urlscan.io logo urlscan.io
SecurityTrails logo

promo.leovegas.com Open in urlscan Pro
2a05:d014:275:cb02::c8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.ly/KKknwqS
Effective URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Submission: On March 06 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 7 countries across 20 domains to perform 61 HTTP transactions. The main IP is 2a05:d014:275:cb02::c8, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is promo.leovegas.com.
TLS certificate: Issued by R3 on February 15th 2023. Valid for: 3 months.
This is the only time promo.leovegas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 92.205.4.19 21499 (GODADDY-SXB)
1 1 91.201.28.211 203480 (QUALITYUNIT)
1 1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
14 2a05:d014:275... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.154.19.22 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
15 2600:9000:211... 16509 (AMAZON-02)
1 34.117.190.191 396982 (GOOGLE-CL...)
1 107.154.132.67 19551 (INCAPSULA)
1 6 34.107.236.224 396982 (GOOGLE-CL...)
1 13.224.189.77 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.42 16509 (AMAZON-02)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 34.120.230.83 396982 (GOOGLE-CL...)
3 52.67.230.207 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
61 21
1    2606:4700:10::ac43:8ee (United States)

ASN13335 (CLOUDFLARENET, US)
cutt.ly
1    92.205.4.19 (Strasbourg, France)

ASN21499 (GODADDY-SXB, DE)
PTR: 19.4.205.92.host.secureserver.net
comparatore.affilroi.com
1    91.201.28.211 (Slovakia)

ASN203480 (QUALITYUNIT, SK)
www.affilroi.com
1    2a02:26f0:6c00::210:bb62 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.leovegas.com
14    2a05:d014:275:cb02::c8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
promo.leovegas.com
1    2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    18.154.19.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-19-22.mad53.r.cloudfront.net
d33wubrfki0l68.cloudfront.net
3    2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
15    2600:9000:211e:0:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
1    34.117.190.191 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 191.190.117.34.bc.googleusercontent.com
leo-promo-redirect-service.leo-prod-common.lvg-tech.net
1    107.154.132.67 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.67.ip.incapdns.net
www.leovegas.it
6    34.107.236.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.236.107.34.bc.googleusercontent.com
sgtm.leovegas.it
sgtm.leovegas.com
1    13.224.189.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-77.fra2.r.cloudfront.net
static.hotjar.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.189.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-42.fra2.r.cloudfront.net
script.hotjar.com
2    2606:4700:e0::ac40:651d (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.prdredir.com
rtg.prdredir.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    34.120.230.83 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 83.230.120.34.bc.googleusercontent.com
tgtag.io
3    52.67.230.207 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-67-230-207.sa-east-1.compute.amazonaws.com
event.getblue.io
widget.getblue.io
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
2    2600:1901:0:7246:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
api.trafficguard.ai
Apex Domain
Subdomains		 Transfer
19 leovegas.com
ads.leovegas.com
promo.leovegas.com
sgtm.leovegas.com
370 KB
15 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3311
197 KB
3 getblue.io
event.getblue.io — Cisco Umbrella Rank: 30574
widget.getblue.io — Cisco Umbrella Rank: 32737
3 KB
3 leovegas.it
www.leovegas.it
sgtm.leovegas.it
154 KB
3 gstatic.com
fonts.gstatic.com
64 KB
2 trafficguard.ai
api.trafficguard.ai — Cisco Umbrella Rank: 28167
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
239 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
492 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
136 KB
2 prdredir.com
scripts.prdredir.com — Cisco Umbrella Rank: 46123
rtg.prdredir.com — Cisco Umbrella Rank: 89173
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
91 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 619
script.hotjar.com — Cisco Umbrella Rank: 769
72 KB
2 cloudfront.net
d33wubrfki0l68.cloudfront.net
281 KB
2 affilroi.com
comparatore.affilroi.com
www.affilroi.com
1 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6149
441 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
516 B
1 tgtag.io
tgtag.io — Cisco Umbrella Rank: 16019
32 KB
1 lvg-tech.net
leo-promo-redirect-service.leo-prod-common.lvg-tech.net
217 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
1 cutt.ly
cutt.ly — Cisco Umbrella Rank: 76960
456 B
61 20
Domain Requested by
15 images.ctfassets.net promo.leovegas.com
14 promo.leovegas.com promo.leovegas.com
4 sgtm.leovegas.com 1 redirects sgtm.leovegas.it
sgtm.leovegas.com
3 fonts.gstatic.com fonts.googleapis.com
2 api.trafficguard.ai tgtag.io
2 www.facebook.com
2 stats.g.doubleclick.net 1 redirects sgtm.leovegas.com
2 event.getblue.io sgtm.leovegas.it
event.getblue.io
2 connect.facebook.net comparatore.affilroi.com
connect.facebook.net
2 www.google-analytics.com sgtm.leovegas.it
2 sgtm.leovegas.it comparatore.affilroi.com
sgtm.leovegas.it
2 d33wubrfki0l68.cloudfront.net promo.leovegas.com
1 widget.getblue.io event.getblue.io
1 rtg.prdredir.com
1 www.google.de
1 www.google.com 1 redirects
1 tgtag.io comparatore.affilroi.com
1 scripts.prdredir.com sgtm.leovegas.it
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com sgtm.leovegas.it
1 www.leovegas.it d33wubrfki0l68.cloudfront.net
1 leo-promo-redirect-service.leo-prod-common.lvg-tech.net d33wubrfki0l68.cloudfront.net
1 fonts.googleapis.com promo.leovegas.com
1 ads.leovegas.com 1 redirects
1 www.affilroi.com 1 redirects
1 comparatore.affilroi.com
1 cutt.ly 1 redirects
61 27
Subject Issuer Validity Valid
comparatore.affilroi.com
ZeroSSL RSA Domain Secure Site CA		 2022-07-07 -
2023-07-07		 a year crt.sh
brand.leovegas.com
R3		 2023-02-15 -
2023-05-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
images.ctfassets.net
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-16		 a year crt.sh
*.leo-prod-common.lvg-tech.net
R3		 2023-01-26 -
2023-04-26		 3 months crt.sh
leovegas.it
DigiCert SHA2 Extended Validation Server CA		 2022-07-06 -
2023-07-06		 a year crt.sh
*.leovegas.it
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-14 -
2024-01-14		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-11-23		 9 months crt.sh
*.leovegas.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-16 -
2024-01-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.prdredir.com
E1		 2023-01-10 -
2023-04-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-15		 2 months crt.sh
tgtag.io
GTS CA 1D4		 2023-02-07 -
2023-05-08		 3 months crt.sh
*.getblue.io
Amazon RSA 2048 M01		 2023-02-03 -
2023-11-20		 10 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
api.trafficguard.ai
GTS CA 1D4		 2023-01-14 -
2023-04-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Frame ID: 706AEBF49B35C7D6E5632F2B9747990B
Requests: 63 HTTP requests in this frame

Frame: https://event.getblue.io/p/?cId=ECA2B5B3-DE90-8396-BCD180904D04A8BA&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=79f9067e-c9ae-4387-8e81-a5e854936248&v=13072020-1328&nocache=6266515734192.981
Frame ID: 8165E6CFACBD2D83B0F7D15039CC9905
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LeoVegas - Il Re del casinò mobile e del casinò live

Page URL History Show full URLs

  1. https://cutt.ly/KKknwqS HTTP 301
    https://comparatore.affilroi.com/LoSpartano/leoBONUS/c Page URL
  2. https://www.affilroi.com/scripts/ulu1x72ocw?a_aid=acf32af2&a_bid=1ea8a890 HTTP 301
    https://ads.leovegas.com/redirect.aspx?pid=3659745&bid=14965&Subid=acf32af2 HTTP 307
    https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)
Overall confidence: 100%
Detected patterns
  • <div id="___gatsby">
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

61
Requests

98 %
HTTPS

58 %
IPv6

20
Domains

27
Subdomains

21
IPs

7
Countries

1406 kB
Transfer

3854 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.ly/KKknwqS HTTP 301
    https://comparatore.affilroi.com/LoSpartano/leoBONUS/c Page URL
  2. https://www.affilroi.com/scripts/ulu1x72ocw?a_aid=acf32af2&a_bid=1ea8a890 HTTP 301
    https://ads.leovegas.com/redirect.aspx?pid=3659745&bid=14965&Subid=acf32af2 HTTP 307
    https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cutt.ly/KKknwqS HTTP 301
  • https://comparatore.affilroi.com/LoSpartano/leoBONUS/c
Request Chain 56
  • https://sgtm.leovegas.com/j/collect?v=1&_v=j99&aip=1&a=1067463947&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fit%2Fmc-casino%3Fbtag%3D666932_5ADD2628DFDA4EC78CD235A35A850AB8%26Subid%3Dacf32af2%26pid%3D3659745%26bid%3D14965&dr=https%3A%2F%2Fcomparatore.affilroi.com%2F&dp=%2Fit%2Fmc-casino%3Fbtag%3D666932_5ADD2628DFDA4EC78CD235A35A850AB8%26Subid%3Dacf32af2%26pid%3D3659745%26bid%3D14965&ul=en-us&de=UTF-8&dt=LeoVegas%20-%20Il%20Re%20del%20casin%C3%B2%20mobile%20e%20del%20casin%C3%B2%20live&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=666932&cn=14965&cs=666932&cm=affiliate&_u=YADAAEABQAAAACAAII~&jid=96761069&gjid=2115913436&cid=2091562092.1678147021&tid=UA-25600410-30&_gid=455153451.1678147021&_r=1&gtm=45Fe3310n71WGS5KD&cd1=666932&cd3=3659745&cd4=leo&cd5=IT&cd7=it&cd32=139&cd35=8&cd39=https%3A%2F%2Fpromo.leovegas.com%2Fit%2Fmc-casino%3Fbtag%3D666932_5ADD2628DFDA4EC78CD235A35A850AB8&z=2038551453 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=2091562092.1678147021&jid=96761069&_gid=455153451.1678147021&gjid=2115913436&_v=j99&z=2038551453 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=2091562092.1678147021&jid=96761069&_v=j99&z=2038551453 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=2091562092.1678147021&jid=96761069&_v=j99&z=2038551453&slf_rd=1&random=2707605814

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
c
comparatore.affilroi.com/LoSpartano/leoBONUS/
Redirect Chain
  • https://cutt.ly/KKknwqS
  • https://comparatore.affilroi.com/LoSpartano/leoBONUS/c
147 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comparatore.affilroi.com/LoSpartano/leoBONUS/c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.205.4.19 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
19.4.205.92.host.secureserver.net
Software
Apache / PHP/8.1.13
Resource Hash
c93d6bb7d0fe1ddc44260229ebb4fc2fede76d31ddfbbc197cc17cfc6addbc54

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, no-cache, private
content-encoding
br
content-length
125
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 23:56:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/8.1.13

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a3e89d5ca38900d-FRA
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 23:56:59 GMT
expect-ct
max-age=86400, enforce
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://comparatore.affilroi.com/LoSpartano/leoBONUS/c
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Primary Request mc-casino
promo.leovegas.com/it/
Redirect Chain
  • https://www.affilroi.com/scripts/ulu1x72ocw?a_aid=acf32af2&a_bid=1ea8a890
  • https://ads.leovegas.com/redirect.aspx?pid=3659745&bid=14965&Subid=acf32af2
  • https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
73 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
7f57c8526d2fe183f26a3479f4fa60e1a1e23917f026f99e8ab008e60a59019f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://comparatore.affilroi.com/LoSpartano/leoBONUS/c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 23:57:00 GMT
etag
"087551a827ac46fa6b1d3120dabdce03-ssl-df"
link
</webpack-runtime.js>; rel=preload; as=script, </framework.js>; rel=preload; as=script, </dc6a8720040df98778fe970bf6c000a41750d3ae.js>; rel=preload; as=script, </app.js>; rel=preload; as=script, </2bae3ab28f31d2a8229873c0a8c605f4942535e9.js>; rel=preload; as=script, </296e5c74be4ef87214c13a3eccfc8701ca037fca.js>; rel=preload; as=script, </f42b21920690a8f2d3f7c993bc1d85d62caf224c.js>; rel=preload; as=script, </621ec4f75d3e6a9e277c13fe9a03346557cf284d.js>; rel=preload; as=script, </05901c0cdc340371e5e64de460e805993147c75a.js>; rel=preload; as=script, </component---src-templates-leo-universe-index-jsx.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/it/mc-casino/page-data.json>; rel=preload; as=fetch; crossorigin
referrer-policy
same-origin
server
Netlify
strict-transport-security
max-age=31536000
vary
X-Bb-Conditions,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-nf-request-id
01GTWNPS70S3N0E2D5MVSZS453
x-xss-protection
1; mode=block

Redirect headers

access-control-expose-headers
Request-Context
cache-control
max-age=0, no-cache, no-store
content-length
0
content-type
text/html
date
Mon, 06 Mar 2023 23:56:59 GMT
expires
Mon, 06 Mar 2023 23:56:59 GMT
location
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
p3p
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma
no-cache
request-context
appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
server-timing
edge; dur=1 origin; dur=67 cdn-cache; desc=MISS ak_p; desc="466151_34650974_660085468_6826_4936_5_0";dur=1
x-aspnet-version
4.0.30319
webpack-runtime.js
promo.leovegas.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/webpack-runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
aadd415bb8835b2211961b41ef41c5afd0405da82c54afab8b3474e4c285c368
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCG0D365N87GECWNDE7
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 16:18:01 GMT
strict-transport-security
max-age=31536000
age
27539
content-length
1428
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"65e2ad280c458388d714a356e6c7bbe5-ssl"
vary
X-Bb-Conditions
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
framework.js
promo.leovegas.com/ 		127 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/framework.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
cd9f0cfa62314d1f463e50f309d67315c1d6b5a912c8b2e436864e3c18324856
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCGJNW3R1N5Y15J1JAC
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 23:19:00 GMT
strict-transport-security
max-age=31536000
age
2280
content-length
40243
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"ed62147f972ba399b2129618fd674521-ssl-df"
vary
X-Bb-Conditions,Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
dc6a8720040df98778fe970bf6c000a41750d3ae.js
promo.leovegas.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/dc6a8720040df98778fe970bf6c000a41750d3ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e7d4aad2828a31207fc0aa6c9d4eafcd543e64ba64fa7a9a1a3bda39d8ba15a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCJYNFHJ59R91V3N95T
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 23:19:00 GMT
strict-transport-security
max-age=31536000
age
2280
content-length
4159
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"371f6b7693ef0762b08d726245970a62-ssl-df"
vary
X-Bb-Conditions,Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
app.js
promo.leovegas.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
a3faa4ef3e3289550a6b42a35b133cf557dba2b941f1fd8719a95e34a24c17d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCJMB4FPCRHSN4HYG5T
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 23:19:00 GMT
strict-transport-security
max-age=31536000
age
2280
content-length
14825
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"d861ef8c48a72a26b2ec0ebf871df2c4-ssl-df"
vary
X-Bb-Conditions,Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
2bae3ab28f31d2a8229873c0a8c605f4942535e9.js
promo.leovegas.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/2bae3ab28f31d2a8229873c0a8c605f4942535e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
d6b04bd063c3bcc61715c08c9d904aebe0ec46104be04f0e336b9514c14a2bf7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCJ2ZB6FR10F5N5R3XJ
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 23:19:00 GMT
strict-transport-security
max-age=31536000
age
2280
content-length
6200
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"9742d43589b56f22bbb02e02afb5edd4-ssl-df"
vary
X-Bb-Conditions,Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
296e5c74be4ef87214c13a3eccfc8701ca037fca.js
promo.leovegas.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/296e5c74be4ef87214c13a3eccfc8701ca037fca.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
935dae725cf8ff81650cd6c73427df21789b44a401c159fead77dfd3a4117555
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCJHXBBMSF9A00VA1Z9
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 16:18:01 GMT
strict-transport-security
max-age=31536000
age
27539
content-length
2939
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"e5c649240eef8eefa6fb55bb2c17b45f-ssl"
vary
X-Bb-Conditions
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
f42b21920690a8f2d3f7c993bc1d85d62caf224c.js
promo.leovegas.com/ 		329 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/f42b21920690a8f2d3f7c993bc1d85d62caf224c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
833cb9524b8cd01fb948ddc8f0d078c1cc3ba15b40f3b0321075769b5398f77e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCJWT6M9R6S6QVPCZJB
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 23:19:00 GMT
strict-transport-security
max-age=31536000
age
2280
content-length
100094
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"636af426b03018ca1f88cd16249c16e8-ssl-df"
vary
X-Bb-Conditions,Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
621ec4f75d3e6a9e277c13fe9a03346557cf284d.js
promo.leovegas.com/ 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/621ec4f75d3e6a9e277c13fe9a03346557cf284d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
a4add5b7a879218d6c487655dc6c1b20006626557523dc17cd6b25d110300f5a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCJB9CD4S8JMYVXT6PR
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 23:19:00 GMT
strict-transport-security
max-age=31536000
age
2280
content-length
33194
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"7d6b40fc6410c32c5a65f9144a7d6a28-ssl-df"
vary
X-Bb-Conditions,Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
05901c0cdc340371e5e64de460e805993147c75a.js
promo.leovegas.com/ 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/05901c0cdc340371e5e64de460e805993147c75a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e61526074c63e96681163c1e29f42fad937c4f35e92ecf78d6de2fe91d8cb69c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCJMF1FS8VT56F7VA4Q
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 16:18:01 GMT
strict-transport-security
max-age=31536000
age
27539
content-length
42778
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"5e3a0b6a5233b72a9f05dbf006265730-ssl"
vary
X-Bb-Conditions
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
component---src-templates-leo-universe-index-jsx.js
promo.leovegas.com/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/component---src-templates-leo-universe-index-jsx.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
e872031f54cb8205ce073c4f88577c3150bbb7b14b172d682e92ca956382b1eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCJMSBRVGKGEC510FX6
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 23:19:00 GMT
strict-transport-security
max-age=31536000
age
2280
content-length
5676
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"21337f80b37e4a0caa837a4603f856bd-ssl-df"
vary
X-Bb-Conditions,Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
app-data.json
promo.leovegas.com/page-data/ 		50 B
154 B 		Other
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/page-data/app-data.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
548e38db05a68b22a01e2021ea423458abe331d35ff8f46cbdae7c599078e123
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Origin
https://promo.leovegas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCQA6KE5WSDBNNGR1KR
content-security-policy
frame-ancestors 'self' https://optimize.google.com
date
Mon, 06 Mar 2023 16:18:01 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
age
27539
content-length
50
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"642f9ed1d63803603986fd51d94a954c-ssl"
vary
X-Bb-Conditions
x-frame-options
DENY
content-type
application/json
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
page-data.json
promo.leovegas.com/page-data/it/mc-casino/ 		50 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/page-data/it/mc-casino/page-data.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
bc153cf778dc6eb1f59eb9cf6beeaf3ddf584f27f9f6b56361c9230e2abef961
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Origin
https://promo.leovegas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCQ7N04T29G9YG636RS
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 23:57:00 GMT
strict-transport-security
max-age=31536000
age
0
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"f966c44b1d9f081f53354863c7eb1bf2-ssl-df"
vary
X-Bb-Conditions,Accept-Encoding
x-frame-options
DENY
content-type
application/json
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
css2
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f327e4d76b4a300214d2e2cc2a1d7c0b2b63902bb83cd094b134a80e3227064a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 23:57:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 23:57:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 23:57:00 GMT
2280590532.json
promo.leovegas.com/page-data/sq/d/ 		11 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://promo.leovegas.com/page-data/sq/d/2280590532.json
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
8af8d9349e7445389614a77d0077d56fd5cf82947affc53a1e5869c5b5521f29
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://optimize.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Origin
https://promo.leovegas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTWNPSCZH7F5ZV11Y47TE9Y4
content-security-policy
frame-ancestors 'self' https://optimize.google.com
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 23:25:41 GMT
strict-transport-security
max-age=31536000
age
1880
content-length
1584
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
Netlify
etag
"d2cd1d7a109c66e843d404cee7067c98-ssl-df"
vary
X-Bb-Conditions,Accept-Encoding
x-frame-options
DENY
content-type
application/json
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
leovegas-casino-logo-303a40e8ff4725493d0d2eac998219ea.png
d33wubrfki0l68.cloudfront.net/c818ec80d6e62941b42b67882bad573e7368d801/c4d7c/static/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/c818ec80d6e62941b42b67882bad573e7368d801/c4d7c/static/leovegas-casino-logo-303a40e8ff4725493d0d2eac998219ea.png
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.19.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-19-22.mad53.r.cloudfront.net
Software
Netlify /
Resource Hash
0163e1e689f26f9d4162e1d731525521a975eb299449ecc789e7c6d335f78e85

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GHFHC2X623S142JVR4YCZ4ZH
date
Thu, 10 Nov 2022 01:09:51 GMT
via
1.1 2af35548d208b1f9a58c4758e0da1976.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
MAD53-P1
age
10104429
etag
47262b62fb231e87722d31776845e7499242a80d
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
content-length
24411
x-amz-cf-id
CE0scVs3YLBBRi8S1lv04RKRqrQF77tFrY8nvHmbIt-k8Jpo_RpdYA==
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95255f16955d40283d7f783c6e8015033d7ff296870626f76e3da2da6328ccb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/jpeg
e77ce9964a4956760f56015d37ea331c076b5c69.js
d33wubrfki0l68.cloudfront.net/bundles/ 		791 KB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d33wubrfki0l68.cloudfront.net/bundles/e77ce9964a4956760f56015d37ea331c076b5c69.js
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.19.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-19-22.mad53.r.cloudfront.net
Software
Netlify /
Resource Hash
f9eea31261f8ac894be1b65637b5a0226f65d22eb2da9839c87717c2e0f160cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nf-request-id
01GTV60C71BKF2YFXNN1ER37PV
date
Mon, 06 Mar 2023 10:03:23 GMT
content-encoding
gzip
via
1.1 2af35548d208b1f9a58c4758e0da1976.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MAD53-P1
age
50018
x-cache
Hit from cloudfront
server
Netlify
etag
630c4176f8aaecaba91b992ca9b4fdc42a6f71cf-df
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
x-amz-cf-id
Z15PUXpJkmy_zIHFjKMdQwJZPSbGmRjADabI9iQ9fzLmiM43HBB0QA==
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v24/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo.leovegas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:19:54 GMT
x-content-type-options
nosniff
age
383826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32860
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:12:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 13:19:54 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo.leovegas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 12:23:05 GMT
x-content-type-options
nosniff
age
387235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 12:23:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo.leovegas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 13:13:56 GMT
x-content-type-options
nosniff
age
384184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 13:13:56 GMT
Footer-Payment-Logos-White-LV-mastercard-master-card.png
images.ctfassets.net/kijvoxi4q0zn/2LYC2421BhrbgJoAzZH8lJ/c0d7d2dd5621b332d597457f78e4693e/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/2LYC2421BhrbgJoAzZH8lJ/c0d7d2dd5621b332d597457f78e4693e/Footer-Payment-Logos-White-LV-mastercard-master-card.png?w=57&h=42&q=50&fm=webp&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
19826ba4a0ec21227d6c2e7d83b20922db677dd745a899469789c9a33c13c4e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 06:43:00 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Wed, 25 Jan 2023 14:36:41 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
62040
etag
"a1d65be5982ded2b68903525b6391da8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
1108
x-amz-cf-id
wzUjBfj52fuvqG9oFcBwO7RPrkk39PNOmFfCZ5muqtCm6zUg2orcrg==
visa.png
images.ctfassets.net/kijvoxi4q0zn/70qqkPh65Ao078Gh2Dh5kG/fbc8a162ff5ba6b5a1d0651b66d9c6a9/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/70qqkPh65Ao078Gh2Dh5kG/fbc8a162ff5ba6b5a1d0651b66d9c6a9/visa.png?w=82&h=42&q=50&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
de7e9bb06a10c64785123b5ff7ba7aa577503c5870963aaeee4a31b3ceefeba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:36:45 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Sat, 28 Jan 2023 21:09:59 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
80462
etag
"352d8aedcd7621fad44682fc949f6b32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
2007
x-amz-cf-id
q2-bV4wbAKFGP4GRyrSM5m9phC3dODQshKJkfgMzwb76eRZLk87kLA==
Footer-Payment-Logos-White-LV-postepay.png
images.ctfassets.net/kijvoxi4q0zn/BZ1CIhQuI2nvHSDjSQLUG/2ca09bb75d7c7b573623a16d01c7ec5c/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/BZ1CIhQuI2nvHSDjSQLUG/2ca09bb75d7c7b573623a16d01c7ec5c/Footer-Payment-Logos-White-LV-postepay.png?w=202&h=42&q=50&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
620712ec8e4be0f9795bdcdaec90f6180bfebf32097e6e77742a001fceb58333

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:00:28 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Thu, 16 Feb 2023 18:13:01 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
79156
etag
"a9c8c075f9d213adced2368ab0cac4bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
5718
x-amz-cf-id
NA7VAU0vVDVEBOXiTNb2YIyLhnAHUZ7FvqgyHONF7coDLZIbOur3uA==
Footer-Payment-Logos-White-LV-PayPal.png
images.ctfassets.net/kijvoxi4q0zn/7EPJURUekyu39Tu7RyttK0/35487c56f51ccef553d6ce12bcd22204/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/7EPJURUekyu39Tu7RyttK0/35487c56f51ccef553d6ce12bcd22204/Footer-Payment-Logos-White-LV-PayPal.png?w=155&h=42&q=50&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0b2a14fc81c6adc73220034332fe843b8efcfbce170adcd2e61432c8ea03b33f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:00:28 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 07 Feb 2023 17:49:20 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
74611
etag
"fcf2e9d111d5e421c6c77aceacc3968c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
3799
x-amz-cf-id
nTR-gE-xfjZ7Zbk3AkEecjlG4CkKYTERZnWlfA2BT6S5vFU9EcpBYQ==
klarna.png
images.ctfassets.net/kijvoxi4q0zn/7uS2eZFcNX6tGCe55TLMEh/9d6816ee162cff5c6f6d0c9552ce6901/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/7uS2eZFcNX6tGCe55TLMEh/9d6816ee162cff5c6f6d0c9552ce6901/klarna.png?w=160&h=42&q=50&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0ad9243f27233ede908bf38275af921b7a41ce1f17a404b15587a08b56dc4340

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:00:28 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Sat, 21 Jan 2023 13:58:51 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
65012
etag
"5a4772d639eeca58e661045644201feb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
3070
x-amz-cf-id
T0IuhcDxmIgjOmwhm0x1GoooWq_hx1l_jJtMmEgDRo8-IJ-rjQFZMQ==
Footer-Payment-Logos-White-LV-iPay.png
images.ctfassets.net/kijvoxi4q0zn/4JQRrwNOu4BnoTErIZzV3p/5dda4dbd971a8b7582e7c030d274b863/ 		506 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/4JQRrwNOu4BnoTErIZzV3p/5dda4dbd971a8b7582e7c030d274b863/Footer-Payment-Logos-White-LV-iPay.png?w=67&h=42&q=50&fm=webp&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
da31cfd780caf735f3444165007b04ea9c8db42bce540187ede32147ab6317a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:00:28 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 12:24:34 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
74177
etag
"857569bcddef72fe3f9437dcf3f20bbc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
506
x-amz-cf-id
8oU8RyWlnrKTPjgz7WlrjghvF7ZxIBshUZ3rxGhFNPf5L6TwOklfvA==
Neteller.png
images.ctfassets.net/kijvoxi4q0zn/6O0QLRNv6UOAv7g2JPxpzB/0a6c2ef297078d81fb9a896d77a2923f/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/6O0QLRNv6UOAv7g2JPxpzB/0a6c2ef297078d81fb9a896d77a2923f/Neteller.png?w=160&h=42&q=50&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
34bcd5401073ddd1e82831d3ec9a6a9de46681e5bd3b70c482c8efbfd6195029

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:00:28 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Mon, 30 Jan 2023 17:46:24 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
79964
etag
"7c8e392291f17741a6816d7521cdd2aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
2365
x-amz-cf-id
SbIauU6U-3z18hVakkDPpC6xikf88ycK_34Qtd_Ve8JxJQaNCczp6A==
skrill.png
images.ctfassets.net/kijvoxi4q0zn/hcXkVlZ1EyF43wEzKeIk9/5a69ed0f32dc05a4bd88b09d177e1cde/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/hcXkVlZ1EyF43wEzKeIk9/5a69ed0f32dc05a4bd88b09d177e1cde/skrill.png?w=82&h=42&q=50&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
2b8afe1c29f7d2627ca6f447dd342aa5dcad3a8b59ec328967fc4a0e947089ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 07:54:40 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Fri, 03 Feb 2023 14:57:39 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
57740
etag
"31d8d34aef8f7ab67a3ee6fbd3a23d6d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
1776
x-amz-cf-id
8xR4mSyieG-qaDk_koHs1BhkZblgpyG58RtKpMchbaWrsPNOxyJMgQ==
PaySafeCard.png
images.ctfassets.net/kijvoxi4q0zn/4s4oFiVlYsusRci6WVl6tL/6b411cb5c81f5a6b47e7d5afbe7e0f79/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/4s4oFiVlYsusRci6WVl6tL/6b411cb5c81f5a6b47e7d5afbe7e0f79/PaySafeCard.png?w=249&h=42&q=50&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
784a12846a2c45fbdae6f074d1257459ba70d7626a776a5bd72f89aadb098124

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 07:52:43 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Mon, 20 Feb 2023 20:17:15 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
57857
etag
"5b7c8d8869553b985a973de43e0e18f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
4094
x-amz-cf-id
Ygbze8DbSbG23bXFr4qyes0iK2mkl_oES8StY5NDQvfkhkLjn_ay7A==
Online-Casino-of-the-Year-2023__1_.png
images.ctfassets.net/kijvoxi4q0zn/5nchqBrvkYrCdXxavWQC7W/cd2ffe3bf6a7530357262c6c0d3108fe/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/5nchqBrvkYrCdXxavWQC7W/cd2ffe3bf6a7530357262c6c0d3108fe/Online-Casino-of-the-Year-2023__1_.png?w=101&h=140&q=100&fm=webp&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
bafe2c8700ecab6b43111624ecb4800518f04f6592cad71dd63e650c1ead0326

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:03:37 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Mon, 27 Feb 2023 10:07:17 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
76383
etag
"45997e6558d6630726b8e0f89de794c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
4892
x-amz-cf-id
i8f6jvPn947D2YIYv8XxH9Nf2-fxob0qToxkocpEu_5inY62O-R6Aw==
Mobile-Operator-of-the-Year-2023__1_.png
images.ctfassets.net/kijvoxi4q0zn/31LgqWw7cqQrsYLPHAxVVb/30265da2e87afb40ffa00b846b18086a/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/31LgqWw7cqQrsYLPHAxVVb/30265da2e87afb40ffa00b846b18086a/Mobile-Operator-of-the-Year-2023__1_.png?w=145&h=140&q=100&fm=webp&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
bdf582f893dbd3ce5d4321d144627cf1272e3fb4cd3e7adc5bbc34e4a2383c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:03:37 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Mon, 27 Feb 2023 10:07:17 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
63177
etag
"f32ca238d9ba15f530c4578993f6d447"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
16962
x-amz-cf-id
VRGMJ_QMQ59KMwlmHLwHUxrrXKfMQLbIDUu4w04N36vpbqlh4i4g0Q==
Online-Gaming-Operator-of-the-year-2022__1_.png
images.ctfassets.net/kijvoxi4q0zn/2mu9nqX7BKbC1IKz4uhT9J/dc32751a2cfb35e327f51a7d4385323d/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/2mu9nqX7BKbC1IKz4uhT9J/dc32751a2cfb35e327f51a7d4385323d/Online-Gaming-Operator-of-the-year-2022__1_.png?w=195&h=140&q=100&fm=webp&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0ba728be255feb2894352a3c0716e8b60614d98ea7d9c0b243389917fa61376b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:03:37 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Mon, 27 Feb 2023 10:06:30 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
63177
etag
"dde8df4ca41738fe5b8679c53e062716"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
18522
x-amz-cf-id
wgk_SNNArefWQujZfyi9gccVQBM2n0KM7pFKxEf9VZi3oOs5Nd5-xw==
EGR---Casino-Operator-of-the-year-2023__1_.png
images.ctfassets.net/kijvoxi4q0zn/2LiKGgKHto0NDYNb8crfXi/aacf8925a23e3d7dd595e962b665ee55/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/2LiKGgKHto0NDYNb8crfXi/aacf8925a23e3d7dd595e962b665ee55/EGR---Casino-Operator-of-the-year-2023__1_.png?w=155&h=140&q=100&fm=webp&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
54dcc77d19453dd474e188fb417ef2753677fa77186aea51607bf55b907037a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:03:38 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Mon, 27 Feb 2023 10:06:12 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
60250
etag
"c232eaab1dfe666562cfe1168adfb90f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
17750
x-amz-cf-id
naBfW-MnyQMl9aV3UmLbKg_GD9kWqBkI9D1cwb0_t64rOcNF7uNVaw==
EGR---Best-Mobile-Casino-Product-2021__1_.png
images.ctfassets.net/kijvoxi4q0zn/38t6ooVUgnaGpUdL1Ebn1p/4643adee990581bddad9c528b0ead484/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/38t6ooVUgnaGpUdL1Ebn1p/4643adee990581bddad9c528b0ead484/EGR---Best-Mobile-Casino-Product-2021__1_.png?w=161&h=140&q=100&fm=webp&fit=fill
Requested by
Host: promo.leovegas.com
URL: https://promo.leovegas.com/it/mc-casino?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
77690f260fdad5ef6d947db66e6c82a934f8a5cc56842c57440c3d4c7f742d30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:03:38 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Mon, 27 Feb 2023 10:06:45 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
60250
etag
"5136a656292e225d2da89c321794c95d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
17128
x-amz-cf-id
3ECw_XI_TJfh7PQBcCf9EzM-_NTKoO4cymvvtcdU9s6NmAyWkpBWFg==
_geofetch
leo-promo-redirect-service.leo-prod-common.lvg-tech.net/ 		37 B
217 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://leo-promo-redirect-service.leo-prod-common.lvg-tech.net/_geofetch
Requested by
Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/bundles/e77ce9964a4956760f56015d37ea331c076b5c69.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.190.191 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
191.190.117.34.bc.googleusercontent.com
Software
/
Resource Hash
119a195f3efd74066fa28d54f354020efbe3e82c90ac474a6fb313cb1d18226c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Mar 2023 23:57:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
set-affiliate-domain-cookie
www.leovegas.it/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.leovegas.it/set-affiliate-domain-cookie?btag=666932_5ADD2628DFDA4EC78CD235A35A850AB8&Subid=acf32af2&pid=3659745&bid=14965&lobby=casino
Requested by
Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/bundles/e77ce9964a4956760f56015d37ea331c076b5c69.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.67 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.67.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f626b4784b532d62d49d43dc67e683fdf655ff5e737a82fefba5ab5632ef743

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/jpeg
gtm.js
sgtm.leovegas.it/ 		191 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sgtm.leovegas.it/gtm.js?id=GTM-WGS5KD
Requested by
Host: comparatore.affilroi.com
URL: https://comparatore.affilroi.com/LoSpartano/leoBONUS/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.236.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.236.107.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
25f8d41f2e4a46465cff62e7c90e5e185d9edb87d8ef674ea1ff1726d109f5ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:57:00 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 06 Mar 2023 22:17:46 GMT
server
nginx/1.23.3
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Mar 2023 00:11:27 GMT
LV_LP_desktop_generic_CA_D92178_MC_IT.jpg
images.ctfassets.net/kijvoxi4q0zn/5XGPRzzSsDAYDdUpM7i9G9/c0069fdfdd9c9bd85a1a216e346af849/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/kijvoxi4q0zn/5XGPRzzSsDAYDdUpM7i9G9/c0069fdfdd9c9bd85a1a216e346af849/LV_LP_desktop_generic_CA_D92178_MC_IT.jpg?w=1920&h=1080&q=50&fm=webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:0:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
841731f98050a80dc05a061c7c875b5a21650f5aaa867cf5784698aa0549265d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:00:29 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Fri, 17 Feb 2023 08:19:05 GMT
server
Contentful Images API
x-amz-cf-pop
FRA56-C2
age
74177
etag
"81930a286905bc3e2abd5ad28dc94695"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
96136
x-amz-cf-id
iVMp8aimn9zcAcWsWIe5__4zDUEKiYiVI1m7cIyb-barvznhf-Oc6A==
hotjar-380080.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-380080.js?sv=7
Requested by
Host: sgtm.leovegas.it
URL: https://sgtm.leovegas.it/gtm.js?id=GTM-WGS5KD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-77.fra2.r.cloudfront.net
Software
/
Resource Hash
21d46869d2c74d90d57f325089183d7e44fbc4c2aea1f8aa980c90fc64211b2b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 23:57:00 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
38
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/2a2b9f54cbf21c954a1e08d1373a09b0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
T0Tf9NssGbzBTFX7z5SHjEQmkci1GH8LjeTGPcV_OIM9ymoGCVRmfA==
gtm.js
sgtm.leovegas.it/ 		298 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sgtm.leovegas.it/gtm.js?id=GTM-TZJXZ4T&l=dataLayer&sign=4960192d27864dbf57df803fac7688bfd82a6780afc992f7a24e948964ac79ed_20230306
Requested by
Host: sgtm.leovegas.it
URL: https://sgtm.leovegas.it/gtm.js?id=GTM-WGS5KD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.236.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.236.107.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
3d2470f4f1b0b767f8f69592b5905c7858813580607ef37af1f18a1346be1b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:57:00 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 06 Mar 2023 22:17:46 GMT
server
nginx/1.23.3
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Mar 2023 00:11:27 GMT
js
sgtm.leovegas.com/gtag/ 		197 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sgtm.leovegas.com/gtag/js?id=G-R99CHBN90V&l=dataLayer&cx=c&sign=4960192d27864dbf57df803fac7688bfd82a6780afc992f7a24e948964ac79ed_20230306
Requested by
Host: sgtm.leovegas.it
URL: https://sgtm.leovegas.it/gtm.js?id=GTM-WGS5KD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.236.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.236.107.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
a137acd3e49af71e6b26d8c68242116699999a4c048399b787f74b8588a4ed08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:57:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.23.3
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Mar 2023 00:11:52 GMT
optimize.js
www.google-analytics.com/gtm/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-K5XRHTM
Requested by
Host: sgtm.leovegas.it
URL: https://sgtm.leovegas.it/gtm.js?id=GTM-WGS5KD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4ce19ee31255f3c40b88cdb524c6e8c67f1dcefb863455727c2f3a8d7d5701f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:57:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
47761
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Mar 2023 23:57:00 GMT
modules.e238613e92953c03de32.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e238613e92953c03de32.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-380080.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
/
Resource Hash
f0fcd9253a2ee5dd3c94dd76077f12b3fd0ea6f7fd2ba29c4c00392dcf0309ec
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 10:17:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
49193
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68629
last-modified
Mon, 06 Mar 2023 10:16:15 GMT
etag
"4cfc6687bd72612084887bca5406b51f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
F8mLClXi8kYBAFYAj3k5QGIQzqGyCWyB-piOFHDyKJhvnbWxHItWew==
k_leovegas.js
scripts.prdredir.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.prdredir.com/scripts/k_leovegas.js
Requested by
Host: sgtm.leovegas.it
URL: https://sgtm.leovegas.it/gtm.js?id=GTM-TZJXZ4T&l=dataLayer&sign=4960192d27864dbf57df803fac7688bfd82a6780afc992f7a24e948964ac79ed_20230306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:651d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc15e72bb78bf3e1f68429fb2ffb04e1f2dad2082d9c20d498fd11c56fca1a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-runtime
0.005998
date
Mon, 06 Mar 2023 23:57:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"dc15e72bb78bf3e1f68429fb2ffb04e1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkiizwCVKUERDZmII29RDTQX10sPMC%2B0x6nk4kC%2Br%2B584XuWDWb28ApLSSiZEopwBojexdiY1vDKnyUCP90KF9t6qVnUyfd585Nu64QqECCegp%2Fdc1vSU0ZHVK3Lc7RbSVckqsyynK5jVZ6xKZ1nMPHdJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
status
200 OK
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7a3e89e10f2736dd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
439c9434-b7bd-4350-ad33-6ee428d3e196
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: comparatore.affilroi.com
URL: https://comparatore.affilroi.com/LoSpartano/leoBONUS/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 06 Mar 2023 23:57:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27907
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
2XoaPecuPWKnKCFuBbh4i78ySblnusgqcYd0Q80oEHiwR1GXQVtB8ZSWqjIf/XpURJsGRCtpVpK5KKPZo4EVBg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tg.js
tgtag.io/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tgtag.io/tg.js?pid=tg-g-002415-002
Requested by
Host: comparatore.affilroi.com
URL: https://comparatore.affilroi.com/LoSpartano/leoBONUS/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.230.83 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
83.230.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5ebbc8b7722230da999471af208db5b3a4288b05b92093e96829d28466f0163c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 06:51:39 GMT
content-encoding
gzip
age
61522
x-guploader-uploadid
ADPycdtwTubfTdMURDup_GCyZVh5GGV2c52xs3RZ23vyWtta7gWoPFaiTYKtjsWpodCJbONk1M75j5IqTwL9teX4Qacswg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31950
last-modified
Fri, 03 Mar 2023 06:48:29 GMT
server
UploadServer
etag
"524b1d592684a87c893b0f8b1fd6221f"
x-goog-generation
1677826109134622
x-goog-hash
crc32c=7xfl0A==, md5=UksdWSaEqHyJOw+LH9YiHw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, no-transform, max-age=86400, s-maxage=86400
x-goog-stored-content-length
31950
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 07 Mar 2023 06:51:39 GMT
blue-tag.min.js
event.getblue.io/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://event.getblue.io/js/blue-tag.min.js
Requested by
Host: sgtm.leovegas.it
URL: https://sgtm.leovegas.it/gtm.js?id=GTM-TZJXZ4T&l=dataLayer&sign=4960192d27864dbf57df803fac7688bfd82a6780afc992f7a24e948964ac79ed_20230306
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.67.230.207 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-230-207.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
41f40556d764448a5c8220598ddf5c7df825bced46014dbca751e80e3b3d429e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Mar 2023 23:12:02 GMT
etag
W/"7716-1678144322286"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-xss-protection
1; mode=block
optimize.js
www.google-analytics.com/gtm/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-NZW9CHB
Requested by
Host: sgtm.leovegas.it
URL: https://sgtm.leovegas.it/gtm.js?id=GTM-WGS5KD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3588ed620fa8d5a23cec982f65261690bdab52070968dc1dbedd5fd6ab0accff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:57:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45013
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 22:17:46 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Mar 2023 23:57:00 GMT
collect
sgtm.leovegas.com/g/ 		65 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sgtm.leovegas.com/g/collect?v=2&tid=G-R99CHBN90V&gtm=45he3310&_p=1067463947&_gaz=1&cid=2091562092.1678147021&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678147021&sct=1&seg=0&dl=https%3A%2F%2Fpromo.leovegas.com%2Fit%2Fmc-casino%3Fbtag%3D666932_5ADD2628DFDA4EC78CD235A35A850AB8%26Subid%3Dacf32af2%26pid%3D3659745%26bid%3D14965&dr=https%3A%2F%2Fcomparatore.affilroi.com%2F&dt=LeoVegas%20-%20Il%20Re%20del%20casin%C3%B2%20mobile%20e%20del%20casin%C3%B2%20live&en=page_view&_fv=1&_nsi=1&_ss=1&ep.country_code=IT&ep.country_subdivision=IT&ep.gtm_container_id_version=GTM-WGS5KD_139&ep.endpoint=https%3A%2F%2Fsgtm.leovegas.com&ep.content_group=promo&richsstsse
Requested by
Host: sgtm.leovegas.com
URL: https://sgtm.leovegas.com/gtag/js?id=G-R99CHBN90V&l=dataLayer&cx=c&sign=4960192d27864dbf57df803fac7688bfd82a6780afc992f7a24e948964ac79ed_20230306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.236.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.236.107.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx/1.23.3
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://promo.leovegas.com
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R99CHBN90V&cid=2091562092.1678147021&gtm=45he3310&aip=1
Requested by
Host: sgtm.leovegas.com
URL: https://sgtm.leovegas.com/gtag/js?id=G-R99CHBN90V&l=dataLayer&cx=c&sign=4960192d27864dbf57df803fac7688bfd82a6780afc992f7a24e948964ac79ed_20230306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 23:57:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo.leovegas.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1059370837892905
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1059370837892905?v=2.9.98&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d47a00eb09c62034cefddf3cb29fec61024943c6d8ba22e076835ed26f53fb5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 06 Mar 2023 23:57:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110235
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
X42Hs0Boh0bV5ChmvudFze2tcWeca8nLjMwf2m3aSHxz8lgE2H7oksdv9OSCDFO6Za1+sYFQDXdvU+6ZicYZuw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
sgtm.leovegas.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sgtm.leovegas.com/analytics.js
Requested by
Host: sgtm.leovegas.it
URL: https://sgtm.leovegas.it/gtm.js?id=GTM-WGS5KD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.236.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.236.107.34.bc.googleusercontent.com
Software
nginx/1.23.3 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:57:01 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
nginx/1.23.3
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Mar 2023 01:56:11 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1059370837892905&ev=PageView&dl=https%3A%2F%2Fpromo.leovegas.com%2Fit%2Fmc-casino%3Fbtag%3D666932_5ADD2628DFDA4EC78CD235A35A850AB8%26Subid%3Dacf32af2%26pid%3D3659745%26bid%3D14965&rl=https%3A%2F%2Fcomparatore.affilroi.com%2F&if=false&ts=1678147021149&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678147021148.1727500284&it=1678147021036&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 06 Mar 2023 23:57:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://sgtm.leovegas.com/j/collect?v=1&_v=j99&aip=1&a=1067463947&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.leovegas.com%2Fit%2Fmc-casino%3Fbtag%3D666932_5ADD2628DFDA4EC78CD235A35A850AB8%26Subid%3Dacf...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=2091562092.1678147021&jid=96761069&_gid=455153451.1678147021&gjid=2115913436&_v=j99&z=2038551453
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=2091562092.1678147021&jid=96761069&_v=j99&z=2038551453
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=2091562092.1678147021&jid=96761069&_v=j99&z=2038551453&slf_rd=1&random=2707605814
42 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=2091562092.1678147021&jid=96761069&_v=j99&z=2038551453&slf_rd=1&random=2707605814
Protocol
H2
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 23:57:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 06 Mar 2023 23:57:01 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=2091562092.1678147021&jid=96761069&_v=j99&z=2038551453&slf_rd=1&random=2707605814
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
rtg.prdredir.com/ 		43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtg.prdredir.com/sync?ref=https%3A%2F%2Fcomparatore.affilroi.com%2F&lp=https%3A%2F%2Fpromo.leovegas.com%2Fit%2Fmc-casino%3Fbtag%3D666932_5ADD2628DFDA4EC78CD235A35A850AB8%26Subid%3Dacf32af2%26pid%3D3659745%26bid%3D14965&sh=1200&sw=1600&date=1678147021207&fp=uid-0711382802.0415840937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:651d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:57:01 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
status
200 OK
content-transfer-encoding
binary
content-disposition
inline; filename="pixel.gif"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
46c96bd5-5e78-4bf2-a7f1-318e2f88cad4
x-runtime
0.002191
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQJF%2F2TdoThnP5vjl%2F9%2FASzU7rnwhfm2TDckrv2WDjt%2BQXWV9MMFUz3zGbJ6ngwFUo3cAFCCu%2BQW7uqbAW5wkD6FCjDYIyUe45bK%2BMJs9WOVI0Pi1htYQlbtlBVaMFwaQk1JiFLXQH01oGkM1ERc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
7a3e89e2c85736dd-FRA
event
api.trafficguard.ai/tg-g-002415-002/api/v4/client-side/validate/ 		62 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trafficguard.ai/tg-g-002415-002/api/v4/client-side/validate/event
Requested by
Host: tgtag.io
URL: https://tgtag.io/tg.js?pid=tg-g-002415-002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7246:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
c39d0aeb2118e19ea53fd481fe4e55fdcfc2c9df12b56270e97a8b53677960e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 06 Mar 2023 23:57:01 GMT
via
1.1 google
x-content-type-options
nosniff
etag
W/"3e-hfjxqCVl/QNqlsXWHKBHO4HDZ/I"
expect-ct
max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promo.leovegas.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
content-length
62
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
event.getblue.io/p/ Frame 8165 		0
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://event.getblue.io/p/?cId=ECA2B5B3-DE90-8396-BCD180904D04A8BA&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=79f9067e-c9ae-4387-8e81-a5e854936248&v=13072020-1328&nocache=6266515734192.981
Requested by
Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.67.230.207 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-230-207.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
0
content-type
text/html;charset=UTF-8
date
Mon, 06 Mar 2023 23:57:01 GMT
tagcontainer-version
1185-25112022-1130
/
widget.getblue.io/event/ 		0
56 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getblue.io/event/?cId=ECA2B5B3-DE90-8396-BCD180904D04A8BA&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=79f9067e-c9ae-4387-8e81-a5e854936248&v=13072020-1328&if=0&nocache=6354132332050.1
Requested by
Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.67.230.207 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-230-207.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:57:01 GMT
content-length
0
content-type
text/html;charset=UTF-8
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1059370837892905&ev=Microdata&dl=https%3A%2F%2Fpromo.leovegas.com%2Fit%2Fmc-casino%3Fbtag%3D666932_5ADD2628DFDA4EC78CD235A35A850AB8%26Subid%3Dacf32af2%26pid%3D3659745%26bid%3D14965&rl=https%3A%2F%2Fcomparatore.affilroi.com%2F&if=false&ts=1678147022653&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22LeoVegas%20-%20Il%20Re%20del%20casin%C3%B2%20mobile%20e%20del%20casin%C3%B2%20live%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=30&fbp=fb.1.1678147021148.1727500284&it=1678147021036&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 06 Mar 2023 23:57:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
event
api.trafficguard.ai/tg-g-002415-002/api/v4/client-side/validate/ 		61 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trafficguard.ai/tg-g-002415-002/api/v4/client-side/validate/event
Requested by
Host: tgtag.io
URL: https://tgtag.io/tg.js?pid=tg-g-002415-002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7246:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
18cccf9f3ae615df065ef20111e050bb202254d4cf780c150927f51d00d6bffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 06 Mar 2023 23:57:04 GMT
via
1.1 google
x-content-type-options
nosniff
etag
W/"3d-+VrgqwIBqu+GaYyaxm1oD9TgRqA"
expect-ct
max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promo.leovegas.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
content-length
61
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless string| pagePath object| ___chunkMapping object| webpackJsonp object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate object| regeneratorRuntime object| gsapVersions string| ___webpackCompilationHash object| dataLayer object| google_tag_manager object| google_tag_data function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| fbq function| _fbq object| dataTrafficGuard object| google_optimize object| gaGlobal function| TrafficGuard object| gaplugins object| gaData number| instId string| campaignId string| pageType string| blueProductId string| transactionTotal string| transactionId string| p1 string| p2 string| p3 number| pixelMode string| fingerprint function| setLocalStorage function| getLocalStorage function| setSessionStorage function| getSessionStorage function| setCookieBlue function| getCookieBlue function| generateUid object| blue function| documentReady function| executeFlow function| loadFunction function| executeRequests function| blue_obj function| createDivElement function| createIframeElement function| createScriptElement function| createImgElement function| isSessionStorageEnabled function| isLocalStorageEnabled function| isCookieEnabled object| blue_q string| blue_v string| bluecpy_id number| idxCampaignId number| idxPageType

34 Cookies

Domain/Path Name / Value
cutt.ly/ Name: PHPSESSID
Value: bgbnfg25onu4gtjfhmdd52b0r6
comparatore.affilroi.com/ Name: PHPSESSID
Value: o4n2vqq70s227isuqfcjq7refv
comparatore.affilroi.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkZhT3Q1SEtLL2F3bytSU1FtdXZ5Mnc9PSIsInZhbHVlIjoiVWVyQm5HR3Vzd056MU92MXpkKzJzN1hwclVGamhmWGhTN3IvT1I1YVg3OU5GcXRJQ2hzT090Q3RVby9xTWQvNmNZdEFHa3lONCt6Ri9FM2h1NUp2VHArYXRKWlVHRStZSEg5bHA0emUrUVo1N2JIWUczUFNUUUU4THpxWnhuckciLCJtYWMiOiJlOTgyYTdmMmU5NWUxNzkyZWNiNGYzYTI2NTc2OGFkNTg4YmE5NmEzOWEwM2ViNTFjMTFlNzlmMGNmMDZiOTM5IiwidGFnIjoiIn0%3D
comparatore.affilroi.com/ Name: laravel_session
Value: eyJpdiI6InQ0YUlOQlVYdFFQcVJSY1JNUmVuZmc9PSIsInZhbHVlIjoiVjhDZ1JSRnZRSDJ2NFl0Q1BESHJDa3RsUTV3T1ZPc2tBV1BHcTh6MCtxbDlrc3NjczR4RlI0cTZraFdCN09ITHNsZXQ0NlkrcXpjM0pGblJxYTM4OTBNd3FSSGIzYUZhQUhKOFdUQ2FBMXB0VGVhZTZseFduWG9EejNnZ1c2VE8iLCJtYWMiOiI1NzE2ZTMwMTdmODE5ZDRhNjNkMTMxOWViOWU1MjYxNmRkNTI2ZmQ5ZjY1ZGI4ZGI2YzI4YTgyODc2NmFmNjliIiwidGFnIjoiIn0%3D
.affilroi.com/ Name: PAPVisitorId
Value: 6m2lV1s5PddiWGhcqU0ILygV71kJiJGZ
.affilroi.com/ Name: PAPAffiliateId
Value: acf32af2
.leovegas.com/ Name: NetRefer_CookieUniTrack_C
Value: %5b%7b%22PID%22%3a3659745%2c%22BID%22%3a14965%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1678147019895)%5c%2f%22%2c%22CookieTag%22%3a%2214965365974501%3a%3a2%3a700a%3a0502%3a89c%3a00a2C2023362356%22%7d%5d
.leovegas.com/ Name: NetReferSPS
Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222839615754%7c1%22%7d%5d
.leovegas.it/ Name: visid_incap_1705993
Value: p/sNEiZvQTGj7tcQqTaA9ct9BmQAAAAAQUIPAAAAAAByFX1pmk/kAtT8AUsWk826
.leovegas.it/ Name: nlbi_1705993
Value: c+O4dS2iOjm8svCQrtRhMAAAAAB9dodH9C1TifaRTLFoQBp8
.leovegas.it/ Name: incap_ses_1515_1705993
Value: SwA3HKObY2UWV6eW31wGFcx9BmQAAAAAwiKxfGamtlyFZh9uy1eyMg==
.leovegas.com/ Name: _gcl_au
Value: 1.1.92211893.1678147021
.leovegas.com/ Name: _ga_R99CHBN90V
Value: GS1.1.1678147021.1.0.1678147021.60.0.0
.leovegas.com/ Name: FPLC
Value: hHCUxyqfbD3Xw%2FEtae%2FN2u7N%2FRlScnP7E1uRBUvLDatzaiV7H1j2RY%2FTRHL77k9qv0ushxoquNiBjaWheEDS3Uf831%2BDlWlocyHuVQ0urItH41Qi6VCxXYyOmdOTUA%3D%3D
.leovegas.com/ Name: FPID
Value: FPID2.2.UQqu7GE0uVBGTxIfLEavrMuGlqnMtjvn15mhyNjWWyg%3D.1678147021
.leovegas.com/ Name: _hjSessionUser_380080
Value: eyJpZCI6IjcyYjJjYzU0LTMzZDQtNWJkMC05NWM1LTY1NWM5NjUyZjYyOCIsImNyZWF0ZWQiOjE2NzgxNDcwMjEwODcsImV4aXN0aW5nIjpmYWxzZX0=
.leovegas.com/ Name: _hjFirstSeen
Value: 1
.leovegas.com/ Name: _hjIncludedInSessionSample_380080
Value: 0
.leovegas.com/ Name: _hjSession_380080
Value: eyJpZCI6IjRhNGUwMDJhLWFjOTktNDMxMS1iOTY1LWU4NjZjZTI0NjQ3ZCIsImNyZWF0ZWQiOjE2NzgxNDcwMjEwOTcsImluU2FtcGxlIjpmYWxzZX0=
.leovegas.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.leovegas.com/ Name: _tguatd
Value: eyJ0Z3NvdXJjZSI6ImNvbXBhcmF0b3JlLmFmZmlscm9pLmNvbSJ9
.leovegas.com/ Name: _tgpc
Value: b07391a0-c40c-5132-8e5c-0fea536623c9
.leovegas.com/ Name: _tgidts
Value: eyJzZXNzaW9uSGFzaCI6ImQ0MWQ4Y2Q5OGYwMGIyMDRlOTgwMDk5OGVjZjg0MjdlIiwiY2xpZW50SWQiOiI1MDBkMzYwMC1kMzI1LTUxMGItODliOC1hYzAzZWRlODBiYmYiLCJzZXNzaW9uSWQiOiI1NThmODZiYy1iODZjLTVjMTQtYTZjOS1jMGQwNjk4ZDJmMzMifQ==
.leovegas.com/ Name: _tglksd
Value: eyJzIjoiNTU4Zjg2YmMtYjg2Yy01YzE0LWE2YzktYzBkMDY5OGQyZjMzIiwic3QiOjE2NzgxNDcwMjExMzMsInNvZCI6ImNvbXBhcmF0b3JlLmFmZmlscm9pLmNvbSIsInNvZHQiOjE2NzgxNDcwMjExMzMsInNvZHMiOiJyIiwic29kc3QiOjE2NzgxNDcwMjExMzN9
.leovegas.com/ Name: _fbp
Value: fb.1.1678147021148.1727500284
.leovegas.com/ Name: _ga
Value: GA1.2.2091562092.1678147021
.leovegas.com/ Name: _gid
Value: GA1.2.455153451.1678147021
.leovegas.com/ Name: _gat_UA-25600410-30
Value: 1
promo.leovegas.com/ Name: __user_id
Value: uid-0711382802.0415840937
.leovegas.com/ Name: _tgsc
Value: 558f86bc-b86c-5c14-a6c9-c0d0698d2f33:1678147021212
.leovegas.com/ Name: _tgsid
Value: eyJscGQiOiJleUpzWVc1a2FXNW5YM0JoWjJWZmRYSnNJam9pYUhSMGNITWxNMEVsTWtZbE1rWndjbTl0Ynk1c1pXOTJaV2RoY3k1amIyMGxNa1pwZENVeVJtMWpMV05oYzJsdWJ5VXpSbUowWVdjbE0wUTJOalk1TXpKZk5VRkVSREkyTWpoRVJrUkJORVZETnpoRFJESXpOVUV6TlVFNE5UQkJRamdsTWpaVGRXSnBaQ1V6UkdGalpqTXlZV1l5SlRJMmNHbGtKVE5FTXpZMU9UYzBOU1V5Tm1KcFpDVXpSREUwT1RZMUlpd2liR0Z1WkdsdVoxOXdZV2RsWDNScGRHeGxJam9pVEdWdlZtVm5ZWE1sTWpBdEpUSXdTV3dsTWpCU1pTVXlNR1JsYkNVeU1HTmhjMmx1SlVNekpVSXlKVEl3Ylc5aWFXeGxKVEl3WlNVeU1HUmxiQ1V5TUdOaGMybHVKVU16SlVJeUpUSXdiR2wyWlNKOSIsInBhZ2Vfc2Vzc2lvbiI6IjlmY2Q5ZmI1LTkyYjEtNDNiMy1hMWUyLWZkODNmMmQzYjc1ZCIsImV2ZW50X2NvdW50IjoiMSIsInBhZ2V2aWV3IjoidHJ1ZSJ9
.trafficguard.ai/ Name: geid
Value: 04010049-ed92-45e2-b200-069164067dcd
promo.leovegas.com/ Name: blueID
Value: 79f9067e-c9ae-4387-8e81-a5e854936248
.getblue.io/ Name: ckid
Value: 53F675B9-01AE-4E43-A64E32756818C0F0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.leovegas.com
api.trafficguard.ai
comparatore.affilroi.com
connect.facebook.net
cutt.ly
d33wubrfki0l68.cloudfront.net
event.getblue.io
fonts.googleapis.com
fonts.gstatic.com
images.ctfassets.net
leo-promo-redirect-service.leo-prod-common.lvg-tech.net
promo.leovegas.com
rtg.prdredir.com
script.hotjar.com
scripts.prdredir.com
sgtm.leovegas.com
sgtm.leovegas.it
static.hotjar.com
stats.g.doubleclick.net
tgtag.io
widget.getblue.io
www.affilroi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.leovegas.it
107.154.132.67
13.224.189.42
13.224.189.77
18.154.19.22
2600:1901:0:7246::
2600:9000:211e:0:12:94b3:c380:93a1
2606:4700:10::ac43:8ee
2606:4700:e0::ac40:651d
2a00:1450:4001:810::200e
2a00:1450:400c:c00::9b
2a00:1450:400d:805::2003
2a00:1450:400d:808::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::200a
2a02:26f0:6c00::210:bb62
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d014:275:cb02::c8
34.107.236.224
34.117.190.191
34.120.230.83
52.67.230.207
91.201.28.211
92.205.4.19
0163e1e689f26f9d4162e1d731525521a975eb299449ecc789e7c6d335f78e85
0ad9243f27233ede908bf38275af921b7a41ce1f17a404b15587a08b56dc4340
0b2a14fc81c6adc73220034332fe843b8efcfbce170adcd2e61432c8ea03b33f
0ba728be255feb2894352a3c0716e8b60614d98ea7d9c0b243389917fa61376b
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
119a195f3efd74066fa28d54f354020efbe3e82c90ac474a6fb313cb1d18226c
18cccf9f3ae615df065ef20111e050bb202254d4cf780c150927f51d00d6bffc
19826ba4a0ec21227d6c2e7d83b20922db677dd745a899469789c9a33c13c4e7
21d46869d2c74d90d57f325089183d7e44fbc4c2aea1f8aa980c90fc64211b2b
25f8d41f2e4a46465cff62e7c90e5e185d9edb87d8ef674ea1ff1726d109f5ca
2b8afe1c29f7d2627ca6f447dd342aa5dcad3a8b59ec328967fc4a0e947089ae
34bcd5401073ddd1e82831d3ec9a6a9de46681e5bd3b70c482c8efbfd6195029
3588ed620fa8d5a23cec982f65261690bdab52070968dc1dbedd5fd6ab0accff
3d2470f4f1b0b767f8f69592b5905c7858813580607ef37af1f18a1346be1b5a
41f40556d764448a5c8220598ddf5c7df825bced46014dbca751e80e3b3d429e
548e38db05a68b22a01e2021ea423458abe331d35ff8f46cbdae7c599078e123
54dcc77d19453dd474e188fb417ef2753677fa77186aea51607bf55b907037a4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ebbc8b7722230da999471af208db5b3a4288b05b92093e96829d28466f0163c
620712ec8e4be0f9795bdcdaec90f6180bfebf32097e6e77742a001fceb58333
6d47a00eb09c62034cefddf3cb29fec61024943c6d8ba22e076835ed26f53fb5
77690f260fdad5ef6d947db66e6c82a934f8a5cc56842c57440c3d4c7f742d30
784a12846a2c45fbdae6f074d1257459ba70d7626a776a5bd72f89aadb098124
7f57c8526d2fe183f26a3479f4fa60e1a1e23917f026f99e8ab008e60a59019f
833cb9524b8cd01fb948ddc8f0d078c1cc3ba15b40f3b0321075769b5398f77e
841731f98050a80dc05a061c7c875b5a21650f5aaa867cf5784698aa0549265d
8af8d9349e7445389614a77d0077d56fd5cf82947affc53a1e5869c5b5521f29
8f626b4784b532d62d49d43dc67e683fdf655ff5e737a82fefba5ab5632ef743
8f9c92e1a12ac6e0fc59919f0c3fc20cf9dc1bd8d78db4ea7b28298bc80038ff
935dae725cf8ff81650cd6c73427df21789b44a401c159fead77dfd3a4117555
95255f16955d40283d7f783c6e8015033d7ff296870626f76e3da2da6328ccb3
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
a137acd3e49af71e6b26d8c68242116699999a4c048399b787f74b8588a4ed08
a3faa4ef3e3289550a6b42a35b133cf557dba2b941f1fd8719a95e34a24c17d8
a4add5b7a879218d6c487655dc6c1b20006626557523dc17cd6b25d110300f5a
aadd415bb8835b2211961b41ef41c5afd0405da82c54afab8b3474e4c285c368
bafe2c8700ecab6b43111624ecb4800518f04f6592cad71dd63e650c1ead0326
bc153cf778dc6eb1f59eb9cf6beeaf3ddf584f27f9f6b56361c9230e2abef961
bdf582f893dbd3ce5d4321d144627cf1272e3fb4cd3e7adc5bbc34e4a2383c7c
c39d0aeb2118e19ea53fd481fe4e55fdcfc2c9df12b56270e97a8b53677960e0
c4ce19ee31255f3c40b88cdb524c6e8c67f1dcefb863455727c2f3a8d7d5701f
c93d6bb7d0fe1ddc44260229ebb4fc2fede76d31ddfbbc197cc17cfc6addbc54
cd9f0cfa62314d1f463e50f309d67315c1d6b5a912c8b2e436864e3c18324856
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6b04bd063c3bcc61715c08c9d904aebe0ec46104be04f0e336b9514c14a2bf7
da31cfd780caf735f3444165007b04ea9c8db42bce540187ede32147ab6317a8
dc15e72bb78bf3e1f68429fb2ffb04e1f2dad2082d9c20d498fd11c56fca1a6a
de7e9bb06a10c64785123b5ff7ba7aa577503c5870963aaeee4a31b3ceefeba8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61526074c63e96681163c1e29f42fad937c4f35e92ecf78d6de2fe91d8cb69c
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e7d4aad2828a31207fc0aa6c9d4eafcd543e64ba64fa7a9a1a3bda39d8ba15a4
e872031f54cb8205ce073c4f88577c3150bbb7b14b172d682e92ca956382b1eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fcd9253a2ee5dd3c94dd76077f12b3fd0ea6f7fd2ba29c4c00392dcf0309ec
f327e4d76b4a300214d2e2cc2a1d7c0b2b63902bb83cd094b134a80e3227064a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9eea31261f8ac894be1b65637b5a0226f65d22eb2da9839c87717c2e0f160cd