Report - telewww.site/uz/fortune/nl/

Report Overview

Submitted URL
telewww.site/uz/fortune/nl/
IP
79.98.28.128
ASN
#212531 UAB Interneto vizija
Submitted
2022-12-04 15:58:53
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ntrfr.leovegas.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.2 kB	95.101.10.147
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	48 kB	142.250.74.110
telewww.site	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	240 B	79.98.28.128
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.9 kB	93.184.220.29
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	681 B	139.45.195.8
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.53.106
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	1.8 kB	143.204.55.118
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	89 kB	143.204.55.96
images.ctfassets.net	4623	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	94 kB	54.230.111.2
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
whampamp.com	30947	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	697 B	2.2 kB	139.45.197.236
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	769 B	142.250.74.163
www.leovegas.com	354851	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.4 kB	107.154.248.168
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	456 B	936 B	142.250.74.132
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	63 kB	34.120.237.76
leo-promo-redirect-service.leo-prod-common.lvg-tech.net	695620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	284 B	34.117.190.191
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	746 B	142.250.74.106
promo.leovegas.com	535866	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	30 kB	341 kB	34.159.168.235
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	85 kB	142.250.74.131
d33wubrfki0l68.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	462 B	25 kB	143.204.42.80
sgtm.leovegas.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	391 B	34.107.236.224

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	telewww.site/uz/fortune/nl/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	whampamp.com	Sinkholed
2022-12-04	medium	whampamp.com	Sinkholed

JavaScript (102)

	URL	Size	First Seen	Last Seen
	static.hotjar.com/c/hotjar-380080.js?sv=7	26 kB	2023-03-08	2023-03-08
Pretty URL static.hotjar.com/c/hotjar-380080.js?sv=7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:09:37 Last Seen2023-03-08 16:09:41 Times Seen1 Hash ae6c41f35f28006bbcdf3756616af336 0940638858a4667025aff66d408b4ebb292f9cdd ce6c3f4502de463d47986a7499b32f5a15435287043e3f0c1799413bdd6f606e Loading...

	www.google-analytics.com/gtm/optimize.js?id=GTM-NZW9CHB	112 kB	2023-03-08	2023-03-08
Pretty URL www.google-analytics.com/gtm/optimize.js?id=GTM-NZW9CHB IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-08 20:11:41 Times Seen1 Hash 35ae242c6c3747ad8215bd3c021e2cec 85423631d9d34b6c5273fd6313278c299b77fee2 0518001da23821617d98c3d2d2bcc1da82624d2493c0c4f294dcd081c6ab9fc9 Loading...

	whampamp.com/4/5087048?var=ed_error	583 B	2023-03-08	2023-03-08
Pretty URL whampamp.com/4/5087048?var=ed_error IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:09:37 Last Seen2023-03-08 16:09:37 Times Seen1 Hash 231a31e1ba19500f6822543b19af49c1 32bdbfc088c2acca1d893b473075e97e4e493868 029e8cc5ef5e16b9b42c96b4a3bf5bf6c66a1fd703b7b3b9cc2614903f17480f Loading...

	promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362	56 B	2023-03-08	2023-03-08
Pretty URL promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362 IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-08 20:11:41 Times Seen1 Hash dcb6c92c45c8e6480ef217dfad13e337 11f6d3c01654e6bf216fe586f7cfca035c17659f 1f34724f5b30327554ef0b067638a891aabc3b884c0cdc082f7efa4bb6c47832 Loading...

	promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362	971 B	2023-03-08	2023-03-08
Pretty URL promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362 IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-08 20:11:41 Times Seen1 Hash 453aec1e6029a7c2ea0aeb26ced29da1 6d6011c7ccd3ab65be45847513c7656306b3a4e7 09a4b39beffcac1b4e4843a79ab7604512d1312480540cee29db9850f245ddf0 Loading...

	sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD	215 kB	2023-03-08	2023-03-08
Pretty URL sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD IP 34.107.236.224 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:09:37 Last Seen2023-03-08 16:09:37 Times Seen1 Hash 492248dfbcdb0a38160a7a20c878e6e8 1e32905a3fbd4e8ca66e53283e0fc6398515da67 7623816e79d452d95971491dcaf50d78d822ec04880407346baf88b7f7df366b Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 23:56:09 Times Seen37027136 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sgtm.leovegas.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL sgtm.leovegas.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362	381 B	2023-03-08	2023-06-10
Pretty URL promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362 IP 34.159.168.235 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 3aea4ff5a923ba8ec513d6e8e686f474 4b5393be3c3d97fcab06536fddff1f1e4add4969 0d6fb97529219a7897892ca7b7772818274e5f9e1e6f8d1572661179a37f678e Loading...

	sgtm.leovegas.com/gtag/js?id=G-R99CHBN90V&l=dataLayer&cx=c&sign=488c9e58e99d104526d40c0d81b853360b3db9c3b95974c27552ef34511e678b_20221204	204 kB	2023-03-08	2023-03-08
Pretty URL sgtm.leovegas.com/gtag/js?id=G-R99CHBN90V&l=dataLayer&cx=c&sign=488c9e58e99d104526d40c0d81b853360b3db9c3b95974c27552ef34511e678b_20221204 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:09:37 Last Seen2023-03-08 16:09:41 Times Seen1 Hash 56d18ebfef2d689eb8c804ff82eddcb8 d285f86bb0f6a77eb24670f667cea4c0607be664 23cab92d21e90c66792386acc95f505e8364d764f6a8fe7b474ec7c7fb7b2134 Loading...

	vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html	2.3 kB	2023-03-08	2023-03-26
Pretty URL vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html IP 143.204.55.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2023-03-26 01:38:12 Times Seen2 Hash 2ab04d2242413cc15369fa816e1a02f8 8ff148dd539f0fff0892dcc2075839c315cb8642 fe51660a3d21efbefab64694f51d02f2bcee4e82c324895e93c78ba6179508a3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1129c6b7073182f4f28a605db7a8b1ae	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 1129c6b7073182f4f28a605db7a8b1ae 468f87c92796c7fa87d0329a3289fb9f1dd55df8 33101ae4058105ae8fbe7aa648fb657477df64d4d360a0eb06860a77edd9a097 Loading...

	#2 Eval - d126192b7e6cd4e0578d07016b1182da	85 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash d126192b7e6cd4e0578d07016b1182da 90de39bcff75a0af6ba58b186fd247d22bcedb3e cd6f7444b22e9ab3c56840e59daf71e50b182a51078604d63b4590f0a917f62e Loading...

	#3 Eval - af45283f996510854f3619a849328e27	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash af45283f996510854f3619a849328e27 34c614f5dc391452157e74dc6b7f180e6b3ed901 6ee88f294314cad35a11c2dbab248326dc2a3465cd329ee17d39e760cf2627f6 Loading...

	#4 Eval - 4d2c7695510b867e42477ced8db1c35e	171 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 4d2c7695510b867e42477ced8db1c35e eb933bff5ce8f3261941552dd0329820e63fe50b 26a18761aba178be7a831e214366741e2d8d854de36c93a6820335495f945a55 Loading...

	#5 Eval - 37b0474b4e1f82b7f0cb7d8f5a0acb92	123 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 37b0474b4e1f82b7f0cb7d8f5a0acb92 2519b1dcbbb49461eaaff8a2af9bf905eb7c018c bcf5b6d8379ca841eaf7449a7a7cc1deeb7be8c44c5e76630f4a413f5aac0090 Loading...

	#6 Eval - 333a01eed6b5d9899e45c388650de6e8	123 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 333a01eed6b5d9899e45c388650de6e8 9e335725e50dc6f5740c316d38df0170c5ce8cba 95e5134b8f7fdc94e8bb18e7223187ca6a2ecd42e092f8e3882e3f48799920ff Loading...

	#7 Eval - f678942ad67c50cf49bf5bac9bf40271	192 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash f678942ad67c50cf49bf5bac9bf40271 4bc3a0ab65d0a6dcebc8aedf47a9f8fde0a6cc5d 75e7d6881f7aaf129305f16840427e2c8f62394c8816f57689b9ccc96c8563ed Loading...

	#8 Eval - 8152aac726206c3c16fad969d0e32edc	645 B	2023-03-07	2023-10-18
Pretty Observations First Seen2023-03-07 12:04:35 Last Seen2023-10-18 15:14:31 Times Seen314 Hash 8152aac726206c3c16fad969d0e32edc 29168ef0bb722d5e411252582f2f5d5afe959f77 38f3c6ed5edf9b2b0e4e6fa7f1afb2dd77d61226c59e8fa6e896fc06aa6cbfbc Loading...

	#9 Eval - 57b0f0ccc76c821dfb90e2adaf8e5cdf	112 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 57b0f0ccc76c821dfb90e2adaf8e5cdf 841aadeda3b93c44ca2f1dd828c90f01ad258b24 32454734f7ed678aeba10d26ee6f72570d4361b0b17ec7ae4b7b570c08bb59cc Loading...

	#10 Eval - 6a09ab3c44d7842d33d85a99070c2587	108 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 6a09ab3c44d7842d33d85a99070c2587 9aced41fe53fb451952f342dd376b2e734476e13 c2052242a7518fe7cba33d79388f0711040c83620acdff37b677d1f154d2a3cc Loading...

	#11 Eval - f28cd8b615465625e3e57792f7f4b076	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash f28cd8b615465625e3e57792f7f4b076 02f1a6991c8ecb38b9b037d1daf6328c3564098f d18bbfc39366226ea45b0be769222c006c95b3d078b7a90671a3c446dcf6c143 Loading...

	#12 Eval - dc0c587ea5dc38ab1d3acca238746079	123 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:54:00 Times Seen4 Hash dc0c587ea5dc38ab1d3acca238746079 3d8ec471ecab8ac55f4b23a8b3dc125229704600 ea63b9843eac3e3ccefca4aacb623024051159f9e09306e7143fad34b0a25bf1 Loading...

	#13 Eval - a48e44e37a0ed35c9f9679e7a10067ff	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a48e44e37a0ed35c9f9679e7a10067ff 29ac644462a602a8e583e3b880fcbcf5921174ce d82f8b1c19320143b113106f113e12e11eaf02d572553c08828af6308cd6a8af Loading...

	#14 Eval - 8a566f1c3a64134add47dec5e2dcc3c4	122 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8a566f1c3a64134add47dec5e2dcc3c4 540fdea64bf051565b734615a259f767817cbd05 1cf32fcddd085006b4b1f5a093b5b4a5f97109ab362d6ab5ba3a7b7e37c756d5 Loading...

	#15 Eval - 64b87a6e1bce99d14b0b3e8b772c36d1	196 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 64b87a6e1bce99d14b0b3e8b772c36d1 67aa369cf78d369c9c44ee87f6a0af35d112e13c 6b1264b05300c7a9c37b8cd30666436d1e7b71a1a5ee0c993235f28836188a54 Loading...

	#16 Eval - 36b32b78ffec24408d8f58d8dd421627	100 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 36b32b78ffec24408d8f58d8dd421627 d7d15558fa84fbc1462b33dd285392511450069b d4f42c415fb7cac7882ad147bbaec5daa8e0bc9b2a51d7d27e4b4b58fc8c1e24 Loading...

	#17 Eval - d6a858f9e1e0a9d60c6fb8faab6f4a32	152 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash d6a858f9e1e0a9d60c6fb8faab6f4a32 c2b5f117d9f4a73643f154c95ce1ff7205a6bac3 25de6d7f9a1279de5c62635f5cf13a43139b79ae2a0223e013ae5991e458ef1b Loading...

	#18 Eval - 1e35b244450dd5d83340dfe3520433d4	171 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 1e35b244450dd5d83340dfe3520433d4 56ba77fee3c1de110b0a615ade8e54c4ff06e9d8 0d224effcb6d2c0048e53221690903690e9103a48f170bc2c514b6a9309a2add Loading...

	#19 Eval - 7c4ae20c88e60eb4b1776d9cb8373f75	171 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 7c4ae20c88e60eb4b1776d9cb8373f75 b78afab212168fa65ef1383fc1613fd708971c80 a9147d3bf44a7e4375408f01ed3d3bc46b419680ebb3bfc7197536e61e720eab Loading...

	#20 Eval - ca6e29c2c7aee389b7caf32615d7297a	123 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-14 00:50:57 Times Seen1 Hash ca6e29c2c7aee389b7caf32615d7297a c6fa149b3c8d4c14e2c9ef11023a1cd8df0da094 76a2cb6bb6aba273c70cbaebe3a7dd101a404fd46b943ee8f6b4a26c3c97bfd3 Loading...

	#21 Eval - 99b85b878936aa45705edb901b96e116	112 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 99b85b878936aa45705edb901b96e116 1a1a5be4a362dea8a047e1cb8cdcfc97248021b0 aba81ce4da0884484c1a02086179a9c9a9dca9154c41936f534be6b540ab4719 Loading...

	#22 Eval - 7f380422c7d4820ac7b1a299aecbdfd0	123 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-14 00:50:57 Times Seen1 Hash 7f380422c7d4820ac7b1a299aecbdfd0 b106883131f5a1f9102c553726c73b7c91d8410e c7fa53cf8c71af8d38e04962529b8cb5fb197c9ee70a8c645d51e6b05fc5b0b3 Loading...

	#23 Eval - c140d3873d4258873a3a28967ec673cc	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash c140d3873d4258873a3a28967ec673cc 042de2cdc4b20f8e4ff83461da5345eef797be2f d357a4a08ac5665d86654cfbe8060448643637b0762e15fafd88677f82cd0509 Loading...

	#24 Eval - 5b4aa5bf36a69181d2f5f680934ec1ff	172 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 5b4aa5bf36a69181d2f5f680934ec1ff 5b5fc1cf76c40eb8dfb13a8d46670e0c071cda20 da6c050e1003df621452f4af85b0e224a2b41314a0068b2a2676325102e16fdf Loading...

	#25 Eval - fc13cf4c7d1314db4a4eceb301a7455f	124 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:54:00 Times Seen4 Hash fc13cf4c7d1314db4a4eceb301a7455f 5d6e9ea8e4cdf77296170c0610da6d8240280a32 fe1d3bd6a7d18eec6383a2fcdefee8051009c2e0348e636ee0376fc6290f306b Loading...

	#26 Eval - 8119bd9b7c870211934c6d44de8510d9	481 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8119bd9b7c870211934c6d44de8510d9 abc5b808ed11d08818dd047cc81b191fe6b35be5 29672ec2833e5638671699664918a17cb2f8ef6c24c7e95f317f191eb2a734d7 Loading...

	#27 Eval - fd867d45abc119d378e486b015e5fb32	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash fd867d45abc119d378e486b015e5fb32 c3ef9a0b7357a5a63fe701b568e0b286ba8cdabc d794a5d005d2990361b510f2fcc1a33792baddfc4846e15ea053881aee23eff1 Loading...

	#28 Eval - 2a6678910310e5ff65f64b52a434d1fc	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 2a6678910310e5ff65f64b52a434d1fc 8b570c52da076b4414416589d6faeafd75c27a46 abd1a29e10277e55453e7cd98169538787d14205deef4b8e4b8bd4cabf079843 Loading...

	#29 Eval - 9a565f97f2d93edcf7e15b393f9bb2ab	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 9a565f97f2d93edcf7e15b393f9bb2ab a38cfd5b2521fefa027f1116f2d1c2ebcd46c84a 44a532b0f5d0ce4e99cab5e4d8ca630bcdc61e4619be06bd23e152ea08618425 Loading...

	#30 Eval - fd397bb32dda73f7cf8338e38128aecd	106 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash fd397bb32dda73f7cf8338e38128aecd a6a3d621bcaeb9bb2483159a8973a59327e9b34c 256b60d7ca5d55f1e7e75f7b2a4967055565549c5a5dcd6ec2a3c807edc70978 Loading...

	#31 Eval - 253491bc67e092b5a24aa973e620687e	123 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-14 00:50:58 Times Seen1 Hash 253491bc67e092b5a24aa973e620687e bbfbeb9c4ec7f54687c78f84f1a5d0ed56bfc365 e56469c56d16370f8961e49351ea5f2b8762b7ec6b9f2e09643aceed5b8b2a57 Loading...

	#32 Eval - 1303777f592eeb45344e9ffaabf4ee5e	124 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 1303777f592eeb45344e9ffaabf4ee5e 6cd74224b78aed223e88b18b81c23d5f75e5eaa9 31a0929519f9f762b5228a20c29d8ebfc62541c8b50e19108f9a4fd33b1ae113 Loading...

	#33 Eval - 5a51320e8bc81905a11160dbd2b99995	124 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-14 19:59:59 Times Seen1 Hash 5a51320e8bc81905a11160dbd2b99995 cffd839185838e27bb11b88d31bdd63a78a1392e 8c786163d5b73d7bc01f2f53e0c1ca06d19f0d3be6b6e403ffd389f51f7926cc Loading...

	#34 Eval - 75d4e8b557b01a600eee1a64fb0dd739	124 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 75d4e8b557b01a600eee1a64fb0dd739 31431f07314fada96dea3630ff68aaa295112884 920d4ca9ae716cf2a121d0cb6147c90749c2086ee944e97b5333c0dc5323164e Loading...

	#35 Eval - 3180d9c0ee79198eddb8177d3e2fd2b8	115 B	2023-03-08	2023-06-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-06-10 00:53:59 Times Seen4 Hash 3180d9c0ee79198eddb8177d3e2fd2b8 ca1491a70702ca9304580c8484dcc6e412e38628 53a045ec8988877e0fc7e0017e8eec37d10952a3f1db13ef3e356e0124991fbc Loading...

	#36 Eval - 24aee50acfeb480b7d2203688aa0fd3a	99 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 24aee50acfeb480b7d2203688aa0fd3a 1a12cdb5145f38301ce5c65ccd85c900f90fb2fb 56fa8584f97ab57aceee7f9b7c3b0b6f146d6204e53049dd09ca566eb6a8ba92 Loading...

	#37 Eval - c836a228e7858989156fb6a7cfaedd60	106 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash c836a228e7858989156fb6a7cfaedd60 2e7ca0f3b5406673ebc48e7742d007690e20517b c6ee598d33fc6aa9ffe8f818968d178ac07ba24e6f9d9cf92dec5dac692531b7 Loading...

	#38 Eval - a4388664c4a145a6f5ad4df5455056b0	123 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash a4388664c4a145a6f5ad4df5455056b0 0b66ca70c15421e967578303dd39353ce1688737 6a18f181f1fe80acaf4991f97ef27463af4cb829a88c9880426f91b2e5336175 Loading...

	#39 Eval - 365edb930f5689990a02ef373c421fe4	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 365edb930f5689990a02ef373c421fe4 10e564352177b036286ffb24e9d33205f0a4057c ed0ece0b6e472c857b1730cced51bc469b2ad0450dd93ff5d4ae510ce31d5309 Loading...

	#40 Eval - ebaac333a97c8811cdef754190879ace	107 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ebaac333a97c8811cdef754190879ace 24dbc0473d89a492c5ce355a33fa9fa23c9d58ba 4fcaab3a7f479df8e2e6efe8644304bfc11fb4b9db9b7ea047c828c381a0f091 Loading...

	#41 Eval - 5be248facc202001df5cb56943b30cca	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 5be248facc202001df5cb56943b30cca 7651b117ea838a7c8011c07dcde1cf5cfbded8aa 498b95ddeefbfc3f8f575dde2b3e76b3aafa99c241418c5f577cedb02838ed56 Loading...

	#42 Eval - bef0f106432ad908f0c9e615349f7544	114 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash bef0f106432ad908f0c9e615349f7544 77af6144eb7b8b376987590623f71d1e967be47f 9376c54e9f4221dba2b9955f457ee5e2ddb69df7237bc51abf7f25d6f463e995 Loading...

	#43 Eval - 3ecca5af89fdf4902ab4ff6e64dbd1bc	110 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 3ecca5af89fdf4902ab4ff6e64dbd1bc 8451c2a4e282652b949d4d73a7cd23ebeffcf5cd b44315dfd59ca38274202c3d0708b5c79f3b8ea78cf86c400591e71e6a3a38a9 Loading...

	#44 Eval - 1b8d800f81b4c361c873fcdbe7b9c108	122 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 1b8d800f81b4c361c873fcdbe7b9c108 4fd28e374c617c702c17d4f86df380725ffd2992 0e803317c10ccb5c87fbdbd91f869516f42e42b0203e926fd329bfacc914ff2c Loading...

	#45 Eval - fc667e240d746fffeb1449a72f5f21ee	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash fc667e240d746fffeb1449a72f5f21ee 1ed731904c372aa549f78d1b2b59ec75d657bcd6 44016e43fa4f0dcf110125630bf1d017234026081a2b93726932a727cea1fc6c Loading...

	#46 Eval - bb1678000c9bd1d1e110737c4f9fe55e	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash bb1678000c9bd1d1e110737c4f9fe55e 4a9687bf6d1dcb5c0cb22a8f5c6a2ef67a92fc7f 8830b35ea78c950806c4972c8cc6857dcf77bafb266b0a90e34fcdd4ce7d77e7 Loading...

	#47 Eval - 6665c318b4d8b932ef2061461b931ed6	136 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 6665c318b4d8b932ef2061461b931ed6 7121b466995ed450cde24fd21e07a499647d2c8e 3746218d3bdf30209078b4aa7983f2eb07448b11ae6d47e49446ab036d63c3b6 Loading...

	#48 Eval - ce01dc894b8d3ac82a44266c235575c5	196 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ce01dc894b8d3ac82a44266c235575c5 40a51cb3b893114bcf6d941596c50b17c110632c 6de6d66be9af47a58faea809d8c496b189ff3dd55c8e996ad67f42d86074cc63 Loading...

	#49 Eval - 8b50409b3a9997ffeee5e4e119c982ce	112 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 8b50409b3a9997ffeee5e4e119c982ce ee2498f332630ef9d5191d22d0022158755ff158 c62cb0b84812f2143517d4aa9abfbf6d9157630ed0e3157e01a16a0d258a5e91 Loading...

	#50 Eval - fd92eba485b003f9af63cfa70c7cb963	106 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash fd92eba485b003f9af63cfa70c7cb963 152d29b9586eea2fac3913d55d1f4dd7cdcfb4e1 ab3b51d76b7283fccccbb14c48ca4b296b21d21a99da32f1aab190f9d03dda4e Loading...

	#51 Eval - ef3172a8d4eda8ab47faf1c4e3211994	170 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash ef3172a8d4eda8ab47faf1c4e3211994 1c163158e20e6d998f309fb828f57fd0e6752792 4f7f6eb560e827cac4f0d2243c88ea4bd1e5285181444df4a0ea0184f7cec529 Loading...

	#52 Eval - 28c09c90ee32a01e2ca3f3b4a33ea882	114 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 28c09c90ee32a01e2ca3f3b4a33ea882 17862bac1d86c2d99857d1c4e40ed991968cc387 7b8cdfb439a9696a17f1e19589d2055d1cf1e6308fd1725f447ae8a964eedb0c Loading...

	#53 Eval - df4694c3abd755beaa500b403710b461	155 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash df4694c3abd755beaa500b403710b461 94d7c488e5eb06e03b63e1f65c1cd06ae2299141 d8b455f29a30f673681e811bf0bcb188224da0880d07eafe9298d00c35da9a03 Loading...

	#54 Eval - 3543c05ddcf232571252daa716920b8f	107 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 3543c05ddcf232571252daa716920b8f 9f0844af766c91490f0eb54bf776e75eeece6e99 9826c00d835f07b2fc9cc0320f48a8777d58b0120f5dad310c767bb9f3c28c6d Loading...

	#55 Eval - 692b9a2d6eb3ceb221f74872db7e3c5f	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 692b9a2d6eb3ceb221f74872db7e3c5f ea8d289d90c6ddb7fda1a8b641fd7585a4ea27d0 ddf3e59e52a0c2225676c83eb0fb38d5ef30a6dca0375cf12fe1a29b0e0b90a9 Loading...

	#56 Eval - 9f9a942340b12c83c671b1695254772e	123 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 9f9a942340b12c83c671b1695254772e a44246047f9207b3c8309b08b7bdc65b4657edab 02998b7f1f7bc765ee4d4770d3ddab6a0af9a45f75c6979872fffc6ae7de46f7 Loading...

	#57 Eval - 3818fb15b6aa7d471f8cc4e8d336e4e0	112 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 3818fb15b6aa7d471f8cc4e8d336e4e0 429ef097edcddaf8f17e771734840b32aa2b660c 72de93c5bac79316eb38df4ea78d942ea4ac38bccd9cb6e15fe557695fb01c18 Loading...

	#58 Eval - d23771e9b5e8d2d72ad226d3d0da5ca1	114 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash d23771e9b5e8d2d72ad226d3d0da5ca1 17f9c244f9626dde084adac9894665f3502b282d f542ff366a2985daaa4dcaae3c1ac13fc6fce19c066b80b3f893cfe9f28e822a Loading...

	#59 Eval - f8a3d3857c0ce4fc6a8271e6a1998892	138 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash f8a3d3857c0ce4fc6a8271e6a1998892 19f7a52849794485b399f9e67589c10807ec17eb 970c21e7b7ab3e6222aedaf15a05861f5fe8a15505066c7c53489164b3404976 Loading...

	#60 Eval - 915c9f2a88be65821dbae8e767388400	197 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 915c9f2a88be65821dbae8e767388400 13891aa81307a2064599eb9d425291f6fdcee2c1 ee07f5998d90cd538705ab2419aba824a40cbac066ce031cd5d9e77abdc0cb65 Loading...

	#61 Eval - d53ab2662ff7fb9101dfd624e11550c7	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash d53ab2662ff7fb9101dfd624e11550c7 4f325596e410a7a944739784396a4a2276f77dcb 4514b65927d2ea2ffd137d7c201268db1f2932912863a6976d8e8ee7ab7c7de4 Loading...

	#62 Eval - 3f05f79193ef3cdf88c22c97e50abe1b	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 3f05f79193ef3cdf88c22c97e50abe1b c7f12276effef5ae3ab7222b593f31e0dcdf2ef7 a1c1c0c5a06aa8d50dab0a7eaaa1420503565a82934f465492767894f31cff41 Loading...

	#63 Eval - 8fa043e6e3b2f6458a3cf8a18c3dc09c	108 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8fa043e6e3b2f6458a3cf8a18c3dc09c 3f742f7b1e2a4cb5f567d444f33809af0c4b335a bcb56769020cb140b5c7e552b889d00c427161277b5e67c385c38e8460f21ebe Loading...

	#64 Eval - 64a5c46f03f22b26cedb06a801d3e4a1	99 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 64a5c46f03f22b26cedb06a801d3e4a1 727622e9bb59406eaca3f582dcebeb6d3e8d3403 a372ea4bb9c395cf2a1b5bfd66ae00fe7cc4080339561c8c687cad60a6c233d2 Loading...

	#65 Eval - 766d4a0aaac10e961dafa6e18840ee9d	100 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 766d4a0aaac10e961dafa6e18840ee9d d4823ab2cf03b9af1f95eb2ffc78faf985cc06db 2ef190e1ff5f9ee67483497a713866fca8982a051f6bdc5aed06c976d76f899e Loading...

	#66 Eval - b1dab119535b2d653cd583fe14562d62	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash b1dab119535b2d653cd583fe14562d62 9a5e2735b2817d33b001162d6200bbc71ab25ef1 54f2fbd41d0e2ae4e39cccc16b7ee210aa2d6fb6ccfb6d0067d55c85228d5dd1 Loading...

	#67 Eval - 4861ef1d2f1db399c6dcd8f4df2b2395	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 4861ef1d2f1db399c6dcd8f4df2b2395 b674b187f93af06d65420c9a5be29d76089edb88 48cb6b0fa5a474252426424beefd352a47e25234514c9fe3f4949c22a6780274 Loading...

	#68 Eval - 9b8821c2220eea1cc1de46f12a831fb6	152 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 9b8821c2220eea1cc1de46f12a831fb6 eb06f91a3501cd31e2dd3157946ce869a00eee14 dfe0f4c30bc0c4266e961d21d5589a69b16525443393582ac24a892dd778c951 Loading...

	#69 Eval - c39dedb1a271b5ddbb3c9fa06ee3e2f7	171 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash c39dedb1a271b5ddbb3c9fa06ee3e2f7 c0a5a307cf6d14b4bc21649f85e84ac28b036478 18857f78f60884ae8d55616df4593d3e925de658bf937e181d75e65f7fdfb8f1 Loading...

	#70 Eval - e5276aee2202b576ad3bab226118c6e9	109 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash e5276aee2202b576ad3bab226118c6e9 f8207968b801099917fb0c3555f6c2c5611d1563 79f2bdc0ed253382e0153731d6bd985912616621354f41eaf23d0d8f8874a450 Loading...

	#71 Eval - 9e84f4b6c7ef5d5911a5192cbec2758b	99 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 9e84f4b6c7ef5d5911a5192cbec2758b 7ef1a10da678c6955f337926d6712729c850e183 0bd24eef1ed15f0fadf8411bc21f7e24b9afb84229bc0f6f9abf3f827444e512 Loading...

	#72 Eval - 4cf26273edb31ba33451801da2315eaf	86 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 4cf26273edb31ba33451801da2315eaf ae9d011ee92298b8450d39b6e95f4cf46b81da63 f74a0f07f35ce720d19e06b96d16d0b366c1563b80fbba36636f0de86023db49 Loading...

	#73 Eval - 2dc2547a56b0f53c2c80bedce41c2422	85 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 2dc2547a56b0f53c2c80bedce41c2422 b994c5229b810e8694a6fd24d2074a7a9307490d 385c37a37df4168fe1fb386e15e4d8cfb2f1cff3b4781f52eec33fdedf0b8b43 Loading...

	#74 Eval - 55f318898d431acc3d128e81e74e71a8	150 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 55f318898d431acc3d128e81e74e71a8 3f3bcb14f7db2718ecd8142cab4a7a56662bbd09 954640cb295a2a917672de217b87cbfab0b892329d129e58739c00f2a9b612dc Loading...

	#75 Eval - c62a572e237bcc19f1641165c6fc2112	106 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash c62a572e237bcc19f1641165c6fc2112 b633a3b391250c35244bf6f651b96f92f6faec89 a0e5f88a9c7d6997320fd812a879ce2b1605fd9855fffab57dce83216551a948 Loading...

	#76 Eval - a16974ea4ac375211767d50e71c71d36	152 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a16974ea4ac375211767d50e71c71d36 ff5496a41a4208d65189c8eed37f39aa3263b3de dfdfe7abd958b9ffd6777cffae3328e74fdd3211bad8a32524eb76ea827e9b5d Loading...

	#77 Eval - a8a9e5e2c3c8f1e6f5464b814dbd1720	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a8a9e5e2c3c8f1e6f5464b814dbd1720 875200d97656c3c0f8bd74165994f15fbb25e128 18ee1f5475962d3b38e052819db4d2d4366b96afb2541b9067673d63a0d5a1e5 Loading...

	#78 Eval - b3980b28ce83f3b6a7f5dda3871d5706	171 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash b3980b28ce83f3b6a7f5dda3871d5706 92415bdf402224712d5559897a3420a2c62e6b5d 45dd79403b47a170bba397edb3e05298a676d17de159da0c49ec6a241f3d8a62 Loading...

	#79 Eval - 856d10573cf556bc26635056045a5e47	123 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-14 00:50:58 Times Seen1 Hash 856d10573cf556bc26635056045a5e47 7d677715bb900338c1cd81419e10ea52fdb3878e 5b14579268b25c96a8d475eb9991d528b5a9e72a32a9329954fd435bd233e8cc Loading...

	#80 Eval - 0d274c21bf7b98c0cbb3a5b400422f28	172 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-14 19:59:59 Times Seen1 Hash 0d274c21bf7b98c0cbb3a5b400422f28 326cfcba912ba888c4234b08d1bc72e661fa82ca 372a47d4bcf5c10be3bf46a79adcf93a61c8c67dbfb7a756c038534f759b5ad1 Loading...

	#81 Eval - 8c80cb699d9c10b27a60e75ecc48b6ec	155 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 8c80cb699d9c10b27a60e75ecc48b6ec 9f5f38b2acde71e514acd92afec448fdf4b13530 f8a52a3a73e0250a815dd17132803408dd6b56880c65fd14eb340e4393d40d7d Loading...

	#82 Eval - c6894d2dc9959e2af8ddc664d41947e1	123 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash c6894d2dc9959e2af8ddc664d41947e1 a433b3b604f19a864f417249decd23e51d1c065c 82155e6e97b4af69f0cc8ad5a6f1aa69ff6718de3a82b8ebfd104438205aaeb6 Loading...

	#83 Eval - a4943e94e9a07d035e014d5393f1c3b5	112 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash a4943e94e9a07d035e014d5393f1c3b5 34b4189acbd1f4d033547bab59ac592db3268c49 be4cf8963e8756a3536f6dd2faf468dac4a10772368c3bf6924326e817e82f2d Loading...

	#84 Eval - 97777522f23c4b7869cbe59d98700623	152 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 97777522f23c4b7869cbe59d98700623 5bd38cbd1bf1730b1eca70cbd9d6096bafcc9ac5 0c72c4003ddc8be9dd98053d977074e9952633e75edc34bbcc5660f79b7e80a3 Loading...

	#85 Eval - 632eb80b40b97611ffa5375220389b7e	152 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 632eb80b40b97611ffa5375220389b7e b5c51544086cd5b4285c7b8b11ecf69845810e67 b09b15cd0494ca7565526a4cc30da90ac0525d5f4dc2d017da40f8d84500512c Loading...

	#86 Eval - b91d83f4c8ca8c03f25481d368b429f7	99 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash b91d83f4c8ca8c03f25481d368b429f7 e315db6c50148ecbc0b24882199049bf72b7c66f ffe4223e47d1415be1ae34ed0e037030990286edf4513805cbfa287330123483 Loading...

	#87 Eval - 698ddb426d8449fe2b3870a4160e4811	136 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:16:23 Last Seen2023-03-08 20:08:48 Times Seen1 Hash 698ddb426d8449fe2b3870a4160e4811 e916c60ec69431dbc96d53e0fca186af78fa213e 76d9f02e8f0f7b5d6a6e02f70f1e08b21d8be7b15a8a8830fb9c38fad1736501 Loading...

	#88 Eval - c7170c7a554f99fd87c55c05dcfc31b7	124 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash c7170c7a554f99fd87c55c05dcfc31b7 b117097883c1d05e6144234e178bafd2fd66ee24 b483ead6657271b2b30855c8c0faad1bb6b6e62a8376b26d168cd7815bd218b2 Loading...

	#89 Eval - 31d77629d4e454942a72ebb34ca63d8a	105 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 31d77629d4e454942a72ebb34ca63d8a b2b5e0bcedb42dd895723cb04d85d178abc03b1a df2267e3e07d3ae370c5d274f0554604e5b61eeace3aeb5153f356b63b7eff47 Loading...

	#90 Eval - adc3b0af7e7a1389d4e0ec70e4d0f412	124 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash adc3b0af7e7a1389d4e0ec70e4d0f412 60fcd081bb0edeb0b512cfbaf19db8bc83c5039b 06536f663928ebf2a0f137dd7c506c0b2fdd5cb536ddc6b26737a48b77e93998 Loading...

	#91 Eval - 6344b305e3dceadcc79ccab22aa7c68f	155 B	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 15:15:26 Last Seen2023-03-10 10:11:21 Times Seen1 Hash 6344b305e3dceadcc79ccab22aa7c68f b9d065c90b506f9c821ba0504b9158409ed74ef4 2b5c718020edf189b5d5d66cbf97a44dec13c8615d709eab026fae0d839a113f Loading...

HTTP Transactions (71)

URL IP Response Size

telewww.site/uz/fortune/nl/

79.98.28.128

302 Found

0 B

URL HTTP/1.1
telewww.site/uz/fortune/nl/
IP
79.98.28.128:0
ASN
#212531 UAB Interneto vizija

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /uz/fortune/nl/ HTTP/1.1
Host: telewww.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sun, 04 Dec 2022 15:58:41 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //whampamp.com/4/5087048?var=ed_error
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13078
Expires: Sun, 04 Dec 2022 19:36:40 GMT
Date: Sun, 04 Dec 2022 15:58:42 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4591
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:42 GMT
Last-Modified: Sun, 04 Dec 2022 14:42:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3478
Expires: Sun, 04 Dec 2022 16:56:40 GMT
Date: Sun, 04 Dec 2022 15:58:42 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 15:20:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2315
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: R7FQ+ehauBJu0y7XJOakNjJfeO8ekp+CmI0DN3xwWZPrwEt5mA7uHxB0CiihYYaciuDTbyFkQ3ySKA8aznssww==
x-amz-request-id: FQRX2XPRW9DA6HH9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 15:47:02 GMT
age: 700
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

whampamp.com/4/5087048?var=ed_error

139.45.197.236

200 OK

612 B

URL HTTP/1.1
whampamp.com/4/5087048?var=ed_error
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
612 B (612 bytes)
Hash
64bd5e188cae9c620e14571f19446b49
5e031dec1d46c98f11dc0891cafe74d3bcaad1fd
f2067ec38af31f6827e0cbfa26b5557de8499156321adf3472316859b6f31f81

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/5087048?var=ed_error HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 15:58:42 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: a08eb8f6987eefc7876461e0c40f72b9
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://ntrfr.leovegas.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=bb83db9090954bddbed23a593efcb599; expires=Mon, 04 Dec 2023 15:58:42 GMT; path=/
oaidts=1670169522; expires=Mon, 04 Dec 2023 15:58:42 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 15:58:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
feada0c59c0eaab85490c6c8a7bcdd19
067889598d6125a945f0f7815a03328b62e9d139
18d3562684c32ed7b8d7cf02c853d8f1f08bf1074151891d9b756d14fdddfa1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18D3562684C32ED7B8D7CF02C853D8F1F08BF1074151891D9B756D14FDDDFA1F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16281
Expires: Sun, 04 Dec 2022 20:30:03 GMT
Date: Sun, 04 Dec 2022 15:58:42 GMT
Connection: keep-alive

whampamp.com/favicon.ico

139.45.197.236

204 No Content

0 B

URL HTTP/1.1
whampamp.com/favicon.ico
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=bb83db9090954bddbed23a593efcb599; oaidts=1670169522

HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Dec 2022 15:58:42 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

my.rtmark.net/img.gif?f=merge&userId=bb83db9090954bddbed23a593efcb599

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=bb83db9090954bddbed23a593efcb599
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

POST /img.gif?f=merge&userId=bb83db9090954bddbed23a593efcb599 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 15:58:42 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=bb83db9090954bddbed23a593efcb599; expires=Mon, 04 Dec 2023 15:58:42 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ntrfr.leovegas.com/redirect.aspx?pid=3748557&bid=13362&rdk=rk1

95.101.10.147

307 Temporary Redirect

0 B

URL HTTP/2
ntrfr.leovegas.com/redirect.aspx?pid=3748557&bid=13362&rdk=rk1
IP
95.101.10.147:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=3748557&bid=13362&rdk=rk1 HTTP/1.1
Host: ntrfr.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://promo.leovegas.com/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sun, 04 Dec 2022 15:58:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 15:58:42 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; SameSite=None;; domain=.leovegas.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d; domain=.leovegas.com; expires=Tue, 04-Dec-3021 15:58:42 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=35
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16b22639f18c69fb811032f8cbdaafd5
4034ce905bb9f2e7350c2cf84f12f012bd3461cf
1e0f9d39d9cb2a331e37fe34b83a877a2eed71e256a5951d4f3892d09e38db8c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E0F9D39D9CB2A331E37FE34B83A877A2EED71E256A5951D4F3892D09E38DB8C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2868
Expires: Sun, 04 Dec 2022 16:46:30 GMT
Date: Sun, 04 Dec 2022 15:58:42 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 15:08:58 GMT
cache-control: public,max-age=3600
age: 2984
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

promo.leovegas.com/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362

34.159.168.235

301 Moved Permanently

32 B

URL HTTP/2
promo.leovegas.com/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with no line terminators
Size
32 B (32 bytes)
Hash
39dacc1839fbc93e31c1d2d53217a24c
bab0715449a8c2d79b67b5fa7f7d464f774fb77d
391c5184370e9aa51e55f54f79e9cb518cabbdf1d0806db6a832f38b9364b28b

HTTP Headers

GET /mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362 HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
age: 0
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: text/plain; charset=utf-8
date: Sun, 04 Dec 2022 15:58:42 GMT
location: /no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWJVQRQ78WW82G18EE85
x-xss-protection: 1; mode=block
content-length: 32
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4589
Cache-Control: max-age=152678
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:42 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:23:20 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362

34.159.168.235

200 OK

18 kB

URL HTTP/2
promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6578)
Size
18 kB (17492 bytes)
Hash
b313dc6923a26b4d66945bb4a2ec9d5c
9402f6e417b5b6092aa92047de5bae6ad4f37b5f
39f7a762641f551056d58eaf394547a7eb07d2b0354a8df75eb2ed93cdcb4775

HTTP Headers

GET /no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362 HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
age: 105393
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: text/html; charset=UTF-8
date: Sat, 03 Dec 2022 10:42:09 GMT
etag: "2e91493659af11a0bc35addd9f0a40b0-ssl-df"
link: </webpack-runtime.js>; rel=preload; as=script, </framework.js>; rel=preload; as=script, </dc6a8720040df98778fe970bf6c000a41750d3ae.js>; rel=preload; as=script, </app.js>; rel=preload; as=script, </47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js>; rel=preload; as=script, </7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js>; rel=preload; as=script, </ff324cc4fcad5c37469103212758a68962a91703.js>; rel=preload; as=script, </8e399fed3a6b1522e3959e34b00067a9519e807d.js>; rel=preload; as=script, </05901c0cdc340371e5e64de460e805993147c75a.js>; rel=preload; as=script, </component---src-templates-leo-universe-index-jsx.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/no/mc-livecasino/page-data.json>; rel=preload; as=fetch; crossorigin
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWRDZGD5GAYRPDXND9RT
x-xss-protection: 1; mode=block
content-length: 17492
X-Firefox-Spdy: h2

promo.leovegas.com/webpack-runtime.js

34.159.168.235

200 OK

1.4 kB

URL HTTP/2
promo.leovegas.com/webpack-runtime.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (2978)
Size
1.4 kB (1432 bytes)
Hash
fc6275e91b83fb1861d667aff0bd5ab2
64cede2d4178f82eb8a11cb2b32706cef16f601e
98003f07ca794236c4b933ef2bbe37c75a8b0748912ad4e967886a4915625b89

HTTP Headers

GET /webpack-runtime.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 142823
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Sat, 03 Dec 2022 00:18:20 GMT
etag: "c74486ef72d21cbc9a65e338b975bd28-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWV44MTKH4THNXG1D85G
x-xss-protection: 1; mode=block
content-length: 1432
X-Firefox-Spdy: h2

promo.leovegas.com/framework.js

34.159.168.235

200 OK

40 kB

URL HTTP/2
promo.leovegas.com/framework.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65469)
Size
40 kB (40243 bytes)
Hash
167ec0d46f57fb00494a84e783c5c5e4
47601f21c3974edb503b0509143978b64049affb
6d95d63d1bfca8c205c2f6d4487c9bc63c5b229b2abb3d8b14ca25bed949ec4b

HTTP Headers

GET /framework.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 142823
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Sat, 03 Dec 2022 00:18:20 GMT
etag: "3d0125bed4c14464add7699ae1f02689-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWV6NTJ47FEX014Q0B1X
x-xss-protection: 1; mode=block
content-length: 40243
X-Firefox-Spdy: h2

promo.leovegas.com/dc6a8720040df98778fe970bf6c000a41750d3ae.js

34.159.168.235

200 OK

4.2 kB

URL HTTP/2
promo.leovegas.com/dc6a8720040df98778fe970bf6c000a41750d3ae.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (11901)
Size
4.2 kB (4159 bytes)
Hash
bdd2aabfa66e96632039b2b607303c00
10a2e1d4f025f11bec61554fbd05cae1a44e6815
2a6d67c657a631152b3370590574a1fc84e28c01a1585104d85a2ac37860e876

HTTP Headers

GET /dc6a8720040df98778fe970bf6c000a41750d3ae.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 144274
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Fri, 02 Dec 2022 23:54:10 GMT
etag: "1b9626d69e8f7d91c2c5296e42b57d9c-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWV890V27Z8S2C6CK0ZX
x-xss-protection: 1; mode=block
content-length: 4159
X-Firefox-Spdy: h2

promo.leovegas.com/app.js

34.159.168.235

200 OK

15 kB

URL HTTP/2
promo.leovegas.com/app.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (51500)
Size
15 kB (14841 bytes)
Hash
ec592e8e4f9763adef6b0b99b3cd7b0e
01d801875af7b18e8192078e990957b880191d03
962058ff21e777eb4c6aa82fbfc08c07aaab0a154ba037be60b82ddbcfcff9f0

HTTP Headers

GET /app.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 142823
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Sat, 03 Dec 2022 00:18:20 GMT
etag: "e391155f546c905dc145726a5e30148f-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWV98THKVVRR4YHCY49Q
x-xss-protection: 1; mode=block
content-length: 14841
X-Firefox-Spdy: h2

promo.leovegas.com/47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js

34.159.168.235

200 OK

6.2 kB

URL HTTP/2
promo.leovegas.com/47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (16666)
Size
6.2 kB (6218 bytes)
Hash
5c4e7e14f8659373e45400cf68c97a41
a2df475919893462415902ab0da086acc4f77033
58b06d80fbd4927e361ce301821f790c35782282eb6943dc9ce6b786ec63b352

HTTP Headers

GET /47c41b0c4f3753646af9b0e10dfd7be6f02b99db.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 142823
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Sat, 03 Dec 2022 00:18:20 GMT
etag: "fe0210bddc69a9d370f7252ffb6e2d9c-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWVGQFZ70T72ERQT1D5R
x-xss-protection: 1; mode=block
content-length: 6218
X-Firefox-Spdy: h2

promo.leovegas.com/7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js

34.159.168.235

200 OK

3.0 kB

URL HTTP/2
promo.leovegas.com/7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (6980)
Size
3.0 kB (3035 bytes)
Hash
1442c155f89fbfcc725b07f77db16a06
42bf52fd3168fbdb9b9cecd0b860f35eb9794887
79806efb78f4a0939c90c46d21bef558b5578b7c89aa27f84b90589dbeac9294

HTTP Headers

GET /7bdf0be5c8efe81cdad9ba3761024df107bef3b0.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 146334
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Fri, 02 Dec 2022 23:19:49 GMT
etag: "387b4e0f783ea29b7d13b832a918079b-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWVGPZQAEE3GW5BAHZQH
x-xss-protection: 1; mode=block
content-length: 3035
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

promo.leovegas.com/component---src-templates-leo-universe-index-jsx.js

34.159.168.235

200 OK

2.4 kB

URL HTTP/2
promo.leovegas.com/component---src-templates-leo-universe-index-jsx.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (5773)
Size
2.4 kB (2414 bytes)
Hash
c57f16f798f8bc3c281b33d6b29ab370
3608bcc2dfdd1261e8c6cd9bf43067a46c2fd8cf
337ee0d4a4c804aa58d7681b79a7e25f01d1b2d29de515ba3c6295632cdee006

HTTP Headers

GET /component---src-templates-leo-universe-index-jsx.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 142823
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Sat, 03 Dec 2022 00:18:20 GMT
etag: "5051e86b9efea68a06b141f1b1eabc7e-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWVK3MCSX3RYQ8EKG1NR
x-xss-protection: 1; mode=block
content-length: 2414
X-Firefox-Spdy: h2

promo.leovegas.com/8e399fed3a6b1522e3959e34b00067a9519e807d.js

34.159.168.235

200 OK

33 kB

URL HTTP/2
promo.leovegas.com/8e399fed3a6b1522e3959e34b00067a9519e807d.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65536), with no line terminators
Size
33 kB (33010 bytes)
Hash
464e51d8049dceec3f4ba74d397009d9
843aba9ccf65310a3656f849667c09c73cf7e2eb
3fb00de7e29f0471f9c3debd72685ae639ba102e6fdef3e40edcd763977bd034

HTTP Headers

GET /8e399fed3a6b1522e3959e34b00067a9519e807d.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 142823
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Sat, 03 Dec 2022 00:18:20 GMT
etag: "082cb5ea1fb285ec162d5641a9b4e1f4-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWVHGZ01698XGFPPYHWF
x-xss-protection: 1; mode=block
content-length: 33010
X-Firefox-Spdy: h2

promo.leovegas.com/page-data/sq/d/2280590532.json

34.159.168.235

200 OK

2.0 kB

URL HTTP/2
promo.leovegas.com/page-data/sq/d/2280590532.json
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , ASCII text, with very long lines (13542), with no line terminators
Size
2.0 kB (1973 bytes)
Hash
ec88262134b19a9bb16f8af3754bdd1c
a19b047fb4bb76664d9feb17807af9815924fdba
654dece32d8cc23ec5163af5cc9e2f779f58a322143171af27095fa0ef7b458b

HTTP Headers

GET /page-data/sq/d/2280590532.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 146334
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Fri, 02 Dec 2022 23:19:49 GMT
etag: "c90f1d18d9026cdd03b789e0b4acea02-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWW5BK7VJ6R0KT3D2FVK
x-xss-protection: 1; mode=block
content-length: 1973
X-Firefox-Spdy: h2

promo.leovegas.com/page-data/app-data.json

34.159.168.235

200 OK

50 B

URL HTTP/2
promo.leovegas.com/page-data/app-data.json
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , ASCII text
Size
50 B (50 bytes)
Hash
26bbc30fb95a59f85a4c4ea44452a800
26ce9c4a4cccd5400d9d6661a8129ba9d90bba28
f813c77f52799503d269af274d016ca0ccb1704c7d08fd408f5f0c31d1cb992c

HTTP Headers

GET /page-data/app-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 146334
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Fri, 02 Dec 2022 23:19:49 GMT
etag: "baa83e032b63fc2db07d7ae42e54e800-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWW547JQT61SNAVF859A
x-xss-protection: 1; mode=block
content-length: 50
X-Firefox-Spdy: h2

promo.leovegas.com/page-data/no/mc-livecasino/page-data.json

34.159.168.235

200 OK

8.9 kB

URL HTTP/2
promo.leovegas.com/page-data/no/mc-livecasino/page-data.json
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (24270), with no line terminators
Size
8.9 kB (8899 bytes)
Hash
fecefa4e0491c66c875f0fdf2ab6ad7d
45b57f46d4a03f601feb7f66faf3b516ac13b79b
2be881ad097ca87ff130a751b4ccd4db4b275e1c3a889375dd9838681ef5fa3d

HTTP Headers

GET /page-data/no/mc-livecasino/page-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 95976
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Sat, 03 Dec 2022 13:19:07 GMT
etag: "1d0a2750ffb3a1a6662744ba5c52d8c0-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWW5NHBANBHXMWNTN448
x-xss-protection: 1; mode=block
content-length: 8899
X-Firefox-Spdy: h2

promo.leovegas.com/05901c0cdc340371e5e64de460e805993147c75a.js

34.159.168.235

200 OK

48 kB

URL HTTP/2
promo.leovegas.com/05901c0cdc340371e5e64de460e805993147c75a.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65438)
Size
48 kB (48084 bytes)
Hash
2075765fe5b4a281b62d3f87c97405af
b93ef945773593f70b576703ea97d67ca45a8cf0
e0ba485fda88ce797e86c5277bcf5af303c544efad34155d2db329dd08686305

HTTP Headers

GET /05901c0cdc340371e5e64de460e805993147c75a.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 146334
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Fri, 02 Dec 2022 23:19:49 GMT
etag: "a1dd66e95c1fdb604484288f009163ac-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWVJWR5856SJEDBVTJG0
x-xss-protection: 1; mode=block
content-length: 48084
X-Firefox-Spdy: h2

promo.leovegas.com/ff324cc4fcad5c37469103212758a68962a91703.js

34.159.168.235

200 OK

107 kB

URL HTTP/2
promo.leovegas.com/ff324cc4fcad5c37469103212758a68962a91703.js
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (65236)
Size
107 kB (106973 bytes)
Hash
25e56047cfcbe1a8eb25ed7bdfb7c8c4
b000898902060b90fd859738e9f6cc085909db41
1e96d59cf77d7687824d4c031e882b00dc55677b4914820b5d2bad8a1bb428a1

HTTP Headers

GET /ff324cc4fcad5c37469103212758a68962a91703.js HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 146334
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/javascript; charset=UTF-8
date: Fri, 02 Dec 2022 23:19:49 GMT
etag: "b2df2a4ac43635c5d0f6fffa00de03fe-ssl-df"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRWVHH36FHEG5B8K7ZB9N
x-xss-protection: 1; mode=block
content-length: 106973
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

promo.leovegas.com/page-data/app-data.json

34.159.168.235

200 OK

50 B

URL HTTP/2
promo.leovegas.com/page-data/app-data.json
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , ASCII text
Size
50 B (50 bytes)
Hash
26bbc30fb95a59f85a4c4ea44452a800
26ce9c4a4cccd5400d9d6661a8129ba9d90bba28
f813c77f52799503d269af274d016ca0ccb1704c7d08fd408f5f0c31d1cb992c

HTTP Headers

GET /page-data/app-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 146334
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: application/json
date: Fri, 02 Dec 2022 23:19:49 GMT
etag: "baa83e032b63fc2db07d7ae42e54e800-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRX17Q1QADSW5YYA5HPRJ
x-xss-protection: 1; mode=block
content-length: 50
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0a63a6c653002f93d6d8e6e1282bd1ea
6dc0648b815204a68980e581cd00d86be34b4830
fa7244a8845005667b1c6af39cff657429b1739109cada1e7fbf612a6b56db71

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5595
Cache-Control: max-age=152587
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:43 GMT
Etag: "638c5ee3-1d7"
Expires: Tue, 06 Dec 2022 10:21:50 GMT
Last-Modified: Sun, 04 Dec 2022 08:48:35 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

promo.leovegas.com/page-data/no/mc-livecasino/page-data.json

34.159.168.235

304 Not Modified

0 B

URL HTTP/2
promo.leovegas.com/page-data/no/mc-livecasino/page-data.json
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /page-data/no/mc-livecasino/page-data.json HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-None-Match: "1d0a2750ffb3a1a6662744ba5c52d8c0-ssl-df"
TE: trailers

HTTP/2 304 Not Modified
cache-control: public, max-age=0, must-revalidate
date: Sun, 04 Dec 2022 15:58:43 GMT
etag: "1d0a2750ffb3a1a6662744ba5c52d8c0-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GKEXRX1JESN911NY0YXGRW96
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.148.53.106

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.53.106:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gtnvr0TUyvh/qrnfngtrIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HxpaEGbDOGk3x40MHrxhZIV/318=

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0a63a6c653002f93d6d8e6e1282bd1ea
6dc0648b815204a68980e581cd00d86be34b4830
fa7244a8845005667b1c6af39cff657429b1739109cada1e7fbf612a6b56db71

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5595
Cache-Control: max-age=152587
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:43 GMT
Etag: "638c5ee3-1d7"
Expires: Tue, 06 Dec 2022 10:21:50 GMT
Last-Modified: Sun, 04 Dec 2022 08:48:35 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

d33wubrfki0l68.cloudfront.net/c818ec80d6e62941b42b67882bad573e7368d801/c4d7c/static/leovegas-casino-logo-303a40e8ff4725493d0d2eac998219ea.png

143.204.42.80

200 OK

24 kB

URL HTTP/2
d33wubrfki0l68.cloudfront.net/c818ec80d6e62941b42b67882bad573e7368d801/c4d7c/static/leovegas-casino-logo-303a40e8ff4725493d0d2eac998219ea.png
IP
143.204.42.80:0
ASN
#16509 AMAZON-02

File type
PNG image data, 385 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (24411 bytes)
Hash
303a40e8ff4725493d0d2eac998219ea
c818ec80d6e62941b42b67882bad573e7368d801
0163e1e689f26f9d4162e1d731525521a975eb299449ecc789e7c6d335f78e85

HTTP Headers

GET /c818ec80d6e62941b42b67882bad573e7368d801/c4d7c/static/leovegas-casino-logo-303a40e8ff4725493d0d2eac998219ea.png HTTP/1.1
Host: d33wubrfki0l68.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 24411
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31556926
date: Tue, 09 Aug 2022 12:22:43 GMT
etag: 47262b62fb231e87722d31776845e7499242a80d
server: Netlify
x-nf-request-id: 01GA18XAERW43J32K8E2PBQ65P
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PfkAK6Z3YXhu7_bJRSKzHDuKhE6JpwoBoAgugR6o-28RxWBMC96KQA==
age: 10121761
X-Firefox-Spdy: h2

promo.leovegas.com/favicons/apple-touch-icon-180x180.png

34.159.168.235

200 OK

39 kB

URL HTTP/2
promo.leovegas.com/favicons/apple-touch-icon-180x180.png
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
39 kB (39348 bytes)
Hash
1d677d2696a6decac62f6ae6702110e6
330819e2d40298fe76abf3b0a5b94365e48f043e
80ffeb0c1602f33c10915cee07509fd9bc89368bb7d423cd586c684aed55ce0a

HTTP Headers

GET /favicons/apple-touch-icon-180x180.png HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 142317
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: image/png
date: Sat, 03 Dec 2022 00:26:47 GMT
etag: "bd6a26674a3b22b624e57beaa0e264ce-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRX59XPJQV2YZ25WXSEJ6
x-xss-protection: 1; mode=block
content-length: 39348
X-Firefox-Spdy: h2

promo.leovegas.com/favicons/favicon-16x16.png

34.159.168.235

200 OK

950 B

URL HTTP/2
promo.leovegas.com/favicons/favicon-16x16.png
IP
34.159.168.235:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
950 B (950 bytes)
Hash
a4d8c288ccfff5eed3db7050117eb6a5
4873ff662ffd8fed661fac12bf2edb25188a2d4e
710d82b385bbc48af160251f0b4444b7065d8bc6df0afaaa13fbf2e04356fe0d

HTTP Headers

GET /favicons/favicon-16x16.png HTTP/1.1
Host: promo.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.leovegas.com/no/mc-livecasino?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 146333
cache-control: public, max-age=0, must-revalidate
content-security-policy: frame-ancestors 'self' https://optimize.google.com
content-type: image/png
date: Fri, 02 Dec 2022 23:19:50 GMT
etag: "c1bceb1f74a704a9483fd657a223776e-ssl"
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-nf-request-id: 01GKEXRX5D4J3D3ZSA38H3KJPE
x-xss-protection: 1; mode=block
content-length: 950
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/gtm/optimize.js?id=OPT-K5XRHTM

142.250.74.110

200 OK

47 kB

URL HTTP/2
www.google-analytics.com/gtm/optimize.js?id=OPT-K5XRHTM
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2698)
Size
47 kB (46839 bytes)
Hash
aed5a76d1528b2e49ceb3c8ecaeb8d0a
b2c1d0142aa7ced8bec2abe4615287deb61dd845
5309f6d8de4c10a36da0504dd8f0e6c4634ed4cb5f7b5e33613c5cac9c87ff82

HTTP Headers

GET /gtm/optimize.js?id=OPT-K5XRHTM HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 15:58:43 GMT
expires: Sun, 04 Dec 2022 15:58:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

78 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
78 kB (78124 bytes)
Hash
8a16ccfcdad293e96a8c3c136c10deb6
c1e050f7d4dccf0c25f6215a56d9f805fe3fde90
82e26c0c1e6d8424280789943f87191ac41ba5e3afb40d02128cfb2167621301

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

143.204.55.118

200 OK

1.1 kB

URL HTTP/2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
143.204.55.118:0
ASN
#16509 AMAZON-02

File type
data
Size
1.1 kB (1125 bytes)
Hash
829a253e4f6f8acbce562ed115651f10
2883ee68b0b888f0ccd3e216374f969cd736d983
987fd4c704413483a00c189e2b237603cfb3e53642f589a2eddb91ca9f2f74df

HTTP Headers

GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vZ59_lE_-m-Qk5m5ofanVoUvCHAWQX_bz54q4vwf3sSc5ArJElCFUQ==
age: 960517
X-Firefox-Spdy: h2

script.hotjar.com/modules.90de377b639fd5b933d2.js

143.204.55.96

200 OK

89 kB

URL HTTP/2
script.hotjar.com/modules.90de377b639fd5b933d2.js
IP
143.204.55.96:0
ASN
#16509 AMAZON-02

File type
data
Size
89 kB (88576 bytes)
Hash
9fa3bc05d9b89c6d6db2704143a1dafb
ab47ee2c00f5c3f3a37f6b94f04cdfd07ecd3e52
e76e7f5e74bfedd6dc2cd1fdf9d472970d61d9c8208b1b3a488f55079ad38d48

HTTP Headers

GET /modules.90de377b639fd5b933d2.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68504
date: Thu, 01 Dec 2022 13:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8766036825574dfbddbfc197bd098f6b"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IAb1VKK3oq-xnZ2aMWSs5Q3XELBP5Y8xAp1axNk6Hg-r_yhGy__JgQ==
age: 267697
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
794d2423f95f10174a398a035a05a700
add6d91cc265ab82db3912e51b38db1e88691493
e3cc6cc02f1ffa0bf1310190e4dd11dc2751fe09cfb2855a4dcba6cd286476f2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3CC6CC02F1FFA0BF1310190E4DD11DC2751FE09CFB2855A4DCBA6CD286476F2"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14173
Expires: Sun, 04 Dec 2022 19:54:57 GMT
Date: Sun, 04 Dec 2022 15:58:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
794d2423f95f10174a398a035a05a700
add6d91cc265ab82db3912e51b38db1e88691493
e3cc6cc02f1ffa0bf1310190e4dd11dc2751fe09cfb2855a4dcba6cd286476f2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3CC6CC02F1FFA0BF1310190E4DD11DC2751FE09CFB2855A4DCBA6CD286476F2"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14173
Expires: Sun, 04 Dec 2022 19:54:57 GMT
Date: Sun, 04 Dec 2022 15:58:44 GMT
Connection: keep-alive

images.ctfassets.net/kijvoxi4q0zn/2iAjKx7BVB0peDlsYR6ZWZ/25d3852a638962f07b3a309c578fb221/LV_LP_desktop_LiveCasino_LPupdate_NO_Affiliates_D90196_RF_102022.jpg?w=1920&h=1080&q=50&fm=webp

54.230.111.2

200 OK

94 kB

URL HTTP/2
images.ctfassets.net/kijvoxi4q0zn/2iAjKx7BVB0peDlsYR6ZWZ/25d3852a638962f07b3a309c578fb221/LV_LP_desktop_LiveCasino_LPupdate_NO_Affiliates_D90196_RF_102022.jpg?w=1920&h=1080&q=50&fm=webp
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
94 kB (93882 bytes)
Hash
7ae24e8aa6154835684d65e7a288af63
470b516dc32dd2cf03260e98a56ee035479bfd80
5daea65e65c03202b0aa2ca21fadab1ea769abe71de3b0ae294f9fc803b04122

HTTP Headers

GET /kijvoxi4q0zn/2iAjKx7BVB0peDlsYR6ZWZ/25d3852a638962f07b3a309c578fb221/LV_LP_desktop_LiveCasino_LPupdate_NO_Affiliates_D90196_RF_102022.jpg?w=1920&h=1080&q=50&fm=webp HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
content-length: 93882
last-modified: Fri, 11 Nov 2022 12:43:16 GMT
server: Contentful Images API
access-control-allow-origin: *
date: Sun, 04 Dec 2022 05:14:32 GMT
cache-control: max-age=31536000
etag: "7ae24e8aa6154835684d65e7a288af63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FD8DiHWtNl_uqhVFojN6gWzYK-br0pfkQYGJUCq9ZjfkpA4SZfShUw==
age: 38652
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=5faf3685-094d-4e7c-ab26-dc0e185e663c&jid=1287899117&_v=j98&z=1340839863

142.250.74.132

302 Found

0 B

URL HTTP/2
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=5faf3685-094d-4e7c-ab26-dc0e185e663c&jid=1287899117&_v=j98&z=1340839863
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=5faf3685-094d-4e7c-ab26-dc0e185e663c&jid=1287899117&_v=j98&z=1340839863 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 15:58:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=5faf3685-094d-4e7c-ab26-dc0e185e663c&jid=1287899117&_v=j98&z=1340839863&slf_rd=1&random=1217609049
access-control-allow-origin: null
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=5faf3685-094d-4e7c-ab26-dc0e185e663c&jid=1287899117&_v=j98&z=1340839863&slf_rd=1&random=1217609049

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=5faf3685-094d-4e7c-ab26-dc0e185e663c&jid=1287899117&_v=j98&z=1340839863&slf_rd=1&random=1217609049
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-30&cid=5faf3685-094d-4e7c-ab26-dc0e185e663c&jid=1287899117&_v=j98&z=1340839863&slf_rd=1&random=1217609049 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 15:58:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-origin: null
access-control-allow-credentials: true
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9093
Expires: Sun, 04 Dec 2022 18:30:17 GMT
Date: Sun, 04 Dec 2022 15:58:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9093
Expires: Sun, 04 Dec 2022 18:30:17 GMT
Date: Sun, 04 Dec 2022 15:58:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9093
Expires: Sun, 04 Dec 2022 18:30:17 GMT
Date: Sun, 04 Dec 2022 15:58:44 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13554
Expires: Sun, 04 Dec 2022 19:44:38 GMT
Date: Sun, 04 Dec 2022 15:58:44 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4666 bytes)
Hash
c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 65683
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16143 bytes)
Hash
14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 30723
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10431 bytes)
Hash
2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 65498
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8315 bytes)
Hash
db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 65157
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 65166
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11482 bytes)
Hash
1521243a6fc065bb631bfbde22886fa2
527220e4e8cd1065ce05fcd0694d0d703d817e2e
b83ebf768bbfb34f49d5467f3dfb43ceb3ca3d30d3454e6f37db9aef72d7689a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11482
x-amzn-requestid: d1db05ab-bd5d-4ad4-96b4-8f439152e435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNEeAoAMFh_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-0221c53842a2f5ef071e8071;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t1vmY4fBoLpFjqHbLyMewgUrpvRjqG4QTAuA4BeB4Gl2jqbxI0gYQA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:08 GMT
age: 65316
etag: "527220e4e8cd1065ce05fcd0694d0d703d817e2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0fa0fcbee72980e311f77902356246e3
e7dd914c5ba25e42dc0619664c2ba248e79d8939
de46ce9d7c70c78f414421d4d781a4b0404cb5674c4331c5ea560a21cdd2e2a1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3663
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 15:58:49 GMT
Last-Modified: Sun, 04 Dec 2022 14:57:46 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD

34.107.236.224

200 OK

0 B

URL HTTP/2
sgtm.leovegas.com/gtm.js?id=GTM-WGS5KD
IP
34.107.236.224:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /gtm.js?id=GTM-WGS5KD HTTP/1.1
Host: sgtm.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670163096.1.0.1670163100.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.23.2
date: Sun, 04 Dec 2022 15:58:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=900
expires: Sun, 04 Dec 2022 16:12:56 GMT
last-modified: Sun, 04 Dec 2022 15:00:00 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

leo-promo-redirect-service.leo-prod-common.lvg-tech.net/_geofetch

34.117.190.191

200 OK

0 B

URL HTTP/2
leo-promo-redirect-service.leo-prod-common.lvg-tech.net/_geofetch
IP
34.117.190.191:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_geofetch HTTP/1.1
Host: leo-promo-redirect-service.leo-prod-common.lvg-tech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.leovegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
access-control-max-age: 3600
content-type: application/json
date: Sun, 04 Dec 2022 15:58:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.leovegas.com/set-affiliate-domain-cookie?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362&lobby=livecasino

107.154.248.168

200 OK

0 B

URL HTTP/2
www.leovegas.com/set-affiliate-domain-cookie?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362&lobby=livecasino
IP
107.154.248.168:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /set-affiliate-domain-cookie?btag=100665320_0C19C68980B5440CB0E6D7FFE5474001&rdk=rk1&pid=3748557&bid=13362&lobby=livecasino HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: leo-essentials=%7B%22cid%22%3A%225faf3685-094d-4e7c-ab26-dc0e185e663c%22%7D; _ga=GA1.1.5faf3685-094d-4e7c-ab26-dc0e185e663c; leobtag=0_4718248421B643DE9FC26D62BB2C45B5; leonrpid=0; leonrbid=1; leonrmeta=[]; visid_incap_846569=GgvldNHXSmqDlPUzxNM7L5WqjGMAAAAAQUIPAAAAAADZDY6CgeUjLKHel72KGG3f; data=82590fd9b762ac5075e33913ccbb2846; _gid=GA1.2.906868131.1670163096; _ga_R99CHBN90V=GS1.1.1670169521.2.0.1670169521.0.0.0; _gcl_au=1.1.369370431.1670163097; FPLC=Xcv9CrlLm2X3HNHY8FQwXnRA5WJm62JlD2Vlz1XZOg3O%2FZN6BsCR0VLD7vUrtgUsOsjzS6EPQCG0hPzyqIhRuVgZOJlH26N6G%2FSMNEyaFmbY4co%3D; FPID=FPID2.2.7WCIrqgLLpn5jv1ZHEcAvOrHKOfoOzEygURLdVAwzqo%3D; _fbp=fb.1.1670163097426.627902066; _hjSessionUser_380080=eyJpZCI6ImM3M2MzY2M2LWY3NTktNTVhMC1iZDZkLTAzZThhNzE1NzdiNSIsImNyZWF0ZWQiOjE2NzAxNjMwOTczODEsImV4aXN0aW5nIjpmYWxzZX0=; afUserId=bfe00829-f982-4e24-8814-0c1e90563ae6-p; AF_SYNC=1670163097619; NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3748557%2c%22BID%22%3a13362%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670169522580)%5c%2f%22%2c%22CookieTag%22%3a%22133623748557451240919C20221241558%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222738225650%7c1%22%7d%5d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 15:58:49 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
set-cookie: leobtag=100665320_0C19C68980B5440CB0E6D7FFE5474001; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrpid=3748557; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrbid=13362; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrmeta=[{"value":"rk1","key":"rdk"},{"value":"livecasino","key":"lobby"}]; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
nlbi_846569=HwxxPdPy5FOnjwUBTJV9qQAAAABKYtX8cQf6uaLz3lNBsVt1; path=/; Domain=.leovegas.com; Secure; SameSite=None
incap_ses_722_846569=9F7vQfKMLX2MuOnrFxAFCrjDjGMAAAAAy279x3Ufi4CumXuuEIYRTg==; path=/; Domain=.leovegas.com; Secure; SameSite=None
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cdn: Imperva
x-iinfo: 14-104749906-104746026 PNNy RT(1670169528862 33) q(0 0 0 0) r(1 1) U12
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Roboto+Slab:wght@400;700&family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 15:58:43 GMT
date: Sun, 04 Dec 2022 15:58:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (102)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP