Report - telewww.site/uz/bx/nl

Report Overview

Submitted URL
telewww.site/uz/bx/nl
IP
79.98.28.128
ASN
#212531 UAB Interneto vizija
Submitted
2022-12-05 21:10:08
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.leovegas.com	354851	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.6 kB	107.154.248.168
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	25 kB	34.102.187.140
whampamp.com	30947	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	697 B	2.2 kB	139.45.197.236
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	9.8 kB	142.250.74.131
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	48 kB	142.250.74.110
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	7.7 kB	143.204.55.37
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	465 B	769 B	142.250.74.163
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	67 kB	216.58.207.227
images.ctfassets.net	4623	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	94 kB	143.204.55.54
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	919 B	216.58.207.228
sgtm.leovegas.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	655 B	345 B	34.107.236.224
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	1.2 kB	108.177.14.154
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	52 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.9 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ntrfr.leovegas.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	477 B	1.2 kB	23.36.79.9
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	681 B	139.45.195.8
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	746 B	142.250.74.106
telewww.site	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	705 B	715 B	79.98.28.128
promo.leovegas.com	535866	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	331 kB	34.159.168.235
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.39.94.191
d33wubrfki0l68.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	843 B	26 kB	143.204.42.80
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	69 kB	143.204.55.96
leo-promo-redirect-service.leo-prod-common.lvg-tech.net	695620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	284 B	34.117.190.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	telewww.site/uz/bx/nl	Phishing
2022-12-05	medium	telewww.site/uz/bx/nl/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	whampamp.com	Sinkholed
2022-12-05	medium	whampamp.com	Sinkholed

JavaScript (103)

	URL	Size	First Seen	Last Seen
	sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD	215 kB	2023-03-08	2023-03-08
Pretty URL sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD IP 34.107.236.224 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:49:19 Last Seen2023-03-08 19:49:32 Times Seen1 Hash ea1a6b6641b2a2d454aa7f28783cd0d2 2fd8f924a8543b0df36c9c185f2208aa31dc7bb3 bad581381936ca19681a04c94bb161ce1461e8832fec9e7a6301a22b6c651600 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 16:26:28 Times Seen37066620 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	whampamp.com/4/5087048?var=ed_error	583 B	2023-03-08	2023-03-08
Pretty URL whampamp.com/4/5087048?var=ed_error IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:49:32 Last Seen2023-03-08 19:49:32 Times Seen1 Hash ec35be26747dc7843000d64d490def1f d23ff0835e71f92e97141e44983918e649f007ca c19d12b1d3d3efd1e7a7d086f2aaa44074fe484a77d65ae45571d529b0d460f3 Loading...

	promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362	56 B	2023-03-08	2023-03-08
Pretty URL promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362 IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-08 20:11:41 Times Seen1 Hash dcb6c92c45c8e6480ef217dfad13e337 11f6d3c01654e6bf216fe586f7cfca035c17659f 1f34724f5b30327554ef0b067638a891aabc3b884c0cdc082f7efa4bb6c47832 Loading...

	static.hotjar.com/c/hotjar-380080.js?sv=7	26 kB	2023-03-08	2023-03-08
Pretty URL static.hotjar.com/c/hotjar-380080.js?sv=7 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:49:32 Last Seen2023-03-08 19:49:32 Times Seen1 Hash 2defe09f5c9810c8a9e3e1f268e7d75c 49e8a4ae87609de02506f6514286c6e1a38a6d14 93725e6cac66142f6824b1edad59bbc53492eabbb2da53cf49f3c99a092abb53 Loading...

	www.google-analytics.com/gtm/optimize.js?id=OPT-K5XRHTM	122 kB	2023-03-08	2023-03-08
Pretty URL www.google-analytics.com/gtm/optimize.js?id=OPT-K5XRHTM IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:26:17 Last Seen2023-03-08 19:50:32 Times Seen1 Hash 91f90c0410d1168b0079eb4fe2f6827e b143f185284d60c29a4461e64cad8e0b97ee5b94 7c60d098823a1f75ec13bf202903e7419793fe355cf6b4165b712e12b1320cdf Loading...

	sgtm.leovegas.com/gtag/js?id=G-R99CHBN90V&l=dataLayer&cx=c&sign=e446c7a3979169b1732c2b0906578925165a721d2f3d30a694daab85d65e107a_20221205	204 kB	2023-03-08	2023-03-08
Pretty URL sgtm.leovegas.com/gtag/js?id=G-R99CHBN90V&l=dataLayer&cx=c&sign=e446c7a3979169b1732c2b0906578925165a721d2f3d30a694daab85d65e107a_20221205 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:49:19 Last Seen2023-03-08 19:49:32 Times Seen1 Hash 739a55a7b7e0fbb1f87c7abf38e1dc24 5c74e3758c3057e26ee6738c4a2c4998cc2ab794 59eb3813563b33b6513d4c68ae006cbd185ef0b5f8f0f7f9de35abdfb5220cea Loading...

	www.google-analytics.com/gtm/optimize.js?id=GTM-NZW9CHB	112 kB	2023-03-08	2023-03-08
Pretty URL www.google-analytics.com/gtm/optimize.js?id=GTM-NZW9CHB IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-08 20:11:41 Times Seen1 Hash 35ae242c6c3747ad8215bd3c021e2cec 85423631d9d34b6c5273fd6313278c299b77fee2 0518001da23821617d98c3d2d2bcc1da82624d2493c0c4f294dcd081c6ab9fc9 Loading...

	vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html	2.3 kB	2023-03-08	2023-03-26
Pretty URL vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2023-03-26 01:38:12 Times Seen2 Hash 2ab04d2242413cc15369fa816e1a02f8 8ff148dd539f0fff0892dcc2075839c315cb8642 fe51660a3d21efbefab64694f51d02f2bcee4e82c324895e93c78ba6179508a3 Loading...

	sgtm.leovegas.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL sgtm.leovegas.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362	381 B	2023-03-08	2023-06-10
Pretty URL promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362 IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 3aea4ff5a923ba8ec513d6e8e686f474 4b5393be3c3d97fcab06536fddff1f1e4add4969 0d6fb97529219a7897892ca7b7772818274e5f9e1e6f8d1572661179a37f678e Loading...

	promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362	971 B	2023-03-08	2023-03-08
Pretty URL promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362 IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-08 20:11:41 Times Seen1 Hash 453aec1e6029a7c2ea0aeb26ced29da1 6d6011c7ccd3ab65be45847513c7656306b3a4e7 09a4b39beffcac1b4e4843a79ab7604512d1312480540cee29db9850f245ddf0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b1dab119535b2d653cd583fe14562d62	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash b1dab119535b2d653cd583fe14562d62 9a5e2735b2817d33b001162d6200bbc71ab25ef1 54f2fbd41d0e2ae4e39cccc16b7ee210aa2d6fb6ccfb6d0067d55c85228d5dd1 Loading...

	#2 Eval - fd867d45abc119d378e486b015e5fb32	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash fd867d45abc119d378e486b015e5fb32 c3ef9a0b7357a5a63fe701b568e0b286ba8cdabc d794a5d005d2990361b510f2fcc1a33792baddfc4846e15ea053881aee23eff1 Loading...

	#3 Eval - fd397bb32dda73f7cf8338e38128aecd	106 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash fd397bb32dda73f7cf8338e38128aecd a6a3d621bcaeb9bb2483159a8973a59327e9b34c 256b60d7ca5d55f1e7e75f7b2a4967055565549c5a5dcd6ec2a3c807edc70978 Loading...

	#4 Eval - c140d3873d4258873a3a28967ec673cc	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash c140d3873d4258873a3a28967ec673cc 042de2cdc4b20f8e4ff83461da5345eef797be2f d357a4a08ac5665d86654cfbe8060448643637b0762e15fafd88677f82cd0509 Loading...

	#5 Eval - c7170c7a554f99fd87c55c05dcfc31b7	124 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash c7170c7a554f99fd87c55c05dcfc31b7 b117097883c1d05e6144234e178bafd2fd66ee24 b483ead6657271b2b30855c8c0faad1bb6b6e62a8376b26d168cd7815bd218b2 Loading...

	#6 Eval - f678942ad67c50cf49bf5bac9bf40271	192 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash f678942ad67c50cf49bf5bac9bf40271 4bc3a0ab65d0a6dcebc8aedf47a9f8fde0a6cc5d 75e7d6881f7aaf129305f16840427e2c8f62394c8816f57689b9ccc96c8563ed Loading...

	#7 Eval - 4861ef1d2f1db399c6dcd8f4df2b2395	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 4861ef1d2f1db399c6dcd8f4df2b2395 b674b187f93af06d65420c9a5be29d76089edb88 48cb6b0fa5a474252426424beefd352a47e25234514c9fe3f4949c22a6780274 Loading...

	#8 Eval - b3980b28ce83f3b6a7f5dda3871d5706	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash b3980b28ce83f3b6a7f5dda3871d5706 92415bdf402224712d5559897a3420a2c62e6b5d 45dd79403b47a170bba397edb3e05298a676d17de159da0c49ec6a241f3d8a62 Loading...

	#9 Eval - a4943e94e9a07d035e014d5393f1c3b5	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a4943e94e9a07d035e014d5393f1c3b5 34b4189acbd1f4d033547bab59ac592db3268c49 be4cf8963e8756a3536f6dd2faf468dac4a10772368c3bf6924326e817e82f2d Loading...

	#10 Eval - 4d2c7695510b867e42477ced8db1c35e	171 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 4d2c7695510b867e42477ced8db1c35e eb933bff5ce8f3261941552dd0329820e63fe50b 26a18761aba178be7a831e214366741e2d8d854de36c93a6820335495f945a55 Loading...

	#11 Eval - 0d274c21bf7b98c0cbb3a5b400422f28	172 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-14 19:59:59 Times Seen1 Hash 0d274c21bf7b98c0cbb3a5b400422f28 326cfcba912ba888c4234b08d1bc72e661fa82ca 372a47d4bcf5c10be3bf46a79adcf93a61c8c67dbfb7a756c038534f759b5ad1 Loading...

	#12 Eval - 1b8d800f81b4c361c873fcdbe7b9c108	122 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 1b8d800f81b4c361c873fcdbe7b9c108 4fd28e374c617c702c17d4f86df380725ffd2992 0e803317c10ccb5c87fbdbd91f869516f42e42b0203e926fd329bfacc914ff2c Loading...

	#13 Eval - 55f318898d431acc3d128e81e74e71a8	150 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 55f318898d431acc3d128e81e74e71a8 3f3bcb14f7db2718ecd8142cab4a7a56662bbd09 954640cb295a2a917672de217b87cbfab0b892329d129e58739c00f2a9b612dc Loading...

	#14 Eval - 9a565f97f2d93edcf7e15b393f9bb2ab	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 9a565f97f2d93edcf7e15b393f9bb2ab a38cfd5b2521fefa027f1116f2d1c2ebcd46c84a 44a532b0f5d0ce4e99cab5e4d8ca630bcdc61e4619be06bd23e152ea08618425 Loading...

	#15 Eval - 8b50409b3a9997ffeee5e4e119c982ce	112 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 8b50409b3a9997ffeee5e4e119c982ce ee2498f332630ef9d5191d22d0022158755ff158 c62cb0b84812f2143517d4aa9abfbf6d9157630ed0e3157e01a16a0d258a5e91 Loading...

	#16 Eval - 64b87a6e1bce99d14b0b3e8b772c36d1	196 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 64b87a6e1bce99d14b0b3e8b772c36d1 67aa369cf78d369c9c44ee87f6a0af35d112e13c 6b1264b05300c7a9c37b8cd30666436d1e7b71a1a5ee0c993235f28836188a54 Loading...

	#17 Eval - f28cd8b615465625e3e57792f7f4b076	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash f28cd8b615465625e3e57792f7f4b076 02f1a6991c8ecb38b9b037d1daf6328c3564098f d18bbfc39366226ea45b0be769222c006c95b3d078b7a90671a3c446dcf6c143 Loading...

	#18 Eval - 5b4aa5bf36a69181d2f5f680934ec1ff	172 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 5b4aa5bf36a69181d2f5f680934ec1ff 5b5fc1cf76c40eb8dfb13a8d46670e0c071cda20 da6c050e1003df621452f4af85b0e224a2b41314a0068b2a2676325102e16fdf Loading...

	#19 Eval - 5a51320e8bc81905a11160dbd2b99995	124 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-14 19:59:59 Times Seen1 Hash 5a51320e8bc81905a11160dbd2b99995 cffd839185838e27bb11b88d31bdd63a78a1392e 8c786163d5b73d7bc01f2f53e0c1ca06d19f0d3be6b6e403ffd389f51f7926cc Loading...

	#20 Eval - a8a9e5e2c3c8f1e6f5464b814dbd1720	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a8a9e5e2c3c8f1e6f5464b814dbd1720 875200d97656c3c0f8bd74165994f15fbb25e128 18ee1f5475962d3b38e052819db4d2d4366b96afb2541b9067673d63a0d5a1e5 Loading...

	#21 Eval - ce01dc894b8d3ac82a44266c235575c5	196 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ce01dc894b8d3ac82a44266c235575c5 40a51cb3b893114bcf6d941596c50b17c110632c 6de6d66be9af47a58faea809d8c496b189ff3dd55c8e996ad67f42d86074cc63 Loading...

	#22 Eval - c836a228e7858989156fb6a7cfaedd60	106 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash c836a228e7858989156fb6a7cfaedd60 2e7ca0f3b5406673ebc48e7742d007690e20517b c6ee598d33fc6aa9ffe8f818968d178ac07ba24e6f9d9cf92dec5dac692531b7 Loading...

	#23 Eval - 6344b305e3dceadcc79ccab22aa7c68f	155 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 6344b305e3dceadcc79ccab22aa7c68f b9d065c90b506f9c821ba0504b9158409ed74ef4 2b5c718020edf189b5d5d66cbf97a44dec13c8615d709eab026fae0d839a113f Loading...

	#24 Eval - df4694c3abd755beaa500b403710b461	155 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash df4694c3abd755beaa500b403710b461 94d7c488e5eb06e03b63e1f65c1cd06ae2299141 d8b455f29a30f673681e811bf0bcb188224da0880d07eafe9298d00c35da9a03 Loading...

	#25 Eval - 9f9a942340b12c83c671b1695254772e	123 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 9f9a942340b12c83c671b1695254772e a44246047f9207b3c8309b08b7bdc65b4657edab 02998b7f1f7bc765ee4d4770d3ddab6a0af9a45f75c6979872fffc6ae7de46f7 Loading...

	#26 Eval - 7f380422c7d4820ac7b1a299aecbdfd0	123 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-14 00:50:57 Times Seen1 Hash 7f380422c7d4820ac7b1a299aecbdfd0 b106883131f5a1f9102c553726c73b7c91d8410e c7fa53cf8c71af8d38e04962529b8cb5fb197c9ee70a8c645d51e6b05fc5b0b3 Loading...

	#27 Eval - adc3b0af7e7a1389d4e0ec70e4d0f412	124 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash adc3b0af7e7a1389d4e0ec70e4d0f412 60fcd081bb0edeb0b512cfbaf19db8bc83c5039b 06536f663928ebf2a0f137dd7c506c0b2fdd5cb536ddc6b26737a48b77e93998 Loading...

	#28 Eval - 915c9f2a88be65821dbae8e767388400	197 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 915c9f2a88be65821dbae8e767388400 13891aa81307a2064599eb9d425291f6fdcee2c1 ee07f5998d90cd538705ab2419aba824a40cbac066ce031cd5d9e77abdc0cb65 Loading...

	#29 Eval - ef3172a8d4eda8ab47faf1c4e3211994	170 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ef3172a8d4eda8ab47faf1c4e3211994 1c163158e20e6d998f309fb828f57fd0e6752792 4f7f6eb560e827cac4f0d2243c88ea4bd1e5285181444df4a0ea0184f7cec529 Loading...

	#30 Eval - bb1678000c9bd1d1e110737c4f9fe55e	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash bb1678000c9bd1d1e110737c4f9fe55e 4a9687bf6d1dcb5c0cb22a8f5c6a2ef67a92fc7f 8830b35ea78c950806c4972c8cc6857dcf77bafb266b0a90e34fcdd4ce7d77e7 Loading...

	#31 Eval - 1e35b244450dd5d83340dfe3520433d4	171 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 1e35b244450dd5d83340dfe3520433d4 56ba77fee3c1de110b0a615ade8e54c4ff06e9d8 0d224effcb6d2c0048e53221690903690e9103a48f170bc2c514b6a9309a2add Loading...

	#32 Eval - bef0f106432ad908f0c9e615349f7544	114 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash bef0f106432ad908f0c9e615349f7544 77af6144eb7b8b376987590623f71d1e967be47f 9376c54e9f4221dba2b9955f457ee5e2ddb69df7237bc51abf7f25d6f463e995 Loading...

	#33 Eval - d53ab2662ff7fb9101dfd624e11550c7	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash d53ab2662ff7fb9101dfd624e11550c7 4f325596e410a7a944739784396a4a2276f77dcb 4514b65927d2ea2ffd137d7c201268db1f2932912863a6976d8e8ee7ab7c7de4 Loading...

	#34 Eval - a4388664c4a145a6f5ad4df5455056b0	123 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash a4388664c4a145a6f5ad4df5455056b0 0b66ca70c15421e967578303dd39353ce1688737 6a18f181f1fe80acaf4991f97ef27463af4cb829a88c9880426f91b2e5336175 Loading...

	#35 Eval - a48e44e37a0ed35c9f9679e7a10067ff	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a48e44e37a0ed35c9f9679e7a10067ff 29ac644462a602a8e583e3b880fcbcf5921174ce d82f8b1c19320143b113106f113e12e11eaf02d572553c08828af6308cd6a8af Loading...

	#36 Eval - 3543c05ddcf232571252daa716920b8f	107 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 3543c05ddcf232571252daa716920b8f 9f0844af766c91490f0eb54bf776e75eeece6e99 9826c00d835f07b2fc9cc0320f48a8777d58b0120f5dad310c767bb9f3c28c6d Loading...

	#37 Eval - 365edb930f5689990a02ef373c421fe4	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 365edb930f5689990a02ef373c421fe4 10e564352177b036286ffb24e9d33205f0a4057c ed0ece0b6e472c857b1730cced51bc469b2ad0450dd93ff5d4ae510ce31d5309 Loading...

	#38 Eval - fc13cf4c7d1314db4a4eceb301a7455f	124 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:54:00 Times Seen4 Hash fc13cf4c7d1314db4a4eceb301a7455f 5d6e9ea8e4cdf77296170c0610da6d8240280a32 fe1d3bd6a7d18eec6383a2fcdefee8051009c2e0348e636ee0376fc6290f306b Loading...

	#39 Eval - 36b32b78ffec24408d8f58d8dd421627	100 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 36b32b78ffec24408d8f58d8dd421627 d7d15558fa84fbc1462b33dd285392511450069b d4f42c415fb7cac7882ad147bbaec5daa8e0bc9b2a51d7d27e4b4b58fc8c1e24 Loading...

	#40 Eval - f8a3d3857c0ce4fc6a8271e6a1998892	138 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash f8a3d3857c0ce4fc6a8271e6a1998892 19f7a52849794485b399f9e67589c10807ec17eb 970c21e7b7ab3e6222aedaf15a05861f5fe8a15505066c7c53489164b3404976 Loading...

	#41 Eval - 253491bc67e092b5a24aa973e620687e	123 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-14 00:50:58 Times Seen1 Hash 253491bc67e092b5a24aa973e620687e bbfbeb9c4ec7f54687c78f84f1a5d0ed56bfc365 e56469c56d16370f8961e49351ea5f2b8762b7ec6b9f2e09643aceed5b8b2a57 Loading...

	#42 Eval - c39dedb1a271b5ddbb3c9fa06ee3e2f7	171 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash c39dedb1a271b5ddbb3c9fa06ee3e2f7 c0a5a307cf6d14b4bc21649f85e84ac28b036478 18857f78f60884ae8d55616df4593d3e925de658bf937e181d75e65f7fdfb8f1 Loading...

	#43 Eval - 632eb80b40b97611ffa5375220389b7e	152 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 632eb80b40b97611ffa5375220389b7e b5c51544086cd5b4285c7b8b11ecf69845810e67 b09b15cd0494ca7565526a4cc30da90ac0525d5f4dc2d017da40f8d84500512c Loading...

	#44 Eval - 75d4e8b557b01a600eee1a64fb0dd739	124 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 75d4e8b557b01a600eee1a64fb0dd739 31431f07314fada96dea3630ff68aaa295112884 920d4ca9ae716cf2a121d0cb6147c90749c2086ee944e97b5333c0dc5323164e Loading...

	#45 Eval - 4cf26273edb31ba33451801da2315eaf	86 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 4cf26273edb31ba33451801da2315eaf ae9d011ee92298b8450d39b6e95f4cf46b81da63 f74a0f07f35ce720d19e06b96d16d0b366c1563b80fbba36636f0de86023db49 Loading...

	#46 Eval - 5be248facc202001df5cb56943b30cca	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 5be248facc202001df5cb56943b30cca 7651b117ea838a7c8011c07dcde1cf5cfbded8aa 498b95ddeefbfc3f8f575dde2b3e76b3aafa99c241418c5f577cedb02838ed56 Loading...

	#47 Eval - 692b9a2d6eb3ceb221f74872db7e3c5f	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 692b9a2d6eb3ceb221f74872db7e3c5f ea8d289d90c6ddb7fda1a8b641fd7585a4ea27d0 ddf3e59e52a0c2225676c83eb0fb38d5ef30a6dca0375cf12fe1a29b0e0b90a9 Loading...

	#48 Eval - 2a6678910310e5ff65f64b52a434d1fc	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 2a6678910310e5ff65f64b52a434d1fc 8b570c52da076b4414416589d6faeafd75c27a46 abd1a29e10277e55453e7cd98169538787d14205deef4b8e4b8bd4cabf079843 Loading...

	#49 Eval - 3180d9c0ee79198eddb8177d3e2fd2b8	115 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 3180d9c0ee79198eddb8177d3e2fd2b8 ca1491a70702ca9304580c8484dcc6e412e38628 53a045ec8988877e0fc7e0017e8eec37d10952a3f1db13ef3e356e0124991fbc Loading...

	#50 Eval - 2dc2547a56b0f53c2c80bedce41c2422	85 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 2dc2547a56b0f53c2c80bedce41c2422 b994c5229b810e8694a6fd24d2074a7a9307490d 385c37a37df4168fe1fb386e15e4d8cfb2f1cff3b4781f52eec33fdedf0b8b43 Loading...

	#51 Eval - 9e84f4b6c7ef5d5911a5192cbec2758b	99 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 9e84f4b6c7ef5d5911a5192cbec2758b 7ef1a10da678c6955f337926d6712729c850e183 0bd24eef1ed15f0fadf8411bc21f7e24b9afb84229bc0f6f9abf3f827444e512 Loading...

	#52 Eval - e5276aee2202b576ad3bab226118c6e9	109 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash e5276aee2202b576ad3bab226118c6e9 f8207968b801099917fb0c3555f6c2c5611d1563 79f2bdc0ed253382e0153731d6bd985912616621354f41eaf23d0d8f8874a450 Loading...

	#53 Eval - ca6e29c2c7aee389b7caf32615d7297a	123 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-14 00:50:57 Times Seen1 Hash ca6e29c2c7aee389b7caf32615d7297a c6fa149b3c8d4c14e2c9ef11023a1cd8df0da094 76a2cb6bb6aba273c70cbaebe3a7dd101a404fd46b943ee8f6b4a26c3c97bfd3 Loading...

	#54 Eval - dc0c587ea5dc38ab1d3acca238746079	123 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:54:00 Times Seen4 Hash dc0c587ea5dc38ab1d3acca238746079 3d8ec471ecab8ac55f4b23a8b3dc125229704600 ea63b9843eac3e3ccefca4aacb623024051159f9e09306e7143fad34b0a25bf1 Loading...

	#55 Eval - a16974ea4ac375211767d50e71c71d36	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a16974ea4ac375211767d50e71c71d36 ff5496a41a4208d65189c8eed37f39aa3263b3de dfdfe7abd958b9ffd6777cffae3328e74fdd3211bad8a32524eb76ea827e9b5d Loading...

	#56 Eval - 28c09c90ee32a01e2ca3f3b4a33ea882	114 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 28c09c90ee32a01e2ca3f3b4a33ea882 17862bac1d86c2d99857d1c4e40ed991968cc387 7b8cdfb439a9696a17f1e19589d2055d1cf1e6308fd1725f447ae8a964eedb0c Loading...

	#57 Eval - 31d77629d4e454942a72ebb34ca63d8a	105 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 31d77629d4e454942a72ebb34ca63d8a b2b5e0bcedb42dd895723cb04d85d178abc03b1a df2267e3e07d3ae370c5d274f0554604e5b61eeace3aeb5153f356b63b7eff47 Loading...

	#58 Eval - 9b8821c2220eea1cc1de46f12a831fb6	152 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 9b8821c2220eea1cc1de46f12a831fb6 eb06f91a3501cd31e2dd3157946ce869a00eee14 dfe0f4c30bc0c4266e961d21d5589a69b16525443393582ac24a892dd778c951 Loading...

	#59 Eval - 97777522f23c4b7869cbe59d98700623	152 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 97777522f23c4b7869cbe59d98700623 5bd38cbd1bf1730b1eca70cbd9d6096bafcc9ac5 0c72c4003ddc8be9dd98053d977074e9952633e75edc34bbcc5660f79b7e80a3 Loading...

	#60 Eval - 856d10573cf556bc26635056045a5e47	123 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-14 00:50:58 Times Seen1 Hash 856d10573cf556bc26635056045a5e47 7d677715bb900338c1cd81419e10ea52fdb3878e 5b14579268b25c96a8d475eb9991d528b5a9e72a32a9329954fd435bd233e8cc Loading...

	#61 Eval - 1129c6b7073182f4f28a605db7a8b1ae	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 1129c6b7073182f4f28a605db7a8b1ae 468f87c92796c7fa87d0329a3289fb9f1dd55df8 33101ae4058105ae8fbe7aa648fb657477df64d4d360a0eb06860a77edd9a097 Loading...

	#62 Eval - 8fa043e6e3b2f6458a3cf8a18c3dc09c	108 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8fa043e6e3b2f6458a3cf8a18c3dc09c 3f742f7b1e2a4cb5f567d444f33809af0c4b335a bcb56769020cb140b5c7e552b889d00c427161277b5e67c385c38e8460f21ebe Loading...

	#63 Eval - b91d83f4c8ca8c03f25481d368b429f7	99 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash b91d83f4c8ca8c03f25481d368b429f7 e315db6c50148ecbc0b24882199049bf72b7c66f ffe4223e47d1415be1ae34ed0e037030990286edf4513805cbfa287330123483 Loading...

	#64 Eval - 698ddb426d8449fe2b3870a4160e4811	136 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 698ddb426d8449fe2b3870a4160e4811 e916c60ec69431dbc96d53e0fca186af78fa213e 76d9f02e8f0f7b5d6a6e02f70f1e08b21d8be7b15a8a8830fb9c38fad1736501 Loading...

	#65 Eval - 766d4a0aaac10e961dafa6e18840ee9d	100 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 766d4a0aaac10e961dafa6e18840ee9d d4823ab2cf03b9af1f95eb2ffc78faf985cc06db 2ef190e1ff5f9ee67483497a713866fca8982a051f6bdc5aed06c976d76f899e Loading...

	#66 Eval - d126192b7e6cd4e0578d07016b1182da	85 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash d126192b7e6cd4e0578d07016b1182da 90de39bcff75a0af6ba58b186fd247d22bcedb3e cd6f7444b22e9ab3c56840e59daf71e50b182a51078604d63b4590f0a917f62e Loading...

	#67 Eval - 8119bd9b7c870211934c6d44de8510d9	481 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8119bd9b7c870211934c6d44de8510d9 abc5b808ed11d08818dd047cc81b191fe6b35be5 29672ec2833e5638671699664918a17cb2f8ef6c24c7e95f317f191eb2a734d7 Loading...

	#68 Eval - c6894d2dc9959e2af8ddc664d41947e1	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash c6894d2dc9959e2af8ddc664d41947e1 a433b3b604f19a864f417249decd23e51d1c065c 82155e6e97b4af69f0cc8ad5a6f1aa69ff6718de3a82b8ebfd104438205aaeb6 Loading...

	#69 Eval - af45283f996510854f3619a849328e27	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash af45283f996510854f3619a849328e27 34c614f5dc391452157e74dc6b7f180e6b3ed901 6ee88f294314cad35a11c2dbab248326dc2a3465cd329ee17d39e760cf2627f6 Loading...

	#70 Eval - 6665c318b4d8b932ef2061461b931ed6	136 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 6665c318b4d8b932ef2061461b931ed6 7121b466995ed450cde24fd21e07a499647d2c8e 3746218d3bdf30209078b4aa7983f2eb07448b11ae6d47e49446ab036d63c3b6 Loading...

	#71 Eval - 37b0474b4e1f82b7f0cb7d8f5a0acb92	123 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 37b0474b4e1f82b7f0cb7d8f5a0acb92 2519b1dcbbb49461eaaff8a2af9bf905eb7c018c bcf5b6d8379ca841eaf7449a7a7cc1deeb7be8c44c5e76630f4a413f5aac0090 Loading...

	#72 Eval - d6a858f9e1e0a9d60c6fb8faab6f4a32	152 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash d6a858f9e1e0a9d60c6fb8faab6f4a32 c2b5f117d9f4a73643f154c95ce1ff7205a6bac3 25de6d7f9a1279de5c62635f5cf13a43139b79ae2a0223e013ae5991e458ef1b Loading...

	#73 Eval - 6a09ab3c44d7842d33d85a99070c2587	108 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 6a09ab3c44d7842d33d85a99070c2587 9aced41fe53fb451952f342dd376b2e734476e13 c2052242a7518fe7cba33d79388f0711040c83620acdff37b677d1f154d2a3cc Loading...

	#74 Eval - 3818fb15b6aa7d471f8cc4e8d336e4e0	112 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 3818fb15b6aa7d471f8cc4e8d336e4e0 429ef097edcddaf8f17e771734840b32aa2b660c 72de93c5bac79316eb38df4ea78d942ea4ac38bccd9cb6e15fe557695fb01c18 Loading...

	#75 Eval - 1303777f592eeb45344e9ffaabf4ee5e	124 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 1303777f592eeb45344e9ffaabf4ee5e 6cd74224b78aed223e88b18b81c23d5f75e5eaa9 31a0929519f9f762b5228a20c29d8ebfc62541c8b50e19108f9a4fd33b1ae113 Loading...

	#76 Eval - 8c80cb699d9c10b27a60e75ecc48b6ec	155 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8c80cb699d9c10b27a60e75ecc48b6ec 9f5f38b2acde71e514acd92afec448fdf4b13530 f8a52a3a73e0250a815dd17132803408dd6b56880c65fd14eb340e4393d40d7d Loading...

	#77 Eval - 8a566f1c3a64134add47dec5e2dcc3c4	122 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8a566f1c3a64134add47dec5e2dcc3c4 540fdea64bf051565b734615a259f767817cbd05 1cf32fcddd085006b4b1f5a093b5b4a5f97109ab362d6ab5ba3a7b7e37c756d5 Loading...

	#78 Eval - 3ecca5af89fdf4902ab4ff6e64dbd1bc	110 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 3ecca5af89fdf4902ab4ff6e64dbd1bc 8451c2a4e282652b949d4d73a7cd23ebeffcf5cd b44315dfd59ca38274202c3d0708b5c79f3b8ea78cf86c400591e71e6a3a38a9 Loading...

	#79 Eval - 3f05f79193ef3cdf88c22c97e50abe1b	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 3f05f79193ef3cdf88c22c97e50abe1b c7f12276effef5ae3ab7222b593f31e0dcdf2ef7 a1c1c0c5a06aa8d50dab0a7eaaa1420503565a82934f465492767894f31cff41 Loading...

	#80 Eval - 8152aac726206c3c16fad969d0e32edc	645 B	2023-03-07	2023-10-18
Pretty Observations First Seen2023-03-07 12:04:35 Last Seen2023-10-18 15:14:31 Times Seen314 Hash 8152aac726206c3c16fad969d0e32edc 29168ef0bb722d5e411252582f2f5d5afe959f77 38f3c6ed5edf9b2b0e4e6fa7f1afb2dd77d61226c59e8fa6e896fc06aa6cbfbc Loading...

	#81 Eval - 7c4ae20c88e60eb4b1776d9cb8373f75	171 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 7c4ae20c88e60eb4b1776d9cb8373f75 b78afab212168fa65ef1383fc1613fd708971c80 a9147d3bf44a7e4375408f01ed3d3bc46b419680ebb3bfc7197536e61e720eab Loading...

	#82 Eval - 57b0f0ccc76c821dfb90e2adaf8e5cdf	112 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 57b0f0ccc76c821dfb90e2adaf8e5cdf 841aadeda3b93c44ca2f1dd828c90f01ad258b24 32454734f7ed678aeba10d26ee6f72570d4361b0b17ec7ae4b7b570c08bb59cc Loading...

	#83 Eval - c62a572e237bcc19f1641165c6fc2112	106 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash c62a572e237bcc19f1641165c6fc2112 b633a3b391250c35244bf6f651b96f92f6faec89 a0e5f88a9c7d6997320fd812a879ce2b1605fd9855fffab57dce83216551a948 Loading...

	#84 Eval - 333a01eed6b5d9899e45c388650de6e8	123 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 333a01eed6b5d9899e45c388650de6e8 9e335725e50dc6f5740c316d38df0170c5ce8cba 95e5134b8f7fdc94e8bb18e7223187ca6a2ecd42e092f8e3882e3f48799920ff Loading...

	#85 Eval - d23771e9b5e8d2d72ad226d3d0da5ca1	114 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash d23771e9b5e8d2d72ad226d3d0da5ca1 17f9c244f9626dde084adac9894665f3502b282d f542ff366a2985daaa4dcaae3c1ac13fc6fce19c066b80b3f893cfe9f28e822a Loading...

	#86 Eval - fc667e240d746fffeb1449a72f5f21ee	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash fc667e240d746fffeb1449a72f5f21ee 1ed731904c372aa549f78d1b2b59ec75d657bcd6 44016e43fa4f0dcf110125630bf1d017234026081a2b93726932a727cea1fc6c Loading...

	#87 Eval - 64a5c46f03f22b26cedb06a801d3e4a1	99 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 64a5c46f03f22b26cedb06a801d3e4a1 727622e9bb59406eaca3f582dcebeb6d3e8d3403 a372ea4bb9c395cf2a1b5bfd66ae00fe7cc4080339561c8c687cad60a6c233d2 Loading...

	#88 Eval - 24aee50acfeb480b7d2203688aa0fd3a	99 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 24aee50acfeb480b7d2203688aa0fd3a 1a12cdb5145f38301ce5c65ccd85c900f90fb2fb 56fa8584f97ab57aceee7f9b7c3b0b6f146d6204e53049dd09ca566eb6a8ba92 Loading...

	#89 Eval - 99b85b878936aa45705edb901b96e116	112 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 99b85b878936aa45705edb901b96e116 1a1a5be4a362dea8a047e1cb8cdcfc97248021b0 aba81ce4da0884484c1a02086179a9c9a9dca9154c41936f534be6b540ab4719 Loading...

	#90 Eval - fd92eba485b003f9af63cfa70c7cb963	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash fd92eba485b003f9af63cfa70c7cb963 152d29b9586eea2fac3913d55d1f4dd7cdcfb4e1 ab3b51d76b7283fccccbb14c48ca4b296b21d21a99da32f1aab190f9d03dda4e Loading...

	#91 Eval - ebaac333a97c8811cdef754190879ace	107 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ebaac333a97c8811cdef754190879ace 24dbc0473d89a492c5ce355a33fa9fa23c9d58ba 4fcaab3a7f479df8e2e6efe8644304bfc11fb4b9db9b7ea047c828c381a0f091 Loading...

HTTP Transactions (80)

URL IP Response Size

telewww.site/uz/bx/nl

79.98.28.128

301 Moved Permanently

237 B

URL HTTP/1.1
telewww.site/uz/bx/nl
IP
79.98.28.128:0
ASN
#212531 UAB Interneto vizija

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
237 B (237 bytes)
Hash
ec8c1ffa587f572444ae463c0b9e4244
002d5cdb01b9a849cbe9ec1dca23310c29397631
f5ad667a5aead439c83c46829ed2ff5538eba55762841149bf2c12292d5e8972

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uz/bx/nl HTTP/1.1
Host: telewww.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 21:09:55 GMT
Server: Apache
Location: http://telewww.site/uz/bx/nl/
Content-Length: 237
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7958
Expires: Mon, 05 Dec 2022 23:22:33 GMT
Date: Mon, 05 Dec 2022 21:09:55 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4078
Cache-Control: max-age=138562
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:55 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:39:17 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4176
Expires: Mon, 05 Dec 2022 22:19:31 GMT
Date: Mon, 05 Dec 2022 21:09:55 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 20:18:30 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3085
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Z5M1kgDD6a/25CD9+AmgWmgJ64mvxskhqoMtv4JyVo8zvbKRsUMPh6zN0iCFOs+/zSJ5eyLCmqY=
x-amz-request-id: K0WADDZ177E91BDW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 20:46:49 GMT
age: 1386
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

telewww.site/uz/bx/nl/

79.98.28.128

302 Found

0 B

URL HTTP/1.1
telewww.site/uz/bx/nl/
IP
79.98.28.128:0
ASN
#212531 UAB Interneto vizija

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uz/bx/nl/ HTTP/1.1
Host: telewww.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Mon, 05 Dec 2022 21:09:55 GMT
Server: Apache
Location: //whampamp.com/4/5087048?var=ed_error
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:09:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

whampamp.com/4/5087048?var=ed_error

139.45.197.236

200 OK

611 B

URL HTTP/1.1
whampamp.com/4/5087048?var=ed_error
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
611 B (611 bytes)
Hash
240f5c12991283ae9643581be0678250
8d97de68da6e1a80d823be641b6abb75ea6a5a50
07577547bd21bbef966b1a0e721e80845f323510f4ba26153fd117be8f5cb7d2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/5087048?var=ed_error HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 21:09:55 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 6b06334724137151b1eeaf5db2fd2270
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://ntrfr.leovegas.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=b062ebf9e06c43eabc359c9f7ccfc149; expires=Tue, 05 Dec 2023 21:09:55 GMT; path=/
oaidts=1670274595; expires=Tue, 05 Dec 2023 21:09:55 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5f25c4c99bce7de9166e989e0e94df3
977a8feb8420b10fc4b27440203b08ecae7516f8
5e444685fc55211330424827c83a0b4a885ff07f4c97fa667eead72cdc3c3eaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E444685FC55211330424827C83A0B4A885FF07F4C97FA667EEAD72CDC3C3EAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6798
Expires: Mon, 05 Dec 2022 23:03:14 GMT
Date: Mon, 05 Dec 2022 21:09:56 GMT
Connection: keep-alive

ntrfr.leovegas.com/redirect.aspx?pid=3748557&bid=13362&rdk=rk1

23.36.79.9

307 Temporary Redirect

0 B

URL HTTP/2
ntrfr.leovegas.com/redirect.aspx?pid=3748557&bid=13362&rdk=rk1
IP
23.36.79.9:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=3748557&bid=13362&rdk=rk1 HTTP/1.1
Host: ntrfr.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://promo.leovegas.com/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Mon, 05 Dec 2022 21:09:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 05 Dec 2022 21:09:56 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; SameSite=None;; domain=.leovegas.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d; domain=.leovegas.com; expires=Wed, 05-Dec-3021 21:09:55 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=41, origin; dur=50
X-Firefox-Spdy: h2

whampamp.com/favicon.ico

139.45.197.236

204 No Content

0 B

URL HTTP/1.1
whampamp.com/favicon.ico
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=b062ebf9e06c43eabc359c9f7ccfc149; oaidts=1670274595

HTTP/1.1 204 No Content
Server: nginx
Date: Mon, 05 Dec 2022 21:09:56 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

my.rtmark.net/img.gif?f=merge&userId=b062ebf9e06c43eabc359c9f7ccfc149

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=b062ebf9e06c43eabc359c9f7ccfc149
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

POST /img.gif?f=merge&userId=b062ebf9e06c43eabc359c9f7ccfc149 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:09:56 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b062ebf9e06c43eabc359c9f7ccfc149; expires=Tue, 05 Dec 2023 21:09:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4a96cab91864ceab7fd753917fd0a9eb
4d12a4a85ac19d3e951e19dacb55d7264b02e8c5
19c446681b5229c4dc010d36c154328802a4bbb49bb454e168dabfe1553609fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "19C446681B5229C4DC010D36C154328802A4BBB49BB454E168DABFE1553609FA"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11755
Expires: Tue, 06 Dec 2022 00:25:51 GMT
Date: Mon, 05 Dec 2022 21:09:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 21:08:58 GMT
cache-control: public,max-age=3600
age: 58
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

promo.leovegas.com/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362

34.159.168.235

301 Moved Permanently

32 B

URL HTTP/2
promo.leovegas.com/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with no line terminators
Size
32 B (32 bytes)
Hash
39dacc1839fbc93e31c1d2d53217a24c
bab0715449a8c2d79b67b5fa7f7d464f774fb77d
391c5184370e9aa51e55f54f79e9cb518cabbdf1d0806db6a832f38b9364b28b

HTTP Headers

GET /mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362 HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
age: 0
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: text/plain; charset=utf-8
date: Mon, 05 Dec 2022 21:09:56 GMT
location: /no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFC9H9WM7A3WACQC2E2C
x-xss-protection: 1; mode=block
content-length: 32
X-Firefox-Spdy: h2

promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362

34.159.168.235

200 OK

16 kB

URL HTTP/2
promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6578)
Size
16 kB (16385 bytes)
Hash
2b0ae82eb4e6737975bd2d7e26b18c94
fe34affac3567563b4ea1750515afe501b171d5e
d3d91a70292603a2cff12cbbc42fe456d37f0bdcad28c58b003baaea5a2ca3c5

HTTP Headers

GET /no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362 HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
age: 4058
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 20:02:18 GMT
etag: "67822a40934479402c5bf2b45514a010-ssl-df"
link: </webpack-runtime.js>; rel=preload; as=script, </framework.js>; rel=preload; as=script, </dc6a8720040df98778fe970bf6c000a41750d3ae.js>; rel=preload; as=script, </app.js>; rel=preload; as=script, </47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js>; rel=preload; as=script, </7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js>; rel=preload; as=script, </ff324cc4fcad5c37469103212758a68962a91703.js>; rel=preload; as=script, </8e399fed3a6b1522e3959e34b00067a9519e807d.js>; rel=preload; as=script, </05901c0cdc340371e5e64de460e805993147c75a.js>; rel=preload; as=script, </component---src-templates-leo-universe-index-jsx.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/no/mc-livecasino/page-data.json>; rel=preload; as=fetch; crossorigin
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFJ2JQWH6SRQ9JGJQTTB
x-xss-protection: 1; mode=block
content-length: 16385
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4071
Cache-Control: max-age=133487
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:56 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:14:43 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

promo.leovegas.com/webpack-runtime.js

34.159.168.235

200 OK

1.4 kB

URL HTTP/2
promo.leovegas.com/webpack-runtime.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (2978)
Size
1.4 kB (1432 bytes)
Hash
fc6275e91b83fb1861d667aff0bd5ab2
64cede2d4178f82eb8a11cb2b32706cef16f601e
98003f07ca794236c4b933ef2bbe37c75a8b0748912ad4e967886a4915625b89

HTTP Headers

GET /webpack-runtime.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 8554
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 18:47:22 GMT
etag: "d50f19024fb972e823cb9cedda51d294-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFN3T1EKM6DEP8MHFJPA
x-xss-protection: 1; mode=block
content-length: 1432
X-Firefox-Spdy: h2

promo.leovegas.com/dc6a8720040df98778fe970bf6c000a41750d3ae.js

34.159.168.235

200 OK

4.2 kB

URL HTTP/2
promo.leovegas.com/dc6a8720040df98778fe970bf6c000a41750d3ae.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (11901)
Size
4.2 kB (4159 bytes)
Hash
bdd2aabfa66e96632039b2b607303c00
10a2e1d4f025f11bec61554fbd05cae1a44e6815
2a6d67c657a631152b3370590574a1fc84e28c01a1585104d85a2ac37860e876

HTTP Headers

GET /dc6a8720040df98778fe970bf6c000a41750d3ae.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 8554
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 18:47:22 GMT
etag: "12d1763d5f10d67e3fe2f9f00b96b2e8-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFN4GBXJW1CMCM3RZFHG
x-xss-protection: 1; mode=block
content-length: 4159
X-Firefox-Spdy: h2

promo.leovegas.com/app.js

34.159.168.235

200 OK

15 kB

URL HTTP/2
promo.leovegas.com/app.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (51500)
Size
15 kB (14841 bytes)
Hash
ec592e8e4f9763adef6b0b99b3cd7b0e
01d801875af7b18e8192078e990957b880191d03
962058ff21e777eb4c6aa82fbfc08c07aaab0a154ba037be60b82ddbcfcff9f0

HTTP Headers

GET /app.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 8554
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 18:47:22 GMT
etag: "efc56438502dc0b09b588bf8cc771969-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFN6GG3HF5CT0Y9ZTFB9
x-xss-protection: 1; mode=block
content-length: 14841
X-Firefox-Spdy: h2

promo.leovegas.com/7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js

34.159.168.235

200 OK

2.9 kB

URL HTTP/2
promo.leovegas.com/7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (6980)
Size
2.9 kB (2937 bytes)
Hash
4befa7048021cd47bd7c590f8219a114
77130fee3b5db4ff69ac115ba6392d9fbb8158a6
ddb556400e35de0261e5bf2d35dbf9d494d203f570c05d88d61f580f9c7ccfa0

HTTP Headers

GET /7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 8554
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 18:47:22 GMT
etag: "a6e0802faefeef3a99043c2daddd096f-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFN77CCG1S7JYSDG1676
x-xss-protection: 1; mode=block
content-length: 2937
X-Firefox-Spdy: h2

promo.leovegas.com/ff324cc4fcad5c37469103212758a68962a91703.js

34.159.168.235

200 OK

100 kB

URL HTTP/2
promo.leovegas.com/ff324cc4fcad5c37469103212758a68962a91703.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (65236)
Size
100 kB (100094 bytes)
Hash
ad88f25650fae49a89fdea1db069a4b8
945d798c5c411c31717244ac1e79877005511e86
859f0841a883e48ffed94f52e3fa2b98a32f62105033550705d2ccd9a7e12056

HTTP Headers

GET /ff324cc4fcad5c37469103212758a68962a91703.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 8554
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 18:47:22 GMT
etag: "33dd56650a8aed1c381ced478717e4b1-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFNCXJ1J3DG6F4T6QBCX
x-xss-protection: 1; mode=block
content-length: 100094
X-Firefox-Spdy: h2

promo.leovegas.com/component---src-templates-leo-universe-index-jsx.js

34.159.168.235

200 OK

2.4 kB

URL HTTP/2
promo.leovegas.com/component---src-templates-leo-universe-index-jsx.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (5773)
Size
2.4 kB (2414 bytes)
Hash
c57f16f798f8bc3c281b33d6b29ab370
3608bcc2dfdd1261e8c6cd9bf43067a46c2fd8cf
337ee0d4a4c804aa58d7681b79a7e25f01d1b2d29de515ba3c6295632cdee006

HTTP Headers

GET /component---src-templates-leo-universe-index-jsx.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 8554
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 18:47:22 GMT
etag: "79b5cfeb3602b5f1350c673c66c0d012-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFNCVR5XK2EM1BZ95E36
x-xss-protection: 1; mode=block
content-length: 2414
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

promo.leovegas.com/page-data/app-data.json

34.159.168.235

200 OK

50 B

URL HTTP/2
promo.leovegas.com/page-data/app-data.json
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , ASCII text
Size
50 B (50 bytes)
Hash
26bbc30fb95a59f85a4c4ea44452a800
26ce9c4a4cccd5400d9d6661a8129ba9d90bba28
f813c77f52799503d269af274d016ca0ccb1704c7d08fd408f5f0c31d1cb992c

HTTP Headers

GET /page-data/app-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 10956
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Mon, 05 Dec 2022 18:07:21 GMT
etag: "f610b5b94695f446d38a29bb24af70cb-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFP5VRPD4P534Q02GT54
x-xss-protection: 1; mode=block
content-length: 50
X-Firefox-Spdy: h2

promo.leovegas.com/47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js

34.159.168.235

200 OK

6.2 kB

URL HTTP/2
promo.leovegas.com/47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (16666)
Size
6.2 kB (6218 bytes)
Hash
5c4e7e14f8659373e45400cf68c97a41
a2df475919893462415902ab0da086acc4f77033
58b06d80fbd4927e361ce301821f790c35782282eb6943dc9ce6b786ec63b352

HTTP Headers

GET /47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 8554
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 18:47:22 GMT
etag: "eea2c190fa6c75b8568cff2969365888-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFN6409WNV8A6S2VQ80Q
x-xss-protection: 1; mode=block
content-length: 6218
X-Firefox-Spdy: h2

promo.leovegas.com/page-data/no/mc-livecasino/page-data.json

34.159.168.235

200 OK

8.6 kB

URL HTTP/2
promo.leovegas.com/page-data/no/mc-livecasino/page-data.json
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (24270), with no line terminators
Size
8.6 kB (8566 bytes)
Hash
443da80a18079443a88af2a536cbf82c
e9a66d635df402b52f00515f6eae01097544fa2e
52fe0ff6c2c2c29b4818260acb0b1eb3786b2093eb6c48c418d62ff4f1108cdf

HTTP Headers

GET /page-data/no/mc-livecasino/page-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 2981
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Mon, 05 Dec 2022 20:20:15 GMT
etag: "e2f99e4bcb86868a0950cbca18f9033b-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFP53PHN9T22P1GVN8WP
x-xss-protection: 1; mode=block
content-length: 8566
X-Firefox-Spdy: h2

promo.leovegas.com/8e399fed3a6b1522e3959e34b00067a9519e807d.js

34.159.168.235

200 OK

33 kB

URL HTTP/2
promo.leovegas.com/8e399fed3a6b1522e3959e34b00067a9519e807d.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65536), with no line terminators
Size
33 kB (33010 bytes)
Hash
464e51d8049dceec3f4ba74d397009d9
843aba9ccf65310a3656f849667c09c73cf7e2eb
3fb00de7e29f0471f9c3debd72685ae639ba102e6fdef3e40edcd763977bd034

HTTP Headers

GET /8e399fed3a6b1522e3959e34b00067a9519e807d.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 8554
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 18:47:22 GMT
etag: "1a90c3703ecfdf94ffc928c21cf5a9be-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFNCC287SW0DN3CX625J
x-xss-protection: 1; mode=block
content-length: 33010
X-Firefox-Spdy: h2

promo.leovegas.com/framework.js

34.159.168.235

200 OK

40 kB

URL HTTP/2
promo.leovegas.com/framework.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65469)
Size
40 kB (40243 bytes)
Hash
167ec0d46f57fb00494a84e783c5c5e4
47601f21c3974edb503b0509143978b64049affb
6d95d63d1bfca8c205c2f6d4487c9bc63c5b229b2abb3d8b14ca25bed949ec4b

HTTP Headers

GET /framework.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 8554
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 18:47:22 GMT
etag: "3e379ad990653adc04137a3854730ff5-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFN35W8Q1J9N4K9YKV8D
x-xss-protection: 1; mode=block
content-length: 40243
X-Firefox-Spdy: h2

promo.leovegas.com/05901c0cdc340371e5e64de460e805993147c75a.js

34.159.168.235

200 OK

46 kB

URL HTTP/2
promo.leovegas.com/05901c0cdc340371e5e64de460e805993147c75a.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65438)
Size
46 kB (46547 bytes)
Hash
44deeb76a98ab386414deb34d45028c0
24954a1197a9ad874069f66729f0478b7e708b6c
9c5bb1b1fa4bfa6b160707e53e54c5634b45effc8d9a2ec4b4e143fc8aa6101e

HTTP Headers

GET /05901c0cdc340371e5e64de460e805993147c75a.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 8554
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 18:47:22 GMT
etag: "755b1d2e18b38895cd0871f0a1973e3d-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFNCD44B4RCA42QR2ZMH
x-xss-protection: 1; mode=block
content-length: 46547
X-Firefox-Spdy: h2

promo.leovegas.com/page-data/sq/d/2280590532.json

34.159.168.235

200 OK

1.8 kB

URL HTTP/2
promo.leovegas.com/page-data/sq/d/2280590532.json
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , ASCII text, with very long lines (13497), with no line terminators
Size
1.8 kB (1816 bytes)
Hash
9f055e9ead48e91929776db430c73bd5
564fcf144f13e1566b1b2c69749ea0291c04b75e
3db7fcff0641a5c23e503517261ea7d440e3fa632ee35129dd7c3e7ef8359263

HTTP Headers

GET /page-data/sq/d/2280590532.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 10124
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Mon, 05 Dec 2022 18:21:12 GMT
etag: "c3d3020a60483e49003046575338d2ec-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFPC086GZE1BNK0A0K38
x-xss-protection: 1; mode=block
content-length: 1816
X-Firefox-Spdy: h2

promo.leovegas.com/page-data/app-data.json

34.159.168.235

200 OK

50 B

URL HTTP/2
promo.leovegas.com/page-data/app-data.json
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , ASCII text
Size
50 B (50 bytes)
Hash
26bbc30fb95a59f85a4c4ea44452a800
26ce9c4a4cccd5400d9d6661a8129ba9d90bba28
f813c77f52799503d269af274d016ca0ccb1704c7d08fd408f5f0c31d1cb992c

HTTP Headers

GET /page-data/app-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 10956
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Mon, 05 Dec 2022 18:07:21 GMT
etag: "f610b5b94695f446d38a29bb24af70cb-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZFV5K2YE9J0TX7R1KMMB
x-xss-protection: 1; mode=block
content-length: 50
X-Firefox-Spdy: h2

promo.leovegas.com/page-data/no/mc-livecasino/page-data.json

34.159.168.235

304 Not Modified

0 B

URL HTTP/2
promo.leovegas.com/page-data/no/mc-livecasino/page-data.json
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /page-data/no/mc-livecasino/page-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: "e2f99e4bcb86868a0950cbca18f9033b-ssl"
TE: trailers

HTTP/2 304 Not Modified
cache-control: public, max-age=0, must-revalidate
date: Mon, 05 Dec 2022 21:09:56 GMT
etag: "e2f99e4bcb86868a0950cbca18f9033b-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GKJ1ZFVF2P3D66QF4RRD50Z5
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bc66712bf7cfcafa6a676acb3481c717
3c85e336710d494ab06c582bc80bc43a45e110f4
3b6214c10bdaa4c49074893c081ddbbec3ff7a25b6a58eb21b2adfbc8144a266

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1313
Cache-Control: max-age=129630
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:56 GMT
Etag: "638db061-1d7"
Expires: Wed, 07 Dec 2022 09:10:26 GMT
Last-Modified: Mon, 05 Dec 2022 08:48:33 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 437741
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

216.58.207.227

200 OK

33 kB

URL HTTP/2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Size
33 kB (32860 bytes)
Hash
d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536

HTTP Headers

GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 01:48:55 GMT
expires: Mon, 04 Dec 2023 01:48:55 GMT
cache-control: public, max-age=31536000
age: 156061
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 437762
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.39.94.191

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.94.191:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Mo/OLvmJGRv37AF9bEOrqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6FRcEW2IV2OLRMXtZ0O7rtvEdQE=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bc66712bf7cfcafa6a676acb3481c717
3c85e336710d494ab06c582bc80bc43a45e110f4
3b6214c10bdaa4c49074893c081ddbbec3ff7a25b6a58eb21b2adfbc8144a266

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1313
Cache-Control: max-age=129630
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:56 GMT
Etag: "638db061-1d7"
Expires: Wed, 07 Dec 2022 09:10:26 GMT
Last-Modified: Mon, 05 Dec 2022 08:48:33 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

d33wubrfki0l68.cloudfront.net/c818ec80d6e62941b42b67882bad573e7368d801/c4d7c/static/leovegas-casino-logo-303a40e8ff4725493d0d2eac998219ea.png

143.204.42.80

200 OK

24 kB

URL HTTP/2
d33wubrfki0l68.cloudfront.net/c818ec80d6e62941b42b67882bad573e7368d801/c4d7c/static/leovegas-casino-logo-303a40e8ff4725493d0d2eac998219ea.png
IP
143.204.42.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 385 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (24411 bytes)
Hash
303a40e8ff4725493d0d2eac998219ea
c818ec80d6e62941b42b67882bad573e7368d801
0163e1e689f26f9d4162e1d731525521a975eb299449ecc789e7c6d335f78e85

HTTP Headers

GET /c818ec80d6e62941b42b67882bad573e7368d801/c4d7c/static/leovegas-casino-logo-303a40e8ff4725493d0d2eac998219ea.png HTTP/1.1
Host: d33wubrfki0l68.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 24411
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31556926
date: Tue, 09 Aug 2022 12:22:43 GMT
etag: 47262b62fb231e87722d31776845e7499242a80d
server: Netlify
x-nf-request-id: 01GA18XAERW43J32K8E2PBQ65P
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bdHinoUqwSJK9wg9xO87E4zmRE_4awxgoq-I3ExDKnsGLZ5nkG6aHA==
age: 10226834
X-Firefox-Spdy: h2

promo.leovegas.com/favicons/apple-touch-icon-180x180.png

34.159.168.235

200 OK

39 kB

URL HTTP/2
promo.leovegas.com/favicons/apple-touch-icon-180x180.png
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
39 kB (39348 bytes)
Hash
1d677d2696a6decac62f6ae6702110e6
330819e2d40298fe76abf3b0a5b94365e48f043e
80ffeb0c1602f33c10915cee07509fd9bc89368bb7d423cd586c684aed55ce0a

HTTP Headers

GET /favicons/apple-touch-icon-180x180.png HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 6384
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: image/png
date: Mon, 05 Dec 2022 19:23:32 GMT
etag: "f615bc63b95404cf50521990d16061da-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZG15F0CR4C4PBK3TVH7H
x-xss-protection: 1; mode=block
content-length: 39348
X-Firefox-Spdy: h2

promo.leovegas.com/favicons/favicon-16x16.png

34.159.168.235

200 OK

950 B

URL HTTP/2
promo.leovegas.com/favicons/favicon-16x16.png
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
950 B (950 bytes)
Hash
a4d8c288ccfff5eed3db7050117eb6a5
4873ff662ffd8fed661fac12bf2edb25188a2d4e
710d82b385bbc48af160251f0b4444b7065d8bc6df0afaaa13fbf2e04356fe0d

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 6003
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: image/png
date: Mon, 05 Dec 2022 19:29:53 GMT
etag: "6208a9cbcd043a27a0542191e11cd3e4-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKJ1ZG16MF3JNCN1NCVWS037
x-xss-protection: 1; mode=block
content-length: 950
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670273832548%22

34.102.187.140

200 OK

22 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670273832548%22
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Size
22 kB (21675 bytes)
Hash
96272c545864e97c44c2222cf65a2f0d
890ea282cedf86d01280229e6ae8529786e11274
eb36638d71f03a8cb43a34b2c481c0df3fa2df133b41b0375563f652b2403049

HTTP Headers

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221670273832548%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Mon, 05 Dec 2022 21:01:59 GMT
cache-control: public,max-age=3600
last-modified: Mon, 05 Dec 2022 20:57:12 GMT
content-type: application/json
age: 478
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/gtm/optimize.js?id=OPT-K5XRHTM

142.250.74.110

200 OK

47 kB

URL HTTP/2
www.google-analytics.com/gtm/optimize.js?id=OPT-K5XRHTM
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2698)
Size
47 kB (46839 bytes)
Hash
087450d82c9776c2e6220234074952be
6823f7472112471efbdd0c39f506a33c2b87db8c
25872611205dd0c50f0fde014be06ba67ef703f21a47125cc33bd735e963fd26

HTTP Headers

GET /gtm/optimize.js?id=OPT-K5XRHTM HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 21:09:57 GMT
expires: Mon, 05 Dec 2022 21:09:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

script.hotjar.com/modules.d53d96d4fefc0e537bd8.js

143.204.55.96

200 OK

69 kB

URL HTTP/2
script.hotjar.com/modules.d53d96d4fefc0e537bd8.js
IP
143.204.55.96:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
69 kB (68700 bytes)
Hash
6f3e85a9867f8c1e87f393ee1344782f
9a3e0b1e33cd0bca903fbdb82e43aa71ec23d165
80cf78eadecdac25834fa2be80c9a96f5eba43069c0295d800ec8d14123f7fba

HTTP Headers

GET /modules.d53d96d4fefc0e537bd8.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68700
date: Mon, 05 Dec 2022 14:58:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "6f3e85a9867f8c1e87f393ee1344782f"
last-modified: Mon, 05 Dec 2022 14:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1UWVCX-x9aQq8li0cnwvzGdZA3wnwZ5d7MshOgwmSOpil_lonilz7g==
age: 22311
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-380080.js?sv=7

143.204.55.37

200 OK

7.1 kB

URL HTTP/2
static.hotjar.com/c/hotjar-380080.js?sv=7
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (19778)
Size
7.1 kB (7109 bytes)
Hash
d723da6ab51a1ad2d551c8e57cc11254
7b0e8843f02f2d613effaf4912009a97217f39e4
09634f804036acc25e89d4a01d142d48010eadc7c45e832a8933b8de5552a925

HTTP Headers

GET /c/hotjar-380080.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 21:09:20 GMT
cache-control: max-age=60
etag: W/2defe09f5c9810c8a9e3e1f268e7d75c
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: E4IdErJJ_DaEHhJntAQLL9Cat_6rx79bZg8UurdMCuA7QE47VCV-9w==
age: 39
X-Firefox-Spdy: h2

images.ctfassets.net/kijvoxi4q0zn/2iAjKx7BVB0peDlsYR6ZWZ/25d3852a638962f07b3a309c578fb221/LV_LP_desktop_LiveCasino_LPupdate_NO_Affiliates_D90196_RF_102022.jpg?w=1920&h=1080&q=50&fm=webp

143.204.55.54

200 OK

94 kB

URL HTTP/2
images.ctfassets.net/kijvoxi4q0zn/2iAjKx7BVB0peDlsYR6ZWZ/25d3852a638962f07b3a309c578fb221/LV_LP_desktop_LiveCasino_LPupdate_NO_Affiliates_D90196_RF_102022.jpg?w=1920&h=1080&q=50&fm=webp
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
94 kB (93882 bytes)
Hash
7ae24e8aa6154835684d65e7a288af63
470b516dc32dd2cf03260e98a56ee035479bfd80
5daea65e65c03202b0aa2ca21fadab1ea769abe71de3b0ae294f9fc803b04122

HTTP Headers

GET /kijvoxi4q0zn/2iAjKx7BVB0peDlsYR6ZWZ/25d3852a638962f07b3a309c578fb221/LV_LP_desktop_LiveCasino_LPupdate_NO_Affiliates_D90196_RF_102022.jpg?w=1920&h=1080&q=50&fm=webp HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
content-length: 93882
last-modified: Fri, 11 Nov 2022 12:43:16 GMT
server: Contentful Images API
access-control-allow-origin: *
date: Mon, 05 Dec 2022 05:28:22 GMT
cache-control: max-age=31536000
etag: "7ae24e8aa6154835684d65e7a288af63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8Sd-nK8euAwpiQsKvoQYEpm62GKWLhNbb89g9yJzcfaGpKPtPBVNVg==
age: 57201
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=493728768.1670274595&jid=1109284873&_gid=1955352659.1670274595&gjid=1641589426&_v=j98&z=957452087

108.177.14.154

302 Found

366 B

URL HTTP/2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=493728768.1670274595&jid=1109284873&_gid=1955352659.1670274595&gjid=1641589426&_v=j98&z=957452087
IP
108.177.14.154:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
366 B (366 bytes)
Hash
3c2176c45a13d0888cce68a45e638641
614f95935d70422f738ddf5607ca84d223c740c7
59d1734e68f06ee73020f07df547955733471946a01acb4022a1101ac0f7d1c6

HTTP Headers

GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-30&cid=493728768.1670274595&jid=1109284873&_gid=1955352659.1670274595&gjid=1641589426&_v=j98&z=957452087 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=493728768.1670274595&jid=1109284873&_v=j98&z=957452087
access-control-allow-origin: null
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 21:09:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=493728768.1670274595&jid=1109284873&_v=j98&z=957452087

216.58.207.228

302 Found

0 B

URL HTTP/2
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=493728768.1670274595&jid=1109284873&_v=j98&z=957452087
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=493728768.1670274595&jid=1109284873&_v=j98&z=957452087 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:09:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=493728768.1670274595&jid=1109284873&_v=j98&z=957452087&slf_rd=1&random=1827229201
access-control-allow-origin: null
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=493728768.1670274595&jid=1109284873&_v=j98&z=957452087&slf_rd=1&random=1827229201

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=493728768.1670274595&jid=1109284873&_v=j98&z=957452087&slf_rd=1&random=1827229201
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=493728768.1670274595&jid=1109284873&_v=j98&z=957452087&slf_rd=1&random=1827229201 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 21:09:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-origin: null
access-control-allow-credentials: true
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7765
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 21:09:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7765
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 21:09:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 84014
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
794d2423f95f10174a398a035a05a700
add6d91cc265ab82db3912e51b38db1e88691493
e3cc6cc02f1ffa0bf1310190e4dd11dc2751fe09cfb2855a4dcba6cd286476f2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3CC6CC02F1FFA0BF1310190E4DD11DC2751FE09CFB2855A4DCBA6CD286476F2"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14633
Expires: Tue, 06 Dec 2022 01:13:51 GMT
Date: Mon, 05 Dec 2022 21:09:58 GMT
Connection: keep-alive

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10396 bytes)
Hash
24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 36216
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7728 bytes)
Hash
027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:09:54 GMT
age: 82804
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8315 bytes)
Hash
db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 84439
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8749 bytes)
Hash
dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: joWP2kLWVD0lEy2rMV4Fjm3mJh3mzsPyTWiHDVZZNMy5s_WPViKtCw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
age: 84089
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4666 bytes)
Hash
c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 84353
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
794d2423f95f10174a398a035a05a700
add6d91cc265ab82db3912e51b38db1e88691493
e3cc6cc02f1ffa0bf1310190e4dd11dc2751fe09cfb2855a4dcba6cd286476f2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3CC6CC02F1FFA0BF1310190E4DD11DC2751FE09CFB2855A4DCBA6CD286476F2"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14633
Expires: Tue, 06 Dec 2022 01:13:51 GMT
Date: Mon, 05 Dec 2022 21:09:58 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c0f2e44653544c31b236ab7bc136755e
334bc8c6fb8f449d245fbb6df33d7e7224d9bc24
c26c25c109ed5252473c1e29aae168cb8ea5de6a0094ecce4662f9540d11a0d6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2666
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:09:58 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:32 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 21:09:56 GMT
date: Mon, 05 Dec 2022 21:09:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD

34.107.236.224

200 OK

0 B

URL HTTP/2
sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD
IP
34.107.236.224:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /gtm.js?id=GTM-WGS5KD HTTP/1.1
Host: sgtm.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.23.2
date: Mon, 05 Dec 2022 21:09:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=900
expires: Mon, 05 Dec 2022 21:24:48 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d33wubrfki0l68.cloudfront.net/bundles/3a60bb6a829d13f7c019df18e77514f50ca92ed6.js

143.204.42.80

200 OK

0 B

URL HTTP/2
d33wubrfki0l68.cloudfront.net/bundles/3a60bb6a829d13f7c019df18e77514f50ca92ed6.js
IP
143.204.42.80:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bundles/3a60bb6a829d13f7c019df18e77514f50ca92ed6.js HTTP/1.1
Host: d33wubrfki0l68.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31556926
content-encoding: gzip
date: Fri, 02 Dec 2022 10:49:37 GMT
etag: 66f93c87163e873e252c560c1a9704ceaf34ec82-df
server: Netlify
x-nf-request-id: 01GK979FR7N73YRV2MWGMJCPAZ
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XYbJij4jHUqaq-aOIyorcEFWES-aUCzhhBjWBaurHqDvXuvVEMhvmQ==
age: 296419
X-Firefox-Spdy: h2

leo-promo-redirect-service.leo-prod-common.lvg-tech.net/_geofetch

34.117.190.191

200 OK

0 B

URL HTTP/2
leo-promo-redirect-service.leo-prod-common.lvg-tech.net/_geofetch
IP
34.117.190.191:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_geofetch HTTP/1.1
Host: leo-promo-redirect-service.leo-prod-common.lvg-tech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.leovegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
access-control-max-age: 3600
content-type: application/json
date: Mon, 05 Dec 2022 21:09:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.leovegas.com/set-affiliate-domain-cookie?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362&lobby=livecasino

107.154.248.168

200 OK

0 B

URL HTTP/2
www.leovegas.com/set-affiliate-domain-cookie?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362&lobby=livecasino
IP
107.154.248.168:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /set-affiliate-domain-cookie?btag=100665320_DE67F06CBB6E4290813D0657E4B63016&rdk=rk1&pid=3748557&bid=13362&lobby=livecasino HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670274595985)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C2022125219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222739950001%7c1%22%7d%5d; _ga_R99CHBN90V=GS1.1.1670274594.1.0.1670274594.0.0.0; _ga=GA1.2.493728768.1670274595; FPLC=HU2pJ4bCSPGN1ZPLcPNLpWFw1Q%2FzLGIJoY16nwlWh2BDG6Tc7cRPbp0agqpwh%2Baz3Tr36XoMo7lmNvv5%2BLxPKsGAdZLHNSsQWLo%2F%2Bhuc%2FgXYjGGGT3C8fx0VrREJSw%3D%3D; FPID=FPID2.2.o0nUrouJEz5%2BbhLAa0psVrJ%2FbFVMBRhlDXTwCmXIgZI%3D.1670274595; _gid=GA1.2.1955352659.1670274595; _gat_UA-25600410-30=1; _hjSessionUser_380080=eyJpZCI6IjM3NzcyZjI5LWI5ZWItNTgxYi1hMWE2LTE3Yjg0ZWQ0YjBjOSIsImNyZWF0ZWQiOjE2NzAyNzQ1OTQ1NzcsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_380080=eyJpZCI6ImU1MzFhOTEwLTZmODUtNDRmMy1iMzE4LTU4MzkzM2I5MThkNCIsImNyZWF0ZWQiOjE2NzAyNzQ1OTQ3NTAsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:09:58 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
set-cookie: leobtag=100665320_DE67F06CBB6E4290813D0657E4B63016; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrpid=3748557; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrbid=13362; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
visid_incap_846569=F3G73UYwSAKQQBpi60VgkSZejmMAAAAAQUIPAAAAAAD8B/F394mwOL1brHeg5It0; expires=Mon, 04 Dec 2023 22:16:26 GMT; HttpOnly; path=/; Domain=.leovegas.com; Secure; SameSite=None
nlbi_846569=Q5MABf7D4w15ngUSTJV9qQAAAAADVU+ZBVazsJFMmTKsDXBU; path=/; Domain=.leovegas.com; Secure; SameSite=None
incap_ses_722_846569=MhO9Uppr4Gh9W5bsFxAFCiZejmMAAAAAN3aJB0wXqIPaSEzLnhJB+w==; path=/; Domain=.leovegas.com; Secure; SameSite=None
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cdn: Imperva
x-iinfo: 14-110896975-110896977 NNNY CT(1 4 0) RT(1670274598253 29) q(0 0 0 -1) r(1 1) U12
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (103)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP