGhGMjQqHCcVwriWui1CLfOCnDcrb1uD-PK4wpc4yMlLveeZciG-XaomGdnT_u6oaH8QBxtgnbHr4bk9V3LOpK6nUHYaYCSABVv1XEAIZK9J3z9W64WSqMkXXqyg_olnX2ctfYWWLUUCvMju_To5uluj0VWi4Ck-WI2iIKygxwGoM9LhGS5GLg0fCK87xtfWOK-QpB1X7FlcIw7GGwZ6pHXAAITiannLLOUm1PndcO1C8gcgUW6y-Ck7ONmLAHuGjNZuEWtJYqnw0Fhcw0ZkleQ2M6DcbKRQHesspZvP7FM36oCuCLk3gsBC0gnHV-MisZrE2TrcbEIa8vsHe65H3dvkvAEsryXAYdbevcasCXCjgS5pHHeZu0lr3lPrLS9srq1yghPrETP5UKCPKRXOKj346MLjnd-a9fG4nYO1qBRf4ldm3vThoi5CYrVvDXO43NojnnN8Zpu-t_0WRI-8or20woXpV3PwDag2oVYZqq3Ro14O96WtzHuzV5gA3JaSVSkWF5jy4EE-sD6u8PTc_AiflJcN-trs98NArp9oonlaCuhhvoW3DdXa7LD3xqOYXBss5XmK3XbdEvY8r0JRm6aBFgvw8CyIk6NeICZHLB4FPKNt-E3z-11TML_ZRuVmDRFBg7Bu87ZBpvAHBjVMCvfYh6jNXKbZKAIfeiJqrK&csid=8287842&s1=17334946&md=0&crid=23862798&treqn=42346345&rpn=1&cbrandom=0.9661325817659125&cbtitle=&cbiframe=0&cbWidth=1522&cbHeight=848&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fprofitableexactly.com%2F HTTP 302
    https://adserving.unibet.com/redirect.aspx?bid=40059&pid=2100237&sref=ADC&ADC=8287842-93157252-0_Adsterra HTTP 307
    https://api.ntrftrk.com/tracking-click/v2/click?bid=40059&pid=2100237&sref=ADC&ADC=8287842-93157252-0_Adsterra&host_url=adserving.unibet.com HTTP 307
    https://www.vladcazino.ro/stan/campaign.do?cmpId=2068491&affiliateId=1&unibetTarget=/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html&targetDomain=https://welcome.vladcazino.ro&btag=81750185_7f096017e117475e9378b1d9b5828eb7&sref=ADC&ADC=8287842-93157252-0_Adsterra&affiliateId=1&pid=96088095&bid=40059 HTTP 301
    https://www.vladcazino.ro/stan/redirecttocampaign.do?cmpId=2068491&affiliateId=1&unibetTarget=/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html&targetDomain=https://welcome.vladcazino.ro&btag=81750185_7f096017e117475e9378b1d9b5828eb7&sref=ADC&ADC=8287842-93157252-0_Adsterra&affiliateId=1&pid=96088095&bid=40059&landingPageUrl=https%3A%2F%2Fwelcome.vladcazino.ro%2Fro%2Fpop%2Fcasino-online%2Fbonus-bun-venit-generic2024%2Findex.html%3Fmktid%3D1%3A81750185%3A96088095-40059 HTTP 301
    https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/
Redirect Chain
  • https://rtbbhub.com/script/s2iurl.php?stamat=m%7C%2C%2CAhY_t2NyoGU3B__GH0dEdHP3xP.a38%2CVKJJ5F1uKXKl6GpWN3M7_q8ue03nlQ3rl1UCfpqc8qEbUjPtcDsZhwCBCX6u9mfwhkydjxiavQXLni_DBK16cD9ftgxOg4fDkZn12FteSNXFJ...
  • https://adserving.unibet.com/redirect.aspx?bid=40059&pid=2100237&sref=ADC&ADC=8287842-93157252-0_Adsterra
  • https://api.ntrftrk.com/tracking-click/v2/click?bid=40059&pid=2100237&sref=ADC&ADC=8287842-93157252-0_Adsterra&host_url=adserving.unibet.com
  • https://www.vladcazino.ro/stan/campaign.do?cmpId=2068491&affiliateId=1&unibetTarget=/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html&targetDomain=https://welcome.vladcazino.ro&btag=8175...
  • https://www.vladcazino.ro/stan/redirecttocampaign.do?cmpId=2068491&affiliateId=1&unibetTarget=/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html&targetDomain=https://welcome.vladcazino.ro...
  • https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491...
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c8759743017a2184016d6fefddc5971c0395989cebcfe58e81601393c57094

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public, immutable, max-age=900
cf-cache-status
MISS
cf-ray
8c112c1a485d1cb3-AMS
content-encoding
br
content-md5
UeOau0fBGuLjPR+nXgXPOQ==
content-type
text/html; charset=utf-8
date
Tue, 10 Sep 2024 17:35:02 GMT
etag
W/"0x8DCC136E511A179"
last-modified
Tue, 20 Aug 2024 16:41:09 GMT
server
cloudflare
vary
Accept-Encoding
x-ms-blob-type
BlockBlob
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-request-id
2c865eb7-601e-0038-2fa7-03b6c2000000
x-ms-version
2014-02-14

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
date
Tue, 10 Sep 2024 17:35:02 GMT
expires
Tue, 10 Sep 2024 17:35:02 GMT
location
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
server
kindred-loadbalancer
strict-transport-security
max-age=63072000; preload
x-browser-class
A
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ooops-debug
/500-pages/www.vladcazino.ro/index.html
x-os-class
M
x-xss-protection
1; mode=block
master_tag.js
a1s-cdn.unibet.com/unibet/bannerflow/scripts/ 		956 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.184.96.5 , Malta, ASN47171 (UNIBET-AS, MT),
Reverse DNS
Software
kindred-loadbalancer /
Resource Hash
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:35:03 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
last-modified
Mon, 25 Apr 2022 12:19:34 GMT
server
kindred-loadbalancer
x-browser-class
A
etag
"3bc-5dd7996cc0ce1"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=1800, public, must-revalidate
x-os-class
M
accept-ranges
bytes
content-length
956
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 11:40:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 11:40:50 GMT
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
874
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15632028
cdn-cachedat
08/20/2022 07:32:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:51 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"7fbe76cdac6093784895bb4989203e5a"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
2845ef75bc396fde7c0a684dc361cce3
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8c112c1cfef96633-AMS
cdn-requestpullsuccess
True
styles.css
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/styles.css
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032dc5d9bdedb27e1da60316868fb5595edb15b416a782e0ba8cabff0be00ed4

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
QEZ467bUQABeLnhkZnD7Ow==
age
548692
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:09 GMT
server
cloudflare
etag
W/"0x8DCC136E51F5B0E"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
238b0c9b-501e-0023-6a20-f388c1000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
cf-ray
8c112c1c8b5e1cb3-AMS
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Boogaloo|Nunito:400,600,700
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7bdb6dacdbfb0a571a6fb24fc26405152ec7afd259d1304401ebbd540f364e77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 17:35:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Sep 2024 17:35:03 GMT
main.js
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		861 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/main.js
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c05ed5f810c2d83503271131b40b105ecaed4c62e87cb30c300ee2d3e1078cd

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
007Rf7JKFV9/idFqH6ue+g==
age
548566
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:10 GMT
server
cloudflare
etag
W/"0x8DCC136E55AFBC1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7478bf31-501e-0051-6920-f38f8e000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
cf-ray
8c112c1c8b601cb3-AMS
custom.js
welcome.vladcazino.ro/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welcome.vladcazino.ro/custom.js
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d4533f27851482dd28fa9ecf0d4c7d248e63bde5a80d1a7c29a708ae30d7b6

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
nAuFgi4lzhDq5bx2xEVPaQ==
age
469974
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Mon, 26 Aug 2024 14:06:16 GMT
server
cloudflare
etag
W/"0x8DCC5D8407AB51D"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
343fd018-401e-004d-0dc3-f7ddee000000
x-ms-version
2014-02-14
cf-ray
8c112c1c8b621cb3-AMS
vlad-logo-white.svg
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/vlad-logo-white.svg
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c36197d10ae4fe834716ffee354404e678cbdd96e76acae9b95e811b68e2d8

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
b7mDCayh7olnzGFMC/IbnQ==
age
546351
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:09 GMT
server
cloudflare
etag
W/"0x8DCC136E52AA401"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c86b4317-401e-002f-2f20-f31fc9000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
cf-ray
8c112c1c8b631cb3-AMS
ro-google.svg
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ro-google.svg
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0664f74bbe11dbc36553f9e1d21ed10c1ab5eea90f995fc9309f62d314dfc29f

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
nIRWclVVqoyiibcyGwi8hw==
age
546351
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:11 GMT
server
cloudflare
etag
W/"0x8DCC136E6094A8D"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f65482b8-c01e-0031-4520-f3f311000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
cf-ray
8c112c1c8b651cb3-AMS
promo-img.jpg
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		780 KB
781 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/promo-img.jpg
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746e198e1a0404cd256d74c382de4c9900d36dca2695617b090c8b51192aad85

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
cf-cache-status
HIT
content-md5
0g5JRH62YAsMNfBZWGE2rA==
age
384462
content-length
798410
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:10 GMT
server
cloudflare
etag
"0x8DCC136E5797BC1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
154e64e4-901e-002c-5920-f3fead000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8c112c1d0bf91cb3-AMS
sitemap-icon.svg
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		373 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/sitemap-icon.svg
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6593746683785e254ab0227c39f14908d8255779354b00277d7972d3276e6898

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
cFe1vhg18j85SR8QPTkJPQ==
age
384462
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:10 GMT
server
cloudflare
etag
W/"0x8DCC136E59B56A4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ab6f7c08-001e-002e-7d20-f34015000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
cf-ray
8c112c1d1c071cb3-AMS
18-plus.svg
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		1 KB
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/18-plus.svg
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52c64985598d70c95fefdf58ba36dfd18862692b33511f333b449eac61c216ba

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
9PFLlVWETH/jUn1r7MPVng==
age
384462
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:10 GMT
server
cloudflare
etag
W/"0x8DCC136E5900DB3"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
885fb0f9-801e-000f-7e20-f3646e000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
cf-ray
8c112c1d9c8a1cb3-AMS
onjn-romania.png
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/onjn-romania.png
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9046d56f8abdedc892b92cfdf58203ec6700d800d125c2d2de9dc364ef31cae8

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
cf-cache-status
HIT
content-md5
G6JtQIvKZ/8yRSYKxLeagw==
age
546351
content-length
31026
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:09 GMT
server
cloudflare
etag
"0x8DCC136E5361406"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
744665a5-d01e-003d-3120-f36419000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8c112c1d9c8d1cb3-AMS
ro-legal-white.svg
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		39 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ro-legal-white.svg
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4101f134c8bd1f10e0bda044e3f87c181afdd1e8c241d9a835d1f58f62a62466

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
LcvJLRCRtpwPWmKUX41mPQ==
age
546351
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:10 GMT
server
cloudflare
etag
W/"0x8DCC136E5CF574D"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ab6f7c0c-001e-002e-0120-f34015000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
cf-ray
8c112c1d9c8f1cb3-AMS
ro-payments-white.svg
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		20 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ro-payments-white.svg
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07666d5d9bed1a7efafd688d78d2bc1eca77fecaab416278a9bad66c32a0ecaa

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Hb13okJkKwrbJNHmAq3o+g==
age
546351
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:10 GMT
server
cloudflare
etag
W/"0x8DCC136E5DAEE58"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a1057e6d-a01e-0055-3120-f30289000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
cf-ray
8c112c1d9c901cb3-AMS
lastclick.min.js
a1s.unibet.com/orval/tracking/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1s.unibet.com/orval/tracking/lastclick.min.js
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.184.96.5 , Malta, ASN47171 (UNIBET-AS, MT),
Reverse DNS
Software
kindred-loadbalancer /
Resource Hash
5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; preload
last-modified
Fri, 05 Aug 2022 12:55:24 GMT
server
kindred-loadbalancer
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class
A
etag
W/"705-5e57dfac7ede0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=1800, public, must-revalidate
x-os-class
M
x-xss-protection
1; mode=block
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/custom.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 10 Sep 2024 17:35:03 GMT
document-policy
force-load-at-top
x-fb-server-load
36
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4395, tp=11, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
7+pXxHcW2Ltngu5C0etymG1WRUlYQjbVUpmynLLMNf85UCpU4aBCHEnBABuBdtd8Vp/ulIHZqfYh6Nd9f8dy0w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		345 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c1d55eaaf119e7ba68ca231857995036e23f0843a5607a389475873ac7a5e19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112767
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 16:39:29 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 10 Sep 2024 17:35:03 GMT
auto.min.js
kndcdn.unicdn.net/growthbook_script_tag/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kndcdn.unicdn.net/growthbook_script_tag/auto.min.js
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.184.96.0 , Malta, ASN47171 (UNIBET-AS, MT),
Reverse DNS
Software
kindred-loadbalancer /
Resource Hash
85ce806ad8d0e58da7722b248418536f42529fd9a123088ddc886c0bdef02536
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:35:03 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
last-modified
Tue, 10 Sep 2024 06:26:05 GMT
server
kindred-loadbalancer
x-browser-class
A
etag
W/"66dfe67d-a71b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-encoding
gzip
x-os-class
M
x-xss-protection
1; mode=block
sitemap-icon.svg
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		373 B
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/sitemap-icon.svg
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6593746683785e254ab0227c39f14908d8255779354b00277d7972d3276e6898

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
cFe1vhg18j85SR8QPTkJPQ==
age
384462
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:10 GMT
server
cloudflare
etag
W/"0x8DCC136E59B56A4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ab6f7c08-001e-002e-7d20-f34015000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
cf-ray
8c112c1d9c9f1cb3-AMS
1-background.jpg
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		662 KB
663 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/1-background.jpg
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa723627c3de772b91e8659aab4ff7d2927c8fa62d3d34bd27a81f5ce96fd286

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
cf-cache-status
HIT
content-md5
lAnz/cfcYvkwFyPjf5sA9A==
age
188915
content-length
677961
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:09 GMT
server
cloudflare
etag
"0x8DCC136E54D6925"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
f626f156-101e-0032-0620-f31275000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8c112c1d9c991cb3-AMS
number-triangle.png
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/number-triangle.png
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f081d77eafa18766058522b402d35a92546f42655fa2d49c0efb85acfe5a0f8

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:03 GMT
cf-cache-status
HIT
content-md5
YIiGYYpZWDG4pg9iBDQymQ==
age
546351
content-length
5501
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:11 GMT
server
cloudflare
etag
"0x8DCC136E5FD8C74"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
24423e85-a01e-0008-1320-f3080d000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8c112c1d9c9c1cb3-AMS
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Boogaloo|Nunito:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://welcome.vladcazino.ro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Sat, 07 Sep 2024 19:16:07 GMT
x-content-type-options
nosniff
age
253136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39124
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Sep 2025 19:16:07 GMT
kmK-Zq45GAvOdnaW6y1C9ys.woff2
fonts.gstatic.com/s/boogaloo/v23/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/boogaloo/v23/kmK-Zq45GAvOdnaW6y1C9ys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Boogaloo|Nunito:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61ff476ab12ef621ba34a8631e0db1bb9fb5f6d953cbf7081f12df8971e25778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://welcome.vladcazino.ro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 11:42:35 GMT
x-content-type-options
nosniff
age
21148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10276
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:49:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 11:42:35 GMT
XRXV3I6Li01BKofIO-aBXso.woff2
fonts.gstatic.com/s/nunito/v26/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIO-aBXso.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Boogaloo|Nunito:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f682eec1df25f15ca443164ee0cddcce91aad4d87ca5153f2d4267d08ce12982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://welcome.vladcazino.ro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 12:00:45 GMT
x-content-type-options
nosniff
age
20058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34608
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:43:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 12:00:45 GMT
9242.js
script.crazyegg.com/pages/scripts/0012/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0012/9242.js?479441
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5535ed0cdaefe3990dbcefbe4bff129520b8f693d04a55b103b14161cd63b556

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
8719
cf-polished
origSize=6998
ce-version
11.5.282
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 Sep 2024 15:09:40 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8c112c1eee0d96f8-AMS
sdk-FpmWZCRo01jQ62mS
growthbook-api.kindredext.net/api/features/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://growthbook-api.kindredext.net/api/features/sdk-FpmWZCRo01jQ62mS
Requested by
Host: kndcdn.unicdn.net
URL: https://kndcdn.unicdn.net/growthbook_script_tag/auto.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.184.96.0 , Malta, ASN47171 (UNIBET-AS, MT),
Reverse DNS
Software
kindred-loadbalancer /
Resource Hash
01652d838e8b20e7bae6147e86948d5158fc2e3186fe07a89b3ee479328f1847
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; preload
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class
A
x-xss-protection
1; mode=block
x-request-id
10ad16f0-2b0f-4a4b-8eb5-ff4869a57637
server
kindred-loadbalancer
etag
W/"125d-jpa/RgSM8U05ydIgIuPyTgw/jdg"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
x-os-class
M
150256398956015
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/150256398956015?v=2.9.167&r=stable&domain=welcome.vladcazino.ro&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
a1c3482a55704eb875c3a2aef36dbf6554950809cbb515cfd28a90d77b3750d0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 10 Sep 2024 17:35:03 GMT
document-policy
force-load-at-top
x-fb-server-load
53
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13208
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=75, mss=1232, tbw=68128, tp=66, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
k0+LPj22dMfg1LTJHL70uFJERKKm8xFsL2vJBx/717CiZc8aHBNfPoID1KbcqmrGccUtnqU1JAHdSVhQYexLjA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
welcome.vladcazino.ro.json
script.crazyegg.com/pages/data-scripts/0012/9242/site/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.vladcazino.ro.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/9242.js?479441
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee5819b6a4dcc7f44f22e3bb89d72568aa4838f94cdc872daf7785f3ac8f9af

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:35:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6467
ce-version
11.5.282
alt-svc
h3=":443"; ma=86400
content-length
1725
last-modified
Tue, 10 Sep 2024 15:47:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c112c210a040a4f-AMS
kindred_s.js
www.vladcazino.ro/kindred_snow/s3.13.1/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vladcazino.ro/kindred_snow/s3.13.1/kindred_s.js
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.184.96.0 , Malta, ASN47171 (UNIBET-AS, MT),
Reverse DNS
Software
kindred-loadbalancer /
Resource Hash
dffead6a4371e5a178facab7cf528ebad143253fefe79b6b728b9003efe0adf1
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:35:03 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
last-modified
Tue, 10 Sep 2024 06:26:05 GMT
server
kindred-loadbalancer
x-browser-class
A
etag
W/"66dfe67d-128b0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-ooops-debug
/500-pages/www.vladcazino.ro/index.html
x-os-class
M
content-encoding
gzip
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=150256398956015&ev=PageView&dl=https%3A%2F%2Fwelcome.vladcazino.ro%2Fro%2Fpop%2Fcasino-online%2Fbonus-bun-venit-generic2024%2Findex.html%3Fmktid%3D1%3A81750185%3A96088095-40059%26btag%3D81750185_7f096017e117475e9378b1d9b5828eb7%26bid%3D40059%26campaignId%3D2068491%26pid%3D96088095&rl=&if=false&ts=1725989704261&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725989704254.615209945693552980&ler=empty&cdl=API_unavailable&it=1725989703568&coo=false&rqm=GET
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2827, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Sep 2024 17:35:04 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=150256398956015&ev=PageView&dl=https%3A%2F%2Fwelcome.vladcazino.ro%2Fro%2Fpop%2Fcasino-online%2Fbonus-bun-venit-generic2024%2Findex.html%3Fmktid%3D1%3A81750185%3A96088095-40059%26btag%3D81750185_7f096017e117475e9378b1d9b5828eb7%26bid%3D40059%26campaignId%3D2068491%26pid%3D96088095&rl=&if=false&ts=1725989704261&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725989704254.615209945693552980&ler=empty&cdl=API_unavailable&it=1725989703568&coo=false&rqm=FGET
Requested by
Host: welcome.vladcazino.ro
URL: https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 10 Sep 2024 17:35:04 GMT
document-policy
force-load-at-top
x-fb-server-load
36
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7413069333893770186", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=14, mss=1297, tbw=3145, tp=-1, tpl=-1, uplat=145, ullat=0
pragma
no-cache
x-fb-debug
ebRRyszcDkBjaeAXLueRTrZwuI9X79k/MkvxIrwFlloSB2OobjniJFI4bTDKA7rv3Y8iPmj82WNODZiEIQ/5HA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7413069333893770186"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
db7349b994413162218df5c920535415.js
script.crazyegg.com/pages/versioned/common-scripts/ 		103 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/db7349b994413162218df5c920535415.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/9242.js?479441
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9f1f8f4deeec8193dbcf3074a9e4767db05cc6c3b4dca6a9cafff884fb0816

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:35:04 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 06 Sep 2024 19:46:55 GMT
server
cloudflare
age
95845
cf-polished
origSize=105321
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
cf-ray
8c112c23bf9c96f8-AMS
alt-svc
h3=":443"; ma=86400
welcome.vladcazino.ro.json
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/ 		164 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.vladcazino.ro.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/db7349b994413162218df5c920535415.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6debd1d7193da1b24d83f21061bc8c9aae4d4a907f6f47a4f38f20d94ece763

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 17:35:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6301
ce-version
11.5.282
alt-svc
h3=":443"; ma=86400
content-length
150
last-modified
Tue, 10 Sep 2024 15:47:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8c112c247f3b0a4f-AMS
8c13cbb0-b6be-4657-a7b0-d21472ac1717
https://welcome.vladcazino.ro/ 		0
0
clock
tracking.crazyegg.com/ 		40 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1&tk=49f5480a39da8ce7e59e73633af4ed5a&u=129242&s=354721&p=%2Fro%2Fpop%2Fcasino-online%2Fbonus-bun-venit-generic2024%2Findex.html&v=b83db22e1764d9c180f001f8948a4b16aa53df4c&f=welcome.vladcazino.ro%2Fro%2Fpop%2Fcasino-online%2F*%2Findex.html&ul=https%3A%2F%2Fwelcome.vladcazino.ro%2Fro%2Fpop%2Fcasino-online%2Fbonus-bun-venit-generic2024%2Findex.html%3Fmktid%3D1%3A81750185%3A96088095-40059%26btag%3D81750185_7f096017e117475e9378b1d9b5828eb7%26bid%3D40059%26campaignId%3D2068491%26pid%3D96088095
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/db7349b994413162218df5c920535415.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.138.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-138-83.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
69ca8cd66c07b2800ac8be368d344896c0445adc32751c3508c72bfd75f99fcb

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 10 Sep 2024 17:35:04 GMT
cache-control
no-store
server
awselb/2.0
content-length
40
content-type
text/plain
healthcheck
pagestates-tracking.crazyegg.com/ 		19 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/db7349b994413162218df5c920535415.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 01:43:28 GMT
via
1.1 133ff3be92540995db4a7234eada8b80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
30815497
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
MvQwzD_Wl1bP8jfSCxuk4ZRm4_vVhEj1S0cTo_QlFvZkzKdQndIsBw==
healthcheck
assets-tracking.crazyegg.com/ 		19 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/db7349b994413162218df5c920535415.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Referer
https://welcome.vladcazino.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:29 GMT
via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
22954297
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
_7s9QeGDjXxn4ztOeZ00z5Jwu19d2M2-dQdfmDH1ICeMFUAxuPnUlg==
favicon.ico
welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/ 		1 KB
686 B 		Other
General
Check archive.org
Download Go to
Full URL
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dca544db2f7d5896db7c0191dfc99eddba171e99e48fc19925aa37b4d58c0d3

Request headers

Referer
https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 17:35:04 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Ngl6z/O/BDbGTzkQAHEqUw==
age
384462
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 20 Aug 2024 16:41:10 GMT
server
cloudflare
etag
W/"0x8DCC136E584EBC2"
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
f43e05b3-d01e-0070-350d-faabf5000000
cache-control
public, immutable, max-age=900
x-ms-version
2014-02-14
cf-ray
8c112c256f701cb3-AMS
8741a2a0-c6ce-4601-abea-1009e1dcbe4f
https://welcome.vladcazino.ro/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
welcome.vladcazino.ro
URL
blob:https://welcome.vladcazino.ro/8c13cbb0-b6be-4657-a7b0-d21472ac1717
Domain
welcome.vladcazino.ro
URL
blob:https://welcome.vladcazino.ro/8741a2a0-c6ce-4601-abea-1009e1dcbe4f

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getUrlVars function| affSetCookie function| $ function| jQuery object| cms string| language object| BF_prop function| fbq function| _fbq object| dataLayer object| growthbook_config object| growthbook_queue object| _growthbook object| google_tag_manager object| google_tag_data boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| setCookie function| getCookie function| getTrackingCode function| isLibertyState function| getPageName function| getLoginStatus function| timeParting function| getNewRepeat function| getPageNameMaria function| getPageNameOldEvar1 function| getPromotionName function| getBrand function| getMarket function| getDeviceChannel function| getJurisdiction function| getOddsFormat function| getCountryCode function| getShortCode function| getTimeZone object| storageManagement object| functions object| analytics_datalayer object| helpers object| lastClick function| getLocation number| __lastclick_run_once string| library_domain string| collector_endpoint object| configs string| _snowplow_has_been_initialize object| GlobalSnowplowNamespace function| snowplow function| getMarketingData function| pageViewContext number| _init__globale_snowplow_contexts function| setupAnchorClickHandlers string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API

27 Cookies

Domain/Path Name / Value
www.vladcazino.ro/stan Name: JSESSIONID
Value: node01kh5jxmcxh3io14gpbho8mzy3u4658391.node0
.vladcazino.ro/ Name: __ucbt
Value: node01kh5jxmcxh3io14gpbho8mzy3
.vladcazino.ro/ Name: uniattr
Value: ST.0.T
.vladcazino.ro/ Name: uniattr_ref
Value:
.vladcazino.ro/ Name: campaignId
Value: 2068491
.vladcazino.ro/ Name: framework.forceBigLandingArea
Value:
.vladcazino.ro/ Name: affiliateId
Value: 1
.vladcazino.ro/ Name: B-TAG
Value: 81750185_7f096017e117475e9378b1d9b5828eb7
.vladcazino.ro/ Name: BID
Value: 40059
.vladcazino.ro/ Name: PID
Value: 96088095
.vladcazino.ro/ Name: AFFILIATE_REQUEST_URL
Value: https%3A%2F%2Fwww.vladcazino.ro%2Fstan%2Fcampaign.do%3FcmpId%3D2068491%26affiliateId%3D1%26unibetTarget%3D%2Fro%2Fpop%2Fcasino-online%2Fbonus-bun-venit-generic2024%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.vladcazino.ro%26btag%3D81750185_7f096017e117475e9378b1d9b5828eb7%26sref%3DADC%26ADC%3D8287842-93157252-0_Adsterra%26affiliateId%3D1%26pid%3D96088095%26bid%3D40059
.vladcazino.ro/ Name: AFFILIATE_CAMPAIGN_ID
Value: 2068491
.www.vladcazino.ro/ Name: clientId
Value: polopoly_desktop
.vladcazino.ro/ Name: btag
Value: 81750185_7f096017e117475e9378b1d9b5828eb7
.a1s-cdn.unibet.com/ Name: clientId
Value: polopoly_desktop
.vladcazino.ro/ Name: utag_main
Value: popunder_prev_page:%7B%22ancestorOrigins%22:%7B%7D,%22href%22:%22https://welcome.vladcazino.ro/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095%22,%22origin%22:%22https://welcome.vladcazino.ro%22,%22protocol%22:%22https:%22,%22host%22:%22welcome.vladcazino.ro%22,%22hostname%22:%22welcome.vladcazino.ro%22,%22port%22:%22%22,%22pathname%22:%22/ro/pop/casino-online/bonus-bun-venit-generic2024/index.html%22,%22search%22:%22?mktid=1:81750185:96088095-40059&btag=81750185_7f096017e117475e9378b1d9b5828eb7&bid=40059&campaignId=2068491&pid=96088095%22,%22hash%22:%22%22%7D
.a1s.unibet.com/ Name: clientId
Value: polopoly_desktop
welcome.vladcazino.ro/ Name: gbuuid
Value: 54247338-45ce-4b76-b3ca-105ef785cad9
.vladcazino.ro/ Name: _fbp
Value: fb.1.1725989704254.615209945693552980
.vladcazino.ro/ Name: _sp_ses.ba9b
Value: *
.vladcazino.ro/ Name: _sp_id.ba9b
Value: cc01a21a-3405-4085-bd3d-6867c28c79a7.1725989704.1.1725989704..0baa28a3-baaf-477d-9da7-9b54e16dc254....0
.vladcazino.ro/ Name: _ce.irv
Value: new
.vladcazino.ro/ Name: cebs
Value: 1
.vladcazino.ro/ Name: _ce.clock_event
Value: 1
.vladcazino.ro/ Name: _ce.clock_data
Value: 42%2C31.204.150.148%2C1%2Cdb3c5e489c6fdf8b0e10c5040e31e60d%2CChrome%2CNL
.vladcazino.ro/ Name: cebsp_
Value: 1
.vladcazino.ro/ Name: _ce.s
Value: v~b83db22e1764d9c180f001f8948a4b16aa53df4c~lcw~1725989705266~lva~1725989704465~vpv~0~v11.fhb~1725989705259~v11.lhb~1725989705260~v11.cs~354721~v11.s~042fcbf0-6f9b-11ef-b66c-013f3a3e772c~lcw~1725989705267

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1s-cdn.unibet.com
a1s.unibet.com
adserving.unibet.com
ajax.googleapis.com
api.ntrftrk.com
assets-tracking.crazyegg.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
growthbook-api.kindredext.net
kndcdn.unicdn.net
netdna.bootstrapcdn.com
pagestates-tracking.crazyegg.com
rtbbhub.com
script.crazyegg.com
tracking.crazyegg.com
welcome.vladcazino.ro
www.facebook.com
www.googletagmanager.com
www.vladcazino.ro
welcome.vladcazino.ro
104.18.11.207
104.19.147.8
13.35.58.58
157.240.251.9
18.66.122.74
188.114.97.3
2606:4700:4400::ac40:9098
2620:1ec:bdf::45
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:813::200a
2a00:1450:4001:831::2008
2a03:2880:f176:84:face:b00c:0:25de
52.16.138.83
85.184.96.0
85.184.96.5
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
01652d838e8b20e7bae6147e86948d5158fc2e3186fe07a89b3ee479328f1847
032dc5d9bdedb27e1da60316868fb5595edb15b416a782e0ba8cabff0be00ed4
0664f74bbe11dbc36553f9e1d21ed10c1ab5eea90f995fc9309f62d314dfc29f
07666d5d9bed1a7efafd688d78d2bc1eca77fecaab416278a9bad66c32a0ecaa
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
2f081d77eafa18766058522b402d35a92546f42655fa2d49c0efb85acfe5a0f8
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
4101f134c8bd1f10e0bda044e3f87c181afdd1e8c241d9a835d1f58f62a62466
5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60
52c64985598d70c95fefdf58ba36dfd18862692b33511f333b449eac61c216ba
5535ed0cdaefe3990dbcefbe4bff129520b8f693d04a55b103b14161cd63b556
5dca544db2f7d5896db7c0191dfc99eddba171e99e48fc19925aa37b4d58c0d3
61ff476ab12ef621ba34a8631e0db1bb9fb5f6d953cbf7081f12df8971e25778
6593746683785e254ab0227c39f14908d8255779354b00277d7972d3276e6898
69ca8cd66c07b2800ac8be368d344896c0445adc32751c3508c72bfd75f99fcb
746e198e1a0404cd256d74c382de4c9900d36dca2695617b090c8b51192aad85
7bdb6dacdbfb0a571a6fb24fc26405152ec7afd259d1304401ebbd540f364e77
7c05ed5f810c2d83503271131b40b105ecaed4c62e87cb30c300ee2d3e1078cd
7c1d55eaaf119e7ba68ca231857995036e23f0843a5607a389475873ac7a5e19
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85ce806ad8d0e58da7722b248418536f42529fd9a123088ddc886c0bdef02536
9046d56f8abdedc892b92cfdf58203ec6700d800d125c2d2de9dc364ef31cae8
a1c3482a55704eb875c3a2aef36dbf6554950809cbb515cfd28a90d77b3750d0
a2c36197d10ae4fe834716ffee354404e678cbdd96e76acae9b95e811b68e2d8
aa723627c3de772b91e8659aab4ff7d2927c8fa62d3d34bd27a81f5ce96fd286
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b6d4533f27851482dd28fa9ecf0d4c7d248e63bde5a80d1a7c29a708ae30d7b6
bee5819b6a4dcc7f44f22e3bb89d72568aa4838f94cdc872daf7785f3ac8f9af
d0c8759743017a2184016d6fefddc5971c0395989cebcfe58e81601393c57094
df9f1f8f4deeec8193dbcf3074a9e4767db05cc6c3b4dca6a9cafff884fb0816
dffead6a4371e5a178facab7cf528ebad143253fefe79b6b728b9003efe0adf1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f682eec1df25f15ca443164ee0cddcce91aad4d87ca5153f2d4267d08ce12982
f6debd1d7193da1b24d83f21061bc8c9aae4d4a907f6f47a4f38f20d94ece763