Report - inoradde.com/4/4292615/

Report Overview

Submitted URL
inoradde.com/4/4292615/
IP
139.45.197.238
ASN
#9002 RETN Limited
Submitted
2022-12-06 03:59:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	69 kB	143.204.55.68
images.ctfassets.net	4623	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	94 kB	54.230.111.77
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	920 B	142.250.74.132
d33wubrfki0l68.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	574 B	143.204.42.80
promo.leovegas.com	535866	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	29 kB	331 kB	34.159.75.132
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	67 kB	216.58.207.227
vc.hotjar.io	2334	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	20 kB	54.230.111.91
www.leovegas.com	354851	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	1.4 kB	107.154.248.168
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ntrfr.leovegas.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	1.2 kB	95.101.10.168
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	1.7 kB	143.204.55.118
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	54 kB	34.120.237.76
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.9 kB	93.184.220.29
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.33.119.27
sgtm.leovegas.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	95 kB	34.107.236.224
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	48 kB	142.250.74.110
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	6.6 kB	142.250.74.106
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	681 B	139.45.195.8
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	9.8 kB	142.250.74.131
leo-promo-redirect-service.leo-prod-common.lvg-tech.net	695620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	284 B	34.117.190.191
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	1.2 kB	64.233.165.155
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	466 B	769 B	142.250.74.67
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.13.173.34
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	79 kB	143.204.55.54
inoradde.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	685 B	2.2 kB	139.45.197.238

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	inoradde.com	Sinkholed
2022-12-06	medium	inoradde.com	Sinkholed

JavaScript (102)

	URL	Size	First Seen	Last Seen
	www.google-analytics.com/gtm/optimize.js?id=GTM-NZW9CHB	112 kB	2023-03-08	2023-03-08
Pretty URL www.google-analytics.com/gtm/optimize.js?id=GTM-NZW9CHB IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-08 20:11:41 Times Seen1 Hash 35ae242c6c3747ad8215bd3c021e2cec 85423631d9d34b6c5273fd6313278c299b77fee2 0518001da23821617d98c3d2d2bcc1da82624d2493c0c4f294dcd081c6ab9fc9 Loading...

	inoradde.com/4/4292615/	576 B	2023-03-08	2023-03-08
Pretty URL inoradde.com/4/4292615/ IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:06 Last Seen2023-03-08 20:03:06 Times Seen1 Hash 83df99f32682473e21c2378f206351f9 aec281000511af97b17cfaaf98dabea4fa325cff 442e7d5399d574b55b61867cd21fa7665ae6bdfe3e76878e77387fa3d4ad9f0f Loading...

	promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362	381 B	2023-03-08	2023-06-10
Pretty URL promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362 IP 34.159.75.132 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 3aea4ff5a923ba8ec513d6e8e686f474 4b5393be3c3d97fcab06536fddff1f1e4add4969 0d6fb97529219a7897892ca7b7772818274e5f9e1e6f8d1572661179a37f678e Loading...

	promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362	971 B	2023-03-08	2023-03-08
Pretty URL promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362 IP 34.159.75.132 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-08 20:11:41 Times Seen1 Hash 453aec1e6029a7c2ea0aeb26ced29da1 6d6011c7ccd3ab65be45847513c7656306b3a4e7 09a4b39beffcac1b4e4843a79ab7604512d1312480540cee29db9850f245ddf0 Loading...

	sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD	215 kB	2023-03-08	2023-03-08
Pretty URL sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD IP 34.107.236.224 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:04 Last Seen2023-03-08 20:03:06 Times Seen1 Hash 9e799ee552e9f41501a13b1e9cabfde6 6faede0823cbb40c818a53e36829bde0cd931f47 df8e8aa682db29cc2b1da181fc70805e1ba61ef2cb4a54bb37fe80ee626b019a Loading...

	sgtm.leovegas.com/gtag/js?id=G-R99CHBN90V&l=dataLayer&cx=c&sign=0f5bb15bb2fb023cd3c1efabe058da1053072773fc8f17bff5249a3ac518364d_20221206	204 kB	2023-03-08	2023-03-08
Pretty URL sgtm.leovegas.com/gtag/js?id=G-R99CHBN90V&l=dataLayer&cx=c&sign=0f5bb15bb2fb023cd3c1efabe058da1053072773fc8f17bff5249a3ac518364d_20221206 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:06 Last Seen2023-03-08 20:03:06 Times Seen1 Hash 19ce0d3a2bca2093b727b0609796c91b 59320780faaf2e1fd58405d6b7d3acd9b81db2c8 c48b8d4ecf2cdb250f19ee242cae7e008131b8380e075b11f8957f855fb65bb8 Loading...

	www.google-analytics.com/gtm/optimize.js?id=OPT-K5XRHTM	122 kB	2023-03-08	2023-03-08
Pretty URL www.google-analytics.com/gtm/optimize.js?id=OPT-K5XRHTM IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:58:39 Last Seen2023-03-08 20:11:41 Times Seen1 Hash a90749d9b6e0182bd1159737bb1184c0 05dcef0149b034d15b4251957240b50bcbf5aecf 521f1285b545ca3fb6dda3c77c204df27b63233d18a3b1ebf709b005459f5dd4 Loading...

	vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html	2.3 kB	2023-03-08	2023-03-26
Pretty URL vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html IP 143.204.55.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2023-03-26 01:38:12 Times Seen2 Hash 2ab04d2242413cc15369fa816e1a02f8 8ff148dd539f0fff0892dcc2075839c315cb8642 fe51660a3d21efbefab64694f51d02f2bcee4e82c324895e93c78ba6179508a3 Loading...

	promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362	56 B	2023-03-08	2023-03-08
Pretty URL promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362 IP 34.159.75.132 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-08 20:11:41 Times Seen1 Hash dcb6c92c45c8e6480ef217dfad13e337 11f6d3c01654e6bf216fe586f7cfca035c17659f 1f34724f5b30327554ef0b067638a891aabc3b884c0cdc082f7efa4bb6c47832 Loading...

	static.hotjar.com/c/hotjar-380080.js?sv=7	26 kB	2023-03-08	2023-03-08
Pretty URL static.hotjar.com/c/hotjar-380080.js?sv=7 IP 143.204.55.54 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:03:06 Last Seen2023-03-08 20:03:06 Times Seen1 Hash 789519ecdbae8dc663b18295412ebba7 5d202b07e8d448ab67e4625644c29bda888fcb4c b70c6c0c594b6b25361053cba4aac5177bf3a02cd292f6be34c65629b75b0503 Loading...

	sgtm.leovegas.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL sgtm.leovegas.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

		Size	First Seen	Last Seen
	#1 Eval - fc667e240d746fffeb1449a72f5f21ee	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash fc667e240d746fffeb1449a72f5f21ee 1ed731904c372aa549f78d1b2b59ec75d657bcd6 44016e43fa4f0dcf110125630bf1d017234026081a2b93726932a727cea1fc6c Loading...

	#2 Eval - 3f05f79193ef3cdf88c22c97e50abe1b	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 3f05f79193ef3cdf88c22c97e50abe1b c7f12276effef5ae3ab7222b593f31e0dcdf2ef7 a1c1c0c5a06aa8d50dab0a7eaaa1420503565a82934f465492767894f31cff41 Loading...

	#3 Eval - 8fa043e6e3b2f6458a3cf8a18c3dc09c	108 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8fa043e6e3b2f6458a3cf8a18c3dc09c 3f742f7b1e2a4cb5f567d444f33809af0c4b335a bcb56769020cb140b5c7e552b889d00c427161277b5e67c385c38e8460f21ebe Loading...

	#4 Eval - af45283f996510854f3619a849328e27	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash af45283f996510854f3619a849328e27 34c614f5dc391452157e74dc6b7f180e6b3ed901 6ee88f294314cad35a11c2dbab248326dc2a3465cd329ee17d39e760cf2627f6 Loading...

	#5 Eval - 675b735a91cc0e840766e0b37bdcba5c	99 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 675b735a91cc0e840766e0b37bdcba5c 129427d9468633ff0c6fcce58c1a7f5bcfb33e1d ce3e18a8510a65da5b2f621b3c28f3866a5e6b3ea4ae25468e1c664812638e3e Loading...

	#6 Eval - 28c09c90ee32a01e2ca3f3b4a33ea882	114 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 28c09c90ee32a01e2ca3f3b4a33ea882 17862bac1d86c2d99857d1c4e40ed991968cc387 7b8cdfb439a9696a17f1e19589d2055d1cf1e6308fd1725f447ae8a964eedb0c Loading...

	#7 Eval - 5a51320e8bc81905a11160dbd2b99995	124 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-14 19:59:59 Times Seen1 Hash 5a51320e8bc81905a11160dbd2b99995 cffd839185838e27bb11b88d31bdd63a78a1392e 8c786163d5b73d7bc01f2f53e0c1ca06d19f0d3be6b6e403ffd389f51f7926cc Loading...

	#8 Eval - dc0c587ea5dc38ab1d3acca238746079	123 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:54:00 Times Seen4 Hash dc0c587ea5dc38ab1d3acca238746079 3d8ec471ecab8ac55f4b23a8b3dc125229704600 ea63b9843eac3e3ccefca4aacb623024051159f9e09306e7143fad34b0a25bf1 Loading...

	#9 Eval - 3ecca5af89fdf4902ab4ff6e64dbd1bc	110 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 3ecca5af89fdf4902ab4ff6e64dbd1bc 8451c2a4e282652b949d4d73a7cd23ebeffcf5cd b44315dfd59ca38274202c3d0708b5c79f3b8ea78cf86c400591e71e6a3a38a9 Loading...

	#10 Eval - a8a9e5e2c3c8f1e6f5464b814dbd1720	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a8a9e5e2c3c8f1e6f5464b814dbd1720 875200d97656c3c0f8bd74165994f15fbb25e128 18ee1f5475962d3b38e052819db4d2d4366b96afb2541b9067673d63a0d5a1e5 Loading...

	#11 Eval - 8dfeed4a96d45a1f058476183263bea4	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8dfeed4a96d45a1f058476183263bea4 fecf7df9ae47ef9f572df844ae10347578beb05a e4a2b38eee8536909dc34f01426f70e51132efbd801770d657fe8d5701d96f8b Loading...

	#12 Eval - 365edb930f5689990a02ef373c421fe4	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 365edb930f5689990a02ef373c421fe4 10e564352177b036286ffb24e9d33205f0a4057c ed0ece0b6e472c857b1730cced51bc469b2ad0450dd93ff5d4ae510ce31d5309 Loading...

	#13 Eval - 31d77629d4e454942a72ebb34ca63d8a	105 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 31d77629d4e454942a72ebb34ca63d8a b2b5e0bcedb42dd895723cb04d85d178abc03b1a df2267e3e07d3ae370c5d274f0554604e5b61eeace3aeb5153f356b63b7eff47 Loading...

	#14 Eval - 55f318898d431acc3d128e81e74e71a8	150 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 55f318898d431acc3d128e81e74e71a8 3f3bcb14f7db2718ecd8142cab4a7a56662bbd09 954640cb295a2a917672de217b87cbfab0b892329d129e58739c00f2a9b612dc Loading...

	#15 Eval - 4861ef1d2f1db399c6dcd8f4df2b2395	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 4861ef1d2f1db399c6dcd8f4df2b2395 b674b187f93af06d65420c9a5be29d76089edb88 48cb6b0fa5a474252426424beefd352a47e25234514c9fe3f4949c22a6780274 Loading...

	#16 Eval - 5be248facc202001df5cb56943b30cca	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 5be248facc202001df5cb56943b30cca 7651b117ea838a7c8011c07dcde1cf5cfbded8aa 498b95ddeefbfc3f8f575dde2b3e76b3aafa99c241418c5f577cedb02838ed56 Loading...

	#17 Eval - bb1678000c9bd1d1e110737c4f9fe55e	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash bb1678000c9bd1d1e110737c4f9fe55e 4a9687bf6d1dcb5c0cb22a8f5c6a2ef67a92fc7f 8830b35ea78c950806c4972c8cc6857dcf77bafb266b0a90e34fcdd4ce7d77e7 Loading...

	#18 Eval - 24aee50acfeb480b7d2203688aa0fd3a	99 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 24aee50acfeb480b7d2203688aa0fd3a 1a12cdb5145f38301ce5c65ccd85c900f90fb2fb 56fa8584f97ab57aceee7f9b7c3b0b6f146d6204e53049dd09ca566eb6a8ba92 Loading...

	#19 Eval - 5b4aa5bf36a69181d2f5f680934ec1ff	172 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 5b4aa5bf36a69181d2f5f680934ec1ff 5b5fc1cf76c40eb8dfb13a8d46670e0c071cda20 da6c050e1003df621452f4af85b0e224a2b41314a0068b2a2676325102e16fdf Loading...

	#20 Eval - f678942ad67c50cf49bf5bac9bf40271	192 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash f678942ad67c50cf49bf5bac9bf40271 4bc3a0ab65d0a6dcebc8aedf47a9f8fde0a6cc5d 75e7d6881f7aaf129305f16840427e2c8f62394c8816f57689b9ccc96c8563ed Loading...

	#21 Eval - fd867d45abc119d378e486b015e5fb32	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash fd867d45abc119d378e486b015e5fb32 c3ef9a0b7357a5a63fe701b568e0b286ba8cdabc d794a5d005d2990361b510f2fcc1a33792baddfc4846e15ea053881aee23eff1 Loading...

	#22 Eval - 3180d9c0ee79198eddb8177d3e2fd2b8	115 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 3180d9c0ee79198eddb8177d3e2fd2b8 ca1491a70702ca9304580c8484dcc6e412e38628 53a045ec8988877e0fc7e0017e8eec37d10952a3f1db13ef3e356e0124991fbc Loading...

	#23 Eval - 500780602a4300040812b5f11475d767	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 500780602a4300040812b5f11475d767 322e396cfc93df0407a8c8cc3190e08cf3b83846 668d8290c59bbe3f716059c4a9542905d78d66738bb0f266f7b4626b1f620f00 Loading...

	#24 Eval - fd92eba485b003f9af63cfa70c7cb963	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash fd92eba485b003f9af63cfa70c7cb963 152d29b9586eea2fac3913d55d1f4dd7cdcfb4e1 ab3b51d76b7283fccccbb14c48ca4b296b21d21a99da32f1aab190f9d03dda4e Loading...

	#25 Eval - 1303777f592eeb45344e9ffaabf4ee5e	124 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 1303777f592eeb45344e9ffaabf4ee5e 6cd74224b78aed223e88b18b81c23d5f75e5eaa9 31a0929519f9f762b5228a20c29d8ebfc62541c8b50e19108f9a4fd33b1ae113 Loading...

	#26 Eval - df4694c3abd755beaa500b403710b461	155 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash df4694c3abd755beaa500b403710b461 94d7c488e5eb06e03b63e1f65c1cd06ae2299141 d8b455f29a30f673681e811bf0bcb188224da0880d07eafe9298d00c35da9a03 Loading...

	#27 Eval - 8c80cb699d9c10b27a60e75ecc48b6ec	155 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8c80cb699d9c10b27a60e75ecc48b6ec 9f5f38b2acde71e514acd92afec448fdf4b13530 f8a52a3a73e0250a815dd17132803408dd6b56880c65fd14eb340e4393d40d7d Loading...

	#28 Eval - d126192b7e6cd4e0578d07016b1182da	85 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash d126192b7e6cd4e0578d07016b1182da 90de39bcff75a0af6ba58b186fd247d22bcedb3e cd6f7444b22e9ab3c56840e59daf71e50b182a51078604d63b4590f0a917f62e Loading...

	#29 Eval - bef0f106432ad908f0c9e615349f7544	114 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash bef0f106432ad908f0c9e615349f7544 77af6144eb7b8b376987590623f71d1e967be47f 9376c54e9f4221dba2b9955f457ee5e2ddb69df7237bc51abf7f25d6f463e995 Loading...

	#30 Eval - 9a565f97f2d93edcf7e15b393f9bb2ab	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 9a565f97f2d93edcf7e15b393f9bb2ab a38cfd5b2521fefa027f1116f2d1c2ebcd46c84a 44a532b0f5d0ce4e99cab5e4d8ca630bcdc61e4619be06bd23e152ea08618425 Loading...

	#31 Eval - 580bba916650a2c53b1f45ee0fd3be2a	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 580bba916650a2c53b1f45ee0fd3be2a 3ea279ee4e6c654e13142544c5421f399200295c 2c15ffb83e32d1c92db7a321806fbba6b25f81f026468aa402e10f213fb56789 Loading...

	#32 Eval - ca6712917ec91ba79e77ff1969d8ea7c	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ca6712917ec91ba79e77ff1969d8ea7c a1c1d34aca42217f217dcd0cb6800a8147e21fac f774376b45d27d4aecc0515c3897ada4159fd9f8e5dc3bd09f6af656b5f10bc9 Loading...

	#33 Eval - 64a5c46f03f22b26cedb06a801d3e4a1	99 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 64a5c46f03f22b26cedb06a801d3e4a1 727622e9bb59406eaca3f582dcebeb6d3e8d3403 a372ea4bb9c395cf2a1b5bfd66ae00fe7cc4080339561c8c687cad60a6c233d2 Loading...

	#34 Eval - 2809f94f980e73613aa4ee95fb8244e6	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 2809f94f980e73613aa4ee95fb8244e6 b03b6bd70b5326ce9cefd5815f618495eee73542 6048538b50f3e2d149105613c637d602c0e0bdbb6786da16151538a01e137420 Loading...

	#35 Eval - ccabf796b417a653a1cdccb12c239376	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ccabf796b417a653a1cdccb12c239376 e68ca3929b928aa84e37bf81a13bca9476d70e2e 59c0b6a193557f1d98f4769131b8c4ab50f29c950416aa94e004774ed73c4d65 Loading...

	#36 Eval - f28cd8b615465625e3e57792f7f4b076	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash f28cd8b615465625e3e57792f7f4b076 02f1a6991c8ecb38b9b037d1daf6328c3564098f d18bbfc39366226ea45b0be769222c006c95b3d078b7a90671a3c446dcf6c143 Loading...

	#37 Eval - 766d4a0aaac10e961dafa6e18840ee9d	100 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 766d4a0aaac10e961dafa6e18840ee9d d4823ab2cf03b9af1f95eb2ffc78faf985cc06db 2ef190e1ff5f9ee67483497a713866fca8982a051f6bdc5aed06c976d76f899e Loading...

	#38 Eval - 36b32b78ffec24408d8f58d8dd421627	100 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 36b32b78ffec24408d8f58d8dd421627 d7d15558fa84fbc1462b33dd285392511450069b d4f42c415fb7cac7882ad147bbaec5daa8e0bc9b2a51d7d27e4b4b58fc8c1e24 Loading...

	#39 Eval - 8a566f1c3a64134add47dec5e2dcc3c4	122 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8a566f1c3a64134add47dec5e2dcc3c4 540fdea64bf051565b734615a259f767817cbd05 1cf32fcddd085006b4b1f5a093b5b4a5f97109ab362d6ab5ba3a7b7e37c756d5 Loading...

	#40 Eval - b1dab119535b2d653cd583fe14562d62	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash b1dab119535b2d653cd583fe14562d62 9a5e2735b2817d33b001162d6200bbc71ab25ef1 54f2fbd41d0e2ae4e39cccc16b7ee210aa2d6fb6ccfb6d0067d55c85228d5dd1 Loading...

	#41 Eval - 36c23dd6683f9c632d4ebd5b9f4cfc7e	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 36c23dd6683f9c632d4ebd5b9f4cfc7e 2df78f839b70876155d95e02a608995055866f29 c841ad1044f1280ede71fe699f66310a9d2807f9c7bef6b89a4a8f8b9252b4f8 Loading...

	#42 Eval - 10707f7d0eb98d79d0daeaaa0f4648c3	99 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 10707f7d0eb98d79d0daeaaa0f4648c3 e7072589c5a580b12f5661527ff2a22a99734ef9 d17fd190e57cddcc99937eebab090c8741b1c00f39fde23b824d36056b8e5a6b Loading...

	#43 Eval - 6344b305e3dceadcc79ccab22aa7c68f	155 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 6344b305e3dceadcc79ccab22aa7c68f b9d065c90b506f9c821ba0504b9158409ed74ef4 2b5c718020edf189b5d5d66cbf97a44dec13c8615d709eab026fae0d839a113f Loading...

	#44 Eval - 75d4e8b557b01a600eee1a64fb0dd739	124 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 75d4e8b557b01a600eee1a64fb0dd739 31431f07314fada96dea3630ff68aaa295112884 920d4ca9ae716cf2a121d0cb6147c90749c2086ee944e97b5333c0dc5323164e Loading...

	#45 Eval - e5276aee2202b576ad3bab226118c6e9	109 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash e5276aee2202b576ad3bab226118c6e9 f8207968b801099917fb0c3555f6c2c5611d1563 79f2bdc0ed253382e0153731d6bd985912616621354f41eaf23d0d8f8874a450 Loading...

	#46 Eval - ebaac333a97c8811cdef754190879ace	107 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ebaac333a97c8811cdef754190879ace 24dbc0473d89a492c5ce355a33fa9fa23c9d58ba 4fcaab3a7f479df8e2e6efe8644304bfc11fb4b9db9b7ea047c828c381a0f091 Loading...

	#47 Eval - a4943e94e9a07d035e014d5393f1c3b5	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a4943e94e9a07d035e014d5393f1c3b5 34b4189acbd1f4d033547bab59ac592db3268c49 be4cf8963e8756a3536f6dd2faf468dac4a10772368c3bf6924326e817e82f2d Loading...

	#48 Eval - f0e918129e5ac179d8e4f663976b6ce3	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash f0e918129e5ac179d8e4f663976b6ce3 51728133cd46a3ac2ed3df134317ace7c12ea482 97b829038d51c87fe300ab6ac8e854efb485ebf051f7928ad7c6b218e073d900 Loading...

	#49 Eval - c1c5ce79ccd6a162f2a7b0e1f7ff8863	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash c1c5ce79ccd6a162f2a7b0e1f7ff8863 bb8f057726408cee7fbdbbcba0f1412391b56206 87be8eb5c7696ceaa4708480fa74889d2493c0723084f9b0a7c461b3be870910 Loading...

	#50 Eval - 3a46db60e92b4e2cbb6221eb8297b293	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 3a46db60e92b4e2cbb6221eb8297b293 e74fea4965576baba965d633dd5e9fd1139ed5a7 ad5bc53fcce651e5551ef50b46590aaaababa66dabad0a274a82f46a8db6e239 Loading...

	#51 Eval - b7dddde14881e6437541563d2a1c692f	85 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash b7dddde14881e6437541563d2a1c692f 1c23e5428ae97fee424e97490b04566307d96568 960a1ce06a687e502972307511ba7c7ffc2efa98af52b1984415a1bd7cbec116 Loading...

	#52 Eval - 0afec5a638f9838430408caed94a4208	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 0afec5a638f9838430408caed94a4208 7e64d69b96adef0c6398c7f2e439294e8bca5cb1 c64736bd279cb29a4d624025b9f6fe887a2c3c6c9a278e3d5db22eecb68d12ba Loading...

	#53 Eval - a20230f6394aab1f99f34ff54c5e230d	136 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a20230f6394aab1f99f34ff54c5e230d b358f22d7ffb7b8238848f01806e6dcc1673577b aa2b8b8c5144f2fbfe7b08bbab552cd4f1dcb5603de0ec59b4724e27973fb493 Loading...

	#54 Eval - 4cf26273edb31ba33451801da2315eaf	86 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 4cf26273edb31ba33451801da2315eaf ae9d011ee92298b8450d39b6e95f4cf46b81da63 f74a0f07f35ce720d19e06b96d16d0b366c1563b80fbba36636f0de86023db49 Loading...

	#55 Eval - fc13cf4c7d1314db4a4eceb301a7455f	124 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:54:00 Times Seen4 Hash fc13cf4c7d1314db4a4eceb301a7455f 5d6e9ea8e4cdf77296170c0610da6d8240280a32 fe1d3bd6a7d18eec6383a2fcdefee8051009c2e0348e636ee0376fc6290f306b Loading...

	#56 Eval - 2a6678910310e5ff65f64b52a434d1fc	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 2a6678910310e5ff65f64b52a434d1fc 8b570c52da076b4414416589d6faeafd75c27a46 abd1a29e10277e55453e7cd98169538787d14205deef4b8e4b8bd4cabf079843 Loading...

	#57 Eval - b3980b28ce83f3b6a7f5dda3871d5706	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash b3980b28ce83f3b6a7f5dda3871d5706 92415bdf402224712d5559897a3420a2c62e6b5d 45dd79403b47a170bba397edb3e05298a676d17de159da0c49ec6a241f3d8a62 Loading...

	#58 Eval - 8119bd9b7c870211934c6d44de8510d9	481 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8119bd9b7c870211934c6d44de8510d9 abc5b808ed11d08818dd047cc81b191fe6b35be5 29672ec2833e5638671699664918a17cb2f8ef6c24c7e95f317f191eb2a734d7 Loading...

	#59 Eval - f38252bb1af46ad7ba6c5906ac7a33cd	196 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash f38252bb1af46ad7ba6c5906ac7a33cd ab90c50c752e40d37143692a50010dcb5826d359 1f50cb6f9ff55ae43ae2853c0863d681dd058d1e4f9c949b9900a9ac8c6b774f Loading...

	#60 Eval - c140d3873d4258873a3a28967ec673cc	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash c140d3873d4258873a3a28967ec673cc 042de2cdc4b20f8e4ff83461da5345eef797be2f d357a4a08ac5665d86654cfbe8060448643637b0762e15fafd88677f82cd0509 Loading...

	#61 Eval - a48e44e37a0ed35c9f9679e7a10067ff	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a48e44e37a0ed35c9f9679e7a10067ff 29ac644462a602a8e583e3b880fcbcf5921174ce d82f8b1c19320143b113106f113e12e11eaf02d572553c08828af6308cd6a8af Loading...

	#62 Eval - f8a3d3857c0ce4fc6a8271e6a1998892	138 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash f8a3d3857c0ce4fc6a8271e6a1998892 19f7a52849794485b399f9e67589c10807ec17eb 970c21e7b7ab3e6222aedaf15a05861f5fe8a15505066c7c53489164b3404976 Loading...

	#63 Eval - 0d274c21bf7b98c0cbb3a5b400422f28	172 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-14 19:59:59 Times Seen1 Hash 0d274c21bf7b98c0cbb3a5b400422f28 326cfcba912ba888c4234b08d1bc72e661fa82ca 372a47d4bcf5c10be3bf46a79adcf93a61c8c67dbfb7a756c038534f759b5ad1 Loading...

	#64 Eval - 8152aac726206c3c16fad969d0e32edc	645 B	2023-03-07	2023-10-18
Pretty Observations First Seen2023-03-07 12:04:35 Last Seen2023-10-18 15:14:31 Times Seen314 Hash 8152aac726206c3c16fad969d0e32edc 29168ef0bb722d5e411252582f2f5d5afe959f77 38f3c6ed5edf9b2b0e4e6fa7f1afb2dd77d61226c59e8fa6e896fc06aa6cbfbc Loading...

	#65 Eval - 7f04aaabe9a481f2e32ed9b0dad793e4	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 7f04aaabe9a481f2e32ed9b0dad793e4 a6b4d3c3fb325b82ddafc8b0cee9a5b258cf10c1 9877c5059d159d3a2189b54d05a20605fee72339bfc071006d11e4134a495202 Loading...

	#66 Eval - 5fc9fbc5a393071577dfa35c8790e2c9	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 5fc9fbc5a393071577dfa35c8790e2c9 137bd9179d909412e086baca67a74693ea416919 dc8ae8a67a5b5334e5f6daa72ed35acb9a8d4e5c59011873285c9ae05bd14715 Loading...

	#67 Eval - 5b8306addd37d7765db5103189ff456c	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 5b8306addd37d7765db5103189ff456c e977ae06734bddd1b515cc99e6468ff467a7098a 3edce4ca2c15de45bc58d605e6a9abf05f12278ea9cfbb1def261b7fd2dba1a1 Loading...

	#68 Eval - adc3b0af7e7a1389d4e0ec70e4d0f412	124 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash adc3b0af7e7a1389d4e0ec70e4d0f412 60fcd081bb0edeb0b512cfbaf19db8bc83c5039b 06536f663928ebf2a0f137dd7c506c0b2fdd5cb536ddc6b26737a48b77e93998 Loading...

	#69 Eval - d23771e9b5e8d2d72ad226d3d0da5ca1	114 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash d23771e9b5e8d2d72ad226d3d0da5ca1 17f9c244f9626dde084adac9894665f3502b282d f542ff366a2985daaa4dcaae3c1ac13fc6fce19c066b80b3f893cfe9f28e822a Loading...

	#70 Eval - 915c9f2a88be65821dbae8e767388400	197 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 915c9f2a88be65821dbae8e767388400 13891aa81307a2064599eb9d425291f6fdcee2c1 ee07f5998d90cd538705ab2419aba824a40cbac066ce031cd5d9e77abdc0cb65 Loading...

	#71 Eval - ea855cb36d6681a38656a3304bfe15e2	108 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ea855cb36d6681a38656a3304bfe15e2 60baac2630ac90643c083c714458e8ece6d56493 45a116bd9b804f927696f116e075e6ee59d09edabf987c47801f84c65aae6c91 Loading...

	#72 Eval - 8a1e66f21292ecbf36fe6a0136e9d560	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8a1e66f21292ecbf36fe6a0136e9d560 60d6213b9c23582cd72c96465a2954a88610674c 6e9d44c7388257d314532983baff8ef140cec9c336a1399787485138480ec589 Loading...

	#73 Eval - a16974ea4ac375211767d50e71c71d36	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a16974ea4ac375211767d50e71c71d36 ff5496a41a4208d65189c8eed37f39aa3263b3de dfdfe7abd958b9ffd6777cffae3328e74fdd3211bad8a32524eb76ea827e9b5d Loading...

	#74 Eval - 1aa43fcf797e0f80e81493871304fc56	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 1aa43fcf797e0f80e81493871304fc56 174c6067900bb8b8a0affeed36e7518a36c9c0ee 1dfd5cf3800c921ce486ff9ddbfc1af097248a2a209220e542c5a0d752050abc Loading...

	#75 Eval - d53ab2662ff7fb9101dfd624e11550c7	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash d53ab2662ff7fb9101dfd624e11550c7 4f325596e410a7a944739784396a4a2276f77dcb 4514b65927d2ea2ffd137d7c201268db1f2932912863a6976d8e8ee7ab7c7de4 Loading...

	#76 Eval - 692b9a2d6eb3ceb221f74872db7e3c5f	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 692b9a2d6eb3ceb221f74872db7e3c5f ea8d289d90c6ddb7fda1a8b641fd7585a4ea27d0 ddf3e59e52a0c2225676c83eb0fb38d5ef30a6dca0375cf12fe1a29b0e0b90a9 Loading...

	#77 Eval - 6665c318b4d8b932ef2061461b931ed6	136 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 6665c318b4d8b932ef2061461b931ed6 7121b466995ed450cde24fd21e07a499647d2c8e 3746218d3bdf30209078b4aa7983f2eb07448b11ae6d47e49446ab036d63c3b6 Loading...

	#78 Eval - ce01dc894b8d3ac82a44266c235575c5	196 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ce01dc894b8d3ac82a44266c235575c5 40a51cb3b893114bcf6d941596c50b17c110632c 6de6d66be9af47a58faea809d8c496b189ff3dd55c8e996ad67f42d86074cc63 Loading...

	#79 Eval - c220381a1699481b4c63104900695f2a	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash c220381a1699481b4c63104900695f2a 74072faa40af63dde11a759101feca3fa9e53165 c82899bed50ff4b066d2f9ca0e676a4d6c76376d31cc1754f03938f47c49f433 Loading...

	#80 Eval - 1e14982cc7a2cc837cd65dcc4b243a5d	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 1e14982cc7a2cc837cd65dcc4b243a5d 9bdd426d7b2871c8f8d59ad205fa7020feb1efe2 c41f3e488fe9890f02421f2e761b977a674958d4cda4cba713ec6ab4b9da9362 Loading...

	#81 Eval - 3543c05ddcf232571252daa716920b8f	107 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 3543c05ddcf232571252daa716920b8f 9f0844af766c91490f0eb54bf776e75eeece6e99 9826c00d835f07b2fc9cc0320f48a8777d58b0120f5dad310c767bb9f3c28c6d Loading...

	#82 Eval - ef3172a8d4eda8ab47faf1c4e3211994	170 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ef3172a8d4eda8ab47faf1c4e3211994 1c163158e20e6d998f309fb828f57fd0e6752792 4f7f6eb560e827cac4f0d2243c88ea4bd1e5285181444df4a0ea0184f7cec529 Loading...

	#83 Eval - c6894d2dc9959e2af8ddc664d41947e1	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash c6894d2dc9959e2af8ddc664d41947e1 a433b3b604f19a864f417249decd23e51d1c065c 82155e6e97b4af69f0cc8ad5a6f1aa69ff6718de3a82b8ebfd104438205aaeb6 Loading...

	#84 Eval - ea9c9404b2e091be72f1ce3115db7b6d	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ea9c9404b2e091be72f1ce3115db7b6d e78ac9c546dd117f99c241707ce02a025be76842 a3fb585118875e7ef989d048cb240dc645b7c6e4ddad3b599f47eda85ab6e077 Loading...

	#85 Eval - f6d30dc6c67b08d0490e4678ad6ae9ed	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash f6d30dc6c67b08d0490e4678ad6ae9ed ffde9e3f235f4b8ac61e020e92f3b6465a98e325 bd55a7f57591df287ee397998ca31eb131722b047624358549fa627560af3b28 Loading...

	#86 Eval - 9b645f0b9f5e66383ba292b223e640fc	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 9b645f0b9f5e66383ba292b223e640fc 492f9538b0d438e7f33455e1faba482aac28bdc9 0e7021ef2a53613b0b437a8bf226aa0f17eaa531958aad1375d62a9486ea1f96 Loading...

	#87 Eval - 1b8d800f81b4c361c873fcdbe7b9c108	122 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 1b8d800f81b4c361c873fcdbe7b9c108 4fd28e374c617c702c17d4f86df380725ffd2992 0e803317c10ccb5c87fbdbd91f869516f42e42b0203e926fd329bfacc914ff2c Loading...

	#88 Eval - 1129c6b7073182f4f28a605db7a8b1ae	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 1129c6b7073182f4f28a605db7a8b1ae 468f87c92796c7fa87d0329a3289fb9f1dd55df8 33101ae4058105ae8fbe7aa648fb657477df64d4d360a0eb06860a77edd9a097 Loading...

	#89 Eval - 9273e37c341c5f675d7819e5cc0e29f9	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 9273e37c341c5f675d7819e5cc0e29f9 4b1f9a0d25e202430c0c95ec6fab98eba5e686aa 2a2731e6215cb517b2822ddc524639e123a21e6953d458e59bd69953902feffd Loading...

	#90 Eval - 619f0e8570c26947aa6abfd1c31b7bce	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 619f0e8570c26947aa6abfd1c31b7bce a1e067cb358d4264871b06bee5c96d23bae19fdc b88573ab8e6ed11643ca83f781611f5c9b93f4e0f021942bd139d66bdc4fbc29 Loading...

	#91 Eval - c7170c7a554f99fd87c55c05dcfc31b7	124 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash c7170c7a554f99fd87c55c05dcfc31b7 b117097883c1d05e6144234e178bafd2fd66ee24 b483ead6657271b2b30855c8c0faad1bb6b6e62a8376b26d168cd7815bd218b2 Loading...

HTTP Transactions (79)

URL IP Response Size

inoradde.com/4/4292615/

139.45.197.238

200 OK

606 B

URL HTTP/1.1
inoradde.com/4/4292615/
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
606 B (606 bytes)
Hash
e87e6ecd4925d364f724fe2863ed3df3
33f24ac68f01cce928b7d19a45223e0bd182e8b7
0807e484428284c79044d0048fa446ce6d9ba35e66f68e08078fd18e5055a1c2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/4292615/ HTTP/1.1
Host: inoradde.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 03:59:26 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 2dc7e2ad9fe98b3e3b2b000dd65ade19
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://ntrfr.leovegas.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=854d10887dfb4d9bbbb9dc72c2b4eeef; expires=Wed, 06 Dec 2023 03:59:26 GMT; path=/
oaidts=1670299166; expires=Wed, 06 Dec 2023 03:59:26 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2764
Expires: Tue, 06 Dec 2022 04:45:30 GMT
Date: Tue, 06 Dec 2022 03:59:26 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2243
Cache-Control: max-age=112156
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:26 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:08:42 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5823
Expires: Tue, 06 Dec 2022 05:36:29 GMT
Date: Tue, 06 Dec 2022 03:59:26 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 03:20:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2345
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Cko+3nCTn340udcJMGS32EtZ9ZIBppvscV6imv5qFMLwnDHElfqWd/aTS+oJRBDSjelYseznhRM=
x-amz-request-id: K07QER9EB9SBE4NT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 03:48:46 GMT
age: 640
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 03:59:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
feada0c59c0eaab85490c6c8a7bcdd19
067889598d6125a945f0f7815a03328b62e9d139
18d3562684c32ed7b8d7cf02c853d8f1f08bf1074151891d9b756d14fdddfa1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18D3562684C32ED7B8D7CF02C853D8F1F08BF1074151891D9B756D14FDDDFA1F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5450
Expires: Tue, 06 Dec 2022 05:30:16 GMT
Date: Tue, 06 Dec 2022 03:59:26 GMT
Connection: keep-alive

inoradde.com/favicon.ico

139.45.197.238

204 No Content

0 B

URL HTTP/1.1
inoradde.com/favicon.ico
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: inoradde.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=854d10887dfb4d9bbbb9dc72c2b4eeef; oaidts=1670299166

HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 06 Dec 2022 03:59:26 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

my.rtmark.net/img.gif?f=merge&userId=854d10887dfb4d9bbbb9dc72c2b4eeef

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=854d10887dfb4d9bbbb9dc72c2b4eeef
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

POST /img.gif?f=merge&userId=854d10887dfb4d9bbbb9dc72c2b4eeef HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 03:59:26 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=854d10887dfb4d9bbbb9dc72c2b4eeef; expires=Wed, 06 Dec 2023 03:59:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ntrfr.leovegas.com/redirect.aspx?pid=3748557&bid=13362&rdk=rk1

95.101.10.168

307 Temporary Redirect

0 B

URL HTTP/2
ntrfr.leovegas.com/redirect.aspx?pid=3748557&bid=13362&rdk=rk1
IP
95.101.10.168:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=3748557&bid=13362&rdk=rk1 HTTP/1.1
Host: ntrfr.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://promo.leovegas.com/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Tue, 06 Dec 2022 03:59:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Dec 2022 03:59:26 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; SameSite=None;; domain=.leovegas.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; domain=.leovegas.com; expires=Thu, 06-Dec-3021 03:59:26 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=53, origin; dur=36
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 03:11:20 GMT
cache-control: public,max-age=3600
age: 2886
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4a96cab91864ceab7fd753917fd0a9eb
4d12a4a85ac19d3e951e19dacb55d7264b02e8c5
19c446681b5229c4dc010d36c154328802a4bbb49bb454e168dabfe1553609fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "19C446681B5229C4DC010D36C154328802A4BBB49BB454E168DABFE1553609FA"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12760
Expires: Tue, 06 Dec 2022 07:32:07 GMT
Date: Tue, 06 Dec 2022 03:59:27 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2222
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:27 GMT
Last-Modified: Tue, 06 Dec 2022 03:22:25 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

promo.leovegas.com/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362

34.159.75.132

301 Moved Permanently

32 B

URL HTTP/2
promo.leovegas.com/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with no line terminators
Size
32 B (32 bytes)
Hash
39dacc1839fbc93e31c1d2d53217a24c
bab0715449a8c2d79b67b5fa7f7d464f774fb77d
391c5184370e9aa51e55f54f79e9cb518cabbdf1d0806db6a832f38b9364b28b

HTTP Headers

GET /mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362 HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
age: 0
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: text/plain; charset=utf-8
date: Tue, 06 Dec 2022 03:59:27 GMT
location: /no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAE8CG3M8AZTG4QYJMP7
x-xss-protection: 1; mode=block
content-length: 32
X-Firefox-Spdy: h2

promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362

34.159.75.132

200 OK

16 kB

URL HTTP/2
promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6578)
Size
16 kB (16385 bytes)
Hash
2b0ae82eb4e6737975bd2d7e26b18c94
fe34affac3567563b4ea1750515afe501b171d5e
d3d91a70292603a2cff12cbbc42fe456d37f0bdcad28c58b003baaea5a2ca3c5

HTTP Headers

GET /no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362 HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
age: 35599
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 18:06:09 GMT
etag: "67822a40934479402c5bf2b45514a010-ssl-df"
link: </webpack-runtime.js>; rel=preload; as=script, </framework.js>; rel=preload; as=script, </dc6a8720040df98778fe970bf6c000a41750d3ae.js>; rel=preload; as=script, </app.js>; rel=preload; as=script, </47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js>; rel=preload; as=script, </7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js>; rel=preload; as=script, </ff324cc4fcad5c37469103212758a68962a91703.js>; rel=preload; as=script, </8e399fed3a6b1522e3959e34b00067a9519e807d.js>; rel=preload; as=script, </05901c0cdc340371e5e64de460e805993147c75a.js>; rel=preload; as=script, </component---src-templates-leo-universe-index-jsx.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/no/mc-livecasino/page-data.json>; rel=preload; as=fetch; crossorigin
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAM0VWDR6ZRXM27FA6FG
x-xss-protection: 1; mode=block
content-length: 16385
X-Firefox-Spdy: h2

promo.leovegas.com/webpack-runtime.js

34.159.75.132

200 OK

1.4 kB

URL HTTP/2
promo.leovegas.com/webpack-runtime.js
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (2978)
Size
1.4 kB (1432 bytes)
Hash
fc6275e91b83fb1861d667aff0bd5ab2
64cede2d4178f82eb8a11cb2b32706cef16f601e
98003f07ca794236c4b933ef2bbe37c75a8b0748912ad4e967886a4915625b89

HTTP Headers

GET /webpack-runtime.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 27643
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 20:18:44 GMT
etag: "d50f19024fb972e823cb9cedda51d294-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAPVD37G1X33HP1EC8DN
x-xss-protection: 1; mode=block
content-length: 1432
X-Firefox-Spdy: h2

promo.leovegas.com/framework.js

34.159.75.132

200 OK

40 kB

URL HTTP/2
promo.leovegas.com/framework.js
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65469)
Size
40 kB (40243 bytes)
Hash
167ec0d46f57fb00494a84e783c5c5e4
47601f21c3974edb503b0509143978b64049affb
6d95d63d1bfca8c205c2f6d4487c9bc63c5b229b2abb3d8b14ca25bed949ec4b

HTTP Headers

GET /framework.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 27643
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 20:18:44 GMT
etag: "3e379ad990653adc04137a3854730ff5-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAPWG9G19TZRJJ318SW8
x-xss-protection: 1; mode=block
content-length: 40243
X-Firefox-Spdy: h2

promo.leovegas.com/47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js

34.159.75.132

200 OK

6.2 kB

URL HTTP/2
promo.leovegas.com/47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (16666)
Size
6.2 kB (6218 bytes)
Hash
5c4e7e14f8659373e45400cf68c97a41
a2df475919893462415902ab0da086acc4f77033
58b06d80fbd4927e361ce301821f790c35782282eb6943dc9ce6b786ec63b352

HTTP Headers

GET /47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 27643
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 20:18:44 GMT
etag: "eea2c190fa6c75b8568cff2969365888-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAQ1203WPJ6T12X4F4NS
x-xss-protection: 1; mode=block
content-length: 6218
X-Firefox-Spdy: h2

promo.leovegas.com/app.js

34.159.75.132

200 OK

15 kB

URL HTTP/2
promo.leovegas.com/app.js
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (51500)
Size
15 kB (14841 bytes)
Hash
ec592e8e4f9763adef6b0b99b3cd7b0e
01d801875af7b18e8192078e990957b880191d03
962058ff21e777eb4c6aa82fbfc08c07aaab0a154ba037be60b82ddbcfcff9f0

HTTP Headers

GET /app.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 27643
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 20:18:44 GMT
etag: "efc56438502dc0b09b588bf8cc771969-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAQ05TFV58CVSQ46QZFS
x-xss-protection: 1; mode=block
content-length: 14841
X-Firefox-Spdy: h2

promo.leovegas.com/dc6a8720040df98778fe970bf6c000a41750d3ae.js

34.159.75.132

200 OK

4.2 kB

URL HTTP/2
promo.leovegas.com/dc6a8720040df98778fe970bf6c000a41750d3ae.js
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (11901)
Size
4.2 kB (4159 bytes)
Hash
bdd2aabfa66e96632039b2b607303c00
10a2e1d4f025f11bec61554fbd05cae1a44e6815
2a6d67c657a631152b3370590574a1fc84e28c01a1585104d85a2ac37860e876

HTTP Headers

GET /dc6a8720040df98778fe970bf6c000a41750d3ae.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 27643
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 20:18:44 GMT
etag: "12d1763d5f10d67e3fe2f9f00b96b2e8-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAQ0MW20RGF80WYJ67PB
x-xss-protection: 1; mode=block
content-length: 4159
X-Firefox-Spdy: h2

promo.leovegas.com/7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js

34.159.75.132

200 OK

2.9 kB

URL HTTP/2
promo.leovegas.com/7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (6980)
Size
2.9 kB (2937 bytes)
Hash
4befa7048021cd47bd7c590f8219a114
77130fee3b5db4ff69ac115ba6392d9fbb8158a6
ddb556400e35de0261e5bf2d35dbf9d494d203f570c05d88d61f580f9c7ccfa0

HTTP Headers

GET /7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 27643
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 20:18:44 GMT
etag: "a6e0802faefeef3a99043c2daddd096f-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAQ2PR8DP6QTG5FC6AS8
x-xss-protection: 1; mode=block
content-length: 2937
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

promo.leovegas.com/component---src-templates-leo-universe-index-jsx.js

34.159.75.132

200 OK

2.4 kB

URL HTTP/2
promo.leovegas.com/component---src-templates-leo-universe-index-jsx.js
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (5773)
Size
2.4 kB (2414 bytes)
Hash
c57f16f798f8bc3c281b33d6b29ab370
3608bcc2dfdd1261e8c6cd9bf43067a46c2fd8cf
337ee0d4a4c804aa58d7681b79a7e25f01d1b2d29de515ba3c6295632cdee006

HTTP Headers

GET /component---src-templates-leo-universe-index-jsx.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 27643
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 20:18:44 GMT
etag: "79b5cfeb3602b5f1350c673c66c0d012-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAQ4PJP6E5R0RYMXY8ZY
x-xss-protection: 1; mode=block
content-length: 2414
X-Firefox-Spdy: h2

promo.leovegas.com/page-data/sq/d/2280590532.json

34.159.75.132

200 OK

2.0 kB

URL HTTP/2
promo.leovegas.com/page-data/sq/d/2280590532.json
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , ASCII text, with very long lines (13497), with no line terminators
Size
2.0 kB (1967 bytes)
Hash
e22316dbcf2a47b859c058ac09cd0af6
72d3c497ba01bd8c00e6a29d86eee932d0f3387f
33e0c22a52a4bc9902444b40a46512265ac381ca0092ccadfe820149a9b107cb

HTTP Headers

GET /page-data/sq/d/2280590532.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 35455
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Mon, 05 Dec 2022 18:08:32 GMT
etag: "c3d3020a60483e49003046575338d2ec-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAQVC2072RHH046SC8F3
x-xss-protection: 1; mode=block
content-length: 1967
X-Firefox-Spdy: h2

promo.leovegas.com/page-data/app-data.json

34.159.75.132

200 OK

50 B

URL HTTP/2
promo.leovegas.com/page-data/app-data.json
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , ASCII text
Size
50 B (50 bytes)
Hash
26bbc30fb95a59f85a4c4ea44452a800
26ce9c4a4cccd5400d9d6661a8129ba9d90bba28
f813c77f52799503d269af274d016ca0ccb1704c7d08fd408f5f0c31d1cb992c

HTTP Headers

GET /page-data/app-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 35455
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Mon, 05 Dec 2022 18:08:32 GMT
etag: "f610b5b94695f446d38a29bb24af70cb-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAQV4F274QN5Y2RW207T
x-xss-protection: 1; mode=block
content-length: 50
X-Firefox-Spdy: h2

promo.leovegas.com/8e399fed3a6b1522e3959e34b00067a9519e807d.js

34.159.75.132

200 OK

33 kB

URL HTTP/2
promo.leovegas.com/8e399fed3a6b1522e3959e34b00067a9519e807d.js
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65536), with no line terminators
Size
33 kB (33010 bytes)
Hash
464e51d8049dceec3f4ba74d397009d9
843aba9ccf65310a3656f849667c09c73cf7e2eb
3fb00de7e29f0471f9c3debd72685ae639ba102e6fdef3e40edcd763977bd034

HTTP Headers

GET /8e399fed3a6b1522e3959e34b00067a9519e807d.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 27643
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 20:18:44 GMT
etag: "1a90c3703ecfdf94ffc928c21cf5a9be-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAQ39SPBT2N9NRC02EJ8
x-xss-protection: 1; mode=block
content-length: 33010
X-Firefox-Spdy: h2

promo.leovegas.com/ff324cc4fcad5c37469103212758a68962a91703.js

34.159.75.132

200 OK

100 kB

URL HTTP/2
promo.leovegas.com/ff324cc4fcad5c37469103212758a68962a91703.js
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (65236)
Size
100 kB (100094 bytes)
Hash
ad88f25650fae49a89fdea1db069a4b8
945d798c5c411c31717244ac1e79877005511e86
859f0841a883e48ffed94f52e3fa2b98a32f62105033550705d2ccd9a7e12056

HTTP Headers

GET /ff324cc4fcad5c37469103212758a68962a91703.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 27643
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 20:18:44 GMT
etag: "33dd56650a8aed1c381ced478717e4b1-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAQ2PN9SM26WHF12P1Z5
x-xss-protection: 1; mode=block
content-length: 100094
X-Firefox-Spdy: h2

promo.leovegas.com/05901c0cdc340371e5e64de460e805993147c75a.js

34.159.75.132

200 OK

46 kB

URL HTTP/2
promo.leovegas.com/05901c0cdc340371e5e64de460e805993147c75a.js
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65438)
Size
46 kB (46547 bytes)
Hash
44deeb76a98ab386414deb34d45028c0
24954a1197a9ad874069f66729f0478b7e708b6c
9c5bb1b1fa4bfa6b160707e53e54c5634b45effc8d9a2ec4b4e143fc8aa6101e

HTTP Headers

GET /05901c0cdc340371e5e64de460e805993147c75a.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 27643
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 20:18:44 GMT
etag: "755b1d2e18b38895cd0871f0a1973e3d-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAQ3CFBBZR0HGRDSQT9Q
x-xss-protection: 1; mode=block
content-length: 46547
X-Firefox-Spdy: h2

promo.leovegas.com/page-data/no/mc-livecasino/page-data.json

34.159.75.132

200 OK

8.6 kB

URL HTTP/2
promo.leovegas.com/page-data/no/mc-livecasino/page-data.json
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (24270), with no line terminators
Size
8.6 kB (8566 bytes)
Hash
443da80a18079443a88af2a536cbf82c
e9a66d635df402b52f00515f6eae01097544fa2e
52fe0ff6c2c2c29b4818260acb0b1eb3786b2093eb6c48c418d62ff4f1108cdf

HTTP Headers

GET /page-data/no/mc-livecasino/page-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 35598
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Mon, 05 Dec 2022 18:06:09 GMT
etag: "e2f99e4bcb86868a0950cbca18f9033b-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAQVW296P4KG8RZSNPGT
x-xss-protection: 1; mode=block
content-length: 8566
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.13.173.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.13.173.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J6mufwpNZs0Bg9w0Hs7mHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qz17yzV5IiVAfs3OuusoAnWTvKo=

promo.leovegas.com/page-data/app-data.json

34.159.75.132

200 OK

50 B

URL HTTP/2
promo.leovegas.com/page-data/app-data.json
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , ASCII text
Size
50 B (50 bytes)
Hash
26bbc30fb95a59f85a4c4ea44452a800
26ce9c4a4cccd5400d9d6661a8129ba9d90bba28
f813c77f52799503d269af274d016ca0ccb1704c7d08fd408f5f0c31d1cb992c

HTTP Headers

GET /page-data/app-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 35455
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Mon, 05 Dec 2022 18:08:32 GMT
etag: "f610b5b94695f446d38a29bb24af70cb-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAT7639YFQVNCEHPMWT1
x-xss-protection: 1; mode=block
content-length: 50
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bc66712bf7cfcafa6a676acb3481c717
3c85e336710d494ab06c582bc80bc43a45e110f4
3b6214c10bdaa4c49074893c081ddbbec3ff7a25b6a58eb21b2adfbc8144a266

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4340
Cache-Control: max-age=108086
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:27 GMT
Etag: "638db061-1d7"
Expires: Wed, 07 Dec 2022 10:00:53 GMT
Last-Modified: Mon, 05 Dec 2022 08:48:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

promo.leovegas.com/page-data/no/mc-livecasino/page-data.json

34.159.75.132

304 Not Modified

0 B

URL HTTP/2
promo.leovegas.com/page-data/no/mc-livecasino/page-data.json
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /page-data/no/mc-livecasino/page-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: "e2f99e4bcb86868a0950cbca18f9033b-ssl-df"
TE: trailers

HTTP/2 304 Not Modified
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Dec 2022 03:59:27 GMT
etag: "e2f99e4bcb86868a0950cbca18f9033b-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GKJSDAW3RJRQT8YPTPEQC10Y
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 462333
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 462312
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

216.58.207.227

200 OK

33 kB

URL HTTP/2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Size
33 kB (32860 bytes)
Hash
d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536

HTTP Headers

GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 01:48:55 GMT
expires: Mon, 04 Dec 2023 01:48:55 GMT
cache-control: public, max-age=31536000
age: 180632
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bc66712bf7cfcafa6a676acb3481c717
3c85e336710d494ab06c582bc80bc43a45e110f4
3b6214c10bdaa4c49074893c081ddbbec3ff7a25b6a58eb21b2adfbc8144a266

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4340
Cache-Control: max-age=108086
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:27 GMT
Etag: "638db061-1d7"
Expires: Wed, 07 Dec 2022 10:00:53 GMT
Last-Modified: Mon, 05 Dec 2022 08:48:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD

34.107.236.224

200 OK

94 kB

URL HTTP/2
sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD
IP
34.107.236.224:0
ASN
#15169 GOOGLE

File type
data
Size
94 kB (94289 bytes)
Hash
ed9995e5c4de8eaa12a52b039ec49bef
8def2ae63d8520452c0de5f2e6c8df22ae25552a
1e4b88637bdbeaf66f89b3e80c2cc596069e1d806b7d53f6a6d8441c8f058973

HTTP Headers

GET /gtm.js?id=GTM-WGS5KD HTTP/1.1
Host: sgtm.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.23.2
date: Tue, 06 Dec 2022 03:59:27 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=900
expires: Tue, 06 Dec 2022 04:14:09 GMT
last-modified: Tue, 06 Dec 2022 03:00:00 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

promo.leovegas.com/favicons/apple-touch-icon-180x180.png

34.159.75.132

200 OK

39 kB

URL HTTP/2
promo.leovegas.com/favicons/apple-touch-icon-180x180.png
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
39 kB (39348 bytes)
Hash
1d677d2696a6decac62f6ae6702110e6
330819e2d40298fe76abf3b0a5b94365e48f043e
80ffeb0c1602f33c10915cee07509fd9bc89368bb7d423cd586c684aed55ce0a

HTTP Headers

GET /favicons/apple-touch-icon-180x180.png HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 35327
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: image/png
date: Mon, 05 Dec 2022 18:10:40 GMT
etag: "f615bc63b95404cf50521990d16061da-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAZTD73S7TFCH5X9STB7
x-xss-protection: 1; mode=block
content-length: 39348
X-Firefox-Spdy: h2

promo.leovegas.com/favicons/favicon-16x16.png

34.159.75.132

200 OK

950 B

URL HTTP/2
promo.leovegas.com/favicons/favicon-16x16.png
IP
34.159.75.132:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
950 B (950 bytes)
Hash
a4d8c288ccfff5eed3db7050117eb6a5
4873ff662ffd8fed661fac12bf2edb25188a2d4e
710d82b385bbc48af160251f0b4444b7065d8bc6df0afaaa13fbf2e04356fe0d

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670292828.1.0.1670292835.0.0.0; _ga=GA1.2.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjpmYWxzZX0=; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 34043
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: image/png
date: Mon, 05 Dec 2022 18:32:04 GMT
etag: "6208a9cbcd043a27a0542191e11cd3e4-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJSDAZTCAZGWWT4D24HVXRG
x-xss-protection: 1; mode=block
content-length: 950
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/gtm/optimize.js?id=OPT-K5XRHTM

142.250.74.110

200 OK

47 kB

URL HTTP/2
www.google-analytics.com/gtm/optimize.js?id=OPT-K5XRHTM
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2698)
Size
47 kB (46839 bytes)
Hash
c3a81b71bf7a5325c16533ca531b34d2
c5306cc3d91a983c654958fd9dc6ab508b38c424
47e6e6a9ffca5358fd5fc2a0674855619ee76c73682f94240f4907ecba3346b1

HTTP Headers

GET /gtm/optimize.js?id=OPT-K5XRHTM HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 03:59:27 GMT
expires: Tue, 06 Dec 2022 03:59:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

script.hotjar.com/modules.d53d96d4fefc0e537bd8.js

143.204.55.68

200 OK

69 kB

URL HTTP/2
script.hotjar.com/modules.d53d96d4fefc0e537bd8.js
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
69 kB (68700 bytes)
Hash
6f3e85a9867f8c1e87f393ee1344782f
9a3e0b1e33cd0bca903fbdb82e43aa71ec23d165
80cf78eadecdac25834fa2be80c9a96f5eba43069c0295d800ec8d14123f7fba

HTTP Headers

GET /modules.d53d96d4fefc0e537bd8.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68700
date: Mon, 05 Dec 2022 14:58:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "6f3e85a9867f8c1e87f393ee1344782f"
last-modified: Mon, 05 Dec 2022 14:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TMo0URd-rDWaG0BcwQxpmN1kBSxj2w2tYIBhyr7-tAe2GNaDEbUCoQ==
age: 46881
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-380080.js?sv=7

143.204.55.54

200 OK

78 kB

URL HTTP/2
static.hotjar.com/c/hotjar-380080.js?sv=7
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
data
Size
78 kB (78107 bytes)
Hash
bec50fd93de1652fecd84c43761ac750
85f1824d2074bc3a9847dc5ee162de51e3dcbb42
4a7762a8244c25b988572f7c6e765cbbff57a6d88223a408f5d6140bc0c565de

HTTP Headers

GET /c/hotjar-380080.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 03:58:42 GMT
cache-control: max-age=60
etag: W/789519ecdbae8dc663b18295412ebba7
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Qit1KVHyvhceiyyAURBb-c8yp7qeQmwwNU9vUDSJ9bMnYQvD44O4Mw==
age: 45
X-Firefox-Spdy: h2

vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

143.204.55.118

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
143.204.55.118:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d

HTTP Headers

GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LSNtpX8paOpsno-WKiCaC2leitjYNlZ4hbHR6DiW0yrO3HomM6_b4g==
age: 1090162
X-Firefox-Spdy: h2

vc.hotjar.io/sessions/380080?s=0.25&r=0.08147389666193716

54.230.111.91

204 No Content

20 kB

URL HTTP/2
vc.hotjar.io/sessions/380080?s=0.25&r=0.08147389666193716
IP
54.230.111.91:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from Unix\012- data
Size
20 kB (20072 bytes)
Hash
20b960c6754993b9de987b955a09ae54
702d246038b2d92584f56a7cff4ec23803c043f2
ec17f7b91e257be50c2482a2af1f966d195c9a0a8f63a3fcd3ca5907b273c296

HTTP Headers

GET /sessions/380080?s=0.25&r=0.08147389666193716 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.leovegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Tue, 06 Dec 2022 03:59:28 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5tNyof0cmb6WMBT3mjonLFO1URKIpU_JxyU_EqaWhFKtHHNmratVmw==
X-Firefox-Spdy: h2

images.ctfassets.net/kijvoxi4q0zn/2iAjKx7BVB0peDlsYR6ZWZ/25d3852a638962f07b3a309c578fb221/LV_LP_desktop_LiveCasino_LPupdate_NO_Affiliates_D90196_RF_102022.jpg?w=1920&h=1080&q=50&fm=webp

54.230.111.77

200 OK

94 kB

URL HTTP/2
images.ctfassets.net/kijvoxi4q0zn/2iAjKx7BVB0peDlsYR6ZWZ/25d3852a638962f07b3a309c578fb221/LV_LP_desktop_LiveCasino_LPupdate_NO_Affiliates_D90196_RF_102022.jpg?w=1920&h=1080&q=50&fm=webp
IP
54.230.111.77:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
94 kB (93882 bytes)
Hash
7ae24e8aa6154835684d65e7a288af63
470b516dc32dd2cf03260e98a56ee035479bfd80
5daea65e65c03202b0aa2ca21fadab1ea769abe71de3b0ae294f9fc803b04122

HTTP Headers

GET /kijvoxi4q0zn/2iAjKx7BVB0peDlsYR6ZWZ/25d3852a638962f07b3a309c578fb221/LV_LP_desktop_LiveCasino_LPupdate_NO_Affiliates_D90196_RF_102022.jpg?w=1920&h=1080&q=50&fm=webp HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
content-length: 93882
last-modified: Fri, 11 Nov 2022 12:43:16 GMT
server: Contentful Images API
access-control-allow-origin: *
date: Mon, 05 Dec 2022 05:17:05 GMT
cache-control: max-age=31536000
etag: "7ae24e8aa6154835684d65e7a288af63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VWhzWm-qyYomT1QxeBbVxf7VmOJdl8eJPZhq9h-L-JI6kVK3Q4Yl2w==
age: 81772
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
794d2423f95f10174a398a035a05a700
add6d91cc265ab82db3912e51b38db1e88691493
e3cc6cc02f1ffa0bf1310190e4dd11dc2751fe09cfb2855a4dcba6cd286476f2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3CC6CC02F1FFA0BF1310190E4DD11DC2751FE09CFB2855A4DCBA6CD286476F2"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7371
Expires: Tue, 06 Dec 2022 06:02:19 GMT
Date: Tue, 06 Dec 2022 03:59:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
794d2423f95f10174a398a035a05a700
add6d91cc265ab82db3912e51b38db1e88691493
e3cc6cc02f1ffa0bf1310190e4dd11dc2751fe09cfb2855a4dcba6cd286476f2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3CC6CC02F1FFA0BF1310190E4DD11DC2751FE09CFB2855A4DCBA6CD286476F2"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7371
Expires: Tue, 06 Dec 2022 06:02:19 GMT
Date: Tue, 06 Dec 2022 03:59:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2722
Expires: Tue, 06 Dec 2022 04:44:50 GMT
Date: Tue, 06 Dec 2022 03:59:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2722
Expires: Tue, 06 Dec 2022 04:44:50 GMT
Date: Tue, 06 Dec 2022 03:59:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2722
Expires: Tue, 06 Dec 2022 04:44:50 GMT
Date: Tue, 06 Dec 2022 03:59:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (3968 bytes)
Hash
9838b65dde746487c806ee9739f8b222
1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8
cf3ddc240b33d0f588d5acb30593b6846874a192bff9f5b69455877d7f63be53

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3968
x-amzn-requestid: 55111bc4-d002-44a0-855a-533251b144fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSveGo_IAMFQvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c9-28e0a83d7f9f1ffc7544bb3d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _Hf2XblY73dHIIWTqWgeDzJJalBo6ooCAit1eQ8G8n4385ORBBDakA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
etag: "1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8"
content-type: image/jpeg
age: 22342
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11469 bytes)
Hash
5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bWcuXixVA50JUynSO7ar3nWfjsTa5iOteSYq88bWPlQvz__1qfv7Uw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:49 GMT
age: 22659
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 21000
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8469 bytes)
Hash
2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKSlCefkyQ7VDufJJOh1D7zhioft93jfOsoXxTD4ncAK5ktxlPvIoA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:52:07 GMT
age: 22041
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

142.250.74.106

200 OK

5.8 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
5.8 kB (5820 bytes)
Hash
4fabcfaa4549f1d2ac2cd598d48713fa
5b4d535d2c7e1d0464ed3d5482509db3e68dff04
ed3b72deb22fe3bbe38c65374a407b6ce37898da7c3331cb908ebd751162a7d0

HTTP Headers

GET /css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 03:59:27 GMT
date: Tue, 06 Dec 2022 03:59:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6920 bytes)
Hash
f4193f05dfd1de8bf795f433d4387243
b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RF_AmYN7VQghDpDX6kEyBEBZtvR8dfLpwuqk75bGpn8q2OMc46lVgA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:31 GMT
age: 22257
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6b159fdabe241a0f38997a068b31c58a
e97bd85cc2e0a389a07ffbe17f990678cb0955d5
3a825294334cd38686b167d31f0226c236f254228f159a12ade3c3b545dfa0d6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5242
Cache-Control: max-age=168436
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:28 GMT
Etag: "638e989a-1d7"
Expires: Thu, 08 Dec 2022 02:46:44 GMT
Last-Modified: Tue, 06 Dec 2022 01:19:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=1084551185.1670292829&jid=1122368931&_gid=1275176805.1670292829&gjid=121983542&_v=j98&z=109903538

64.233.165.155

302 Found

367 B

URL HTTP/2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=1084551185.1670292829&jid=1122368931&_gid=1275176805.1670292829&gjid=121983542&_v=j98&z=109903538
IP
64.233.165.155:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
367 B (367 bytes)
Hash
37543bf110f520cc5fe236dc81c6a816
8ff08746384140576217b2bb5f007dbd8af25e2b
51a34504b0cebca307b87e9eb55090975e8704782ef22343b264ab43b666e1f1

HTTP Headers

GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=1084551185.1670292829&jid=1122368931&_gid=1275176805.1670292829&gjid=121983542&_v=j98&z=109903538 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1084551185.1670292829&jid=1122368931&_v=j98&z=109903538
access-control-allow-origin: null
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 03:59:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1084551185.1670292829&jid=1122368931&_v=j98&z=109903538

142.250.74.132

302 Found

0 B

URL HTTP/2
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1084551185.1670292829&jid=1122368931&_v=j98&z=109903538
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1084551185.1670292829&jid=1122368931&_v=j98&z=109903538 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 03:59:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1084551185.1670292829&jid=1122368931&_v=j98&z=109903538&slf_rd=1&random=1757866586
access-control-allow-origin: null
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1084551185.1670292829&jid=1122368931&_v=j98&z=109903538&slf_rd=1&random=1757866586

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1084551185.1670292829&jid=1122368931&_v=j98&z=109903538&slf_rd=1&random=1757866586
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=1084551185.1670292829&jid=1122368931&_v=j98&z=109903538&slf_rd=1&random=1757866586 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 03:59:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-origin: null
access-control-allow-credentials: true
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:59:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5995 bytes)
Hash
3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzpOZW9e-54LuSSOigtmFRb0sUGpIRpqZ-UtINp-B_Uzk6lFPnb6dw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:25:46 GMT
age: 20029
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.leovegas.com/set-affiliate-domain-cookie?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362&lobby=livecasino

107.154.248.168

200 OK

0 B

URL HTTP/2
www.leovegas.com/set-affiliate-domain-cookie?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362&lobby=livecasino
IP
107.154.248.168:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /set-affiliate-domain-cookie?btag=100665320_E73026BEFC39467E95AEF1AD94E37D12&rdk=rk1&pid=3748557&bid=13362&lobby=livecasino HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670292830368)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022126213%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222740371772%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670299165.2.0.1670299165.0.0.0; _ga=GA1.1.1084551185.1670292829; FPLC=Ib%2FgV5xs7flOBLIwWY1pqj0d6k%2Bme7Eil%2F5UnessM0KtnxLKe2mB6v1TYvPAS2cHFhI1pIC86jPwicEdh2JiY5%2BtXuHfM6eAWBblUw9qCZ6kI2bxzmzUFHVs5ua3kQ%3D%3D; FPID=FPID2.2.9rqLtyWlB6%2FNYZKtiNXkNk%2BNb%2BwjOog2FLVIK%2F%2FE3Ko%3D.1670292829; _gid=GA1.2.1275176805.1670292829; _hjSessionUser_380080=eyJpZCI6ImYzYjExMTAxLWFiMTUtNThkNS04MjUzLWE4ZTEwNjRiZDgxMiIsImNyZWF0ZWQiOjE2NzAyOTI4Mjg5MzAsImV4aXN0aW5nIjp0cnVlfQ==; leobtag=100665320_35A5004E45BB482282CD60BE357ACC8F; leonrpid=3748557; leonrbid=13362; leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; visid_incap_846569=WW+HQlMoTLGQy/pkEnv5UF+ljmMAAAAAQUIPAAAAAABOayIL4Wnoa2ouLeGikDCn; _hjSession_380080=eyJpZCI6ImJiMjc4ZWU3LTBkMTctNDk2ZS04MjZkLTBlNjA3YmY5MDBmYSIsImNyZWF0ZWQiOjE2NzAyOTkxNjUzNTAsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 03:59:28 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
set-cookie: leobtag=100665320_E73026BEFC39467E95AEF1AD94E37D12; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrpid=3748557; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrbid=13362; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
nlbi_846569=+9VzR4zHuCd3CGeKTJV9qQAAAAA/ToplbzabFycO7qlwoG/l; path=/; Domain=.leovegas.com; Secure; SameSite=None
incap_ses_722_846569=13i7HH+Rqx2rtsTsFxAFCiC+jmMAAAAAxOe6nAY4k2ycW8hFrHGiZw==; path=/; Domain=.leovegas.com; Secure; SameSite=None
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cdn: Imperva
x-iinfo: 11-61242588-61242591 NNNY CT(1 10 0) RT(1670299168546 36) q(0 0 0 -1) r(1 1) U12
X-Firefox-Spdy: h2

leo-promo-redirect-service.leo-prod-common.lvg-tech.net/_geofetch

34.117.190.191

200 OK

0 B

URL HTTP/2
leo-promo-redirect-service.leo-prod-common.lvg-tech.net/_geofetch
IP
34.117.190.191:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_geofetch HTTP/1.1
Host: leo-promo-redirect-service.leo-prod-common.lvg-tech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.leovegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
access-control-max-age: 3600
content-type: application/json
date: Tue, 06 Dec 2022 03:59:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d33wubrfki0l68.cloudfront.net/bundles/3a60bb6a829d13f7c019df18e77514f50ca92ed6.js

143.204.42.80

200 OK

0 B

URL HTTP/2
d33wubrfki0l68.cloudfront.net/bundles/3a60bb6a829d13f7c019df18e77514f50ca92ed6.js
IP
143.204.42.80:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bundles/3a60bb6a829d13f7c019df18e77514f50ca92ed6.js HTTP/1.1
Host: d33wubrfki0l68.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31556926
content-encoding: gzip
date: Fri, 02 Dec 2022 10:49:37 GMT
etag: 66f93c87163e873e252c560c1a9704ceaf34ec82-df
server: Netlify
x-nf-request-id: 01GK979FR7N73YRV2MWGMJCPAZ
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: e9RExJiqBeEvMkS6Whf6DHaeOyES-KtRLh-MrTtTOkHwltrLWoaBmA==
age: 320990
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (102)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations