leon26.casino Open in urlscan Pro
167.172.41.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://leon26.casino/
Submission: On June 21 via automatic, source certstream-suspicious (June 21st 2023, 2:13:54 pm UTC) — Scanned from NO

Summary HTTP 167 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 57 IPs in 11 countries across 66 domains to perform 167 HTTP transactions. The main IP is 167.172.41.42, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is leon26.casino.
TLS certificate: Issued by R3 on June 21st 2023. Valid for: 3 months.

This is the only time leon26.casino was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	167.172.41.42 167.172.41.42	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
58	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:2c:... 2a02:26f0:2c::216:f2c9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	88.214.195.87 88.214.195.87	46636 (NATCOWEB) (NATCOWEB)
1	2600:9000:214... 2600:9000:214f:fa00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
1	2400:52e0:1e0... 2400:52e0:1e00::860:1	200325 (BUNNYCDN) (BUNNYCDN)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	35.157.224.17 35.157.224.17	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	109.169.10.207 109.169.10.207	20860 (IOMART-AS) (IOMART-AS)
1	34.120.139.69 34.120.139.69	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.201.99 35.186.201.99	15169 (GOOGLE) (GOOGLE)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 4	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
9 9	3.71.228.5 3.71.228.5	16509 (AMAZON-02) (AMAZON-02)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	52.58.93.190 52.58.93.190	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	35.156.251.164 35.156.251.164	16509 (AMAZON-02) (AMAZON-02)
1 14	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 2	99.80.180.155 99.80.180.155	16509 (AMAZON-02) (AMAZON-02)
1	23.206.20.27 23.206.20.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	2.16.238.158 2.16.238.158	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	212.57.20.61 212.57.20.61	34984 (TELLCOM-AS) (TELLCOM-AS)
2 2	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
2 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
1 1	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	23.218.208.209 23.218.208.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	99.80.64.147 99.80.64.147	16509 (AMAZON-02) (AMAZON-02)
2	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	34.240.185.96 34.240.185.96	16509 (AMAZON-02) (AMAZON-02)
1	52.218.105.114 52.218.105.114	16509 (AMAZON-02) (AMAZON-02)
1 1	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	217.79.187.68 217.79.187.68	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	52.213.184.195 52.213.184.195	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.66.72 65.9.66.72	16509 (AMAZON-02) (AMAZON-02)
2 3	54.237.77.135 54.237.77.135	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.48.195.8 52.48.195.8	16509 (AMAZON-02) (AMAZON-02)
1 1	52.30.157.48 52.30.157.48	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	3.127.111.154 3.127.111.154	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.182 216.46.185.182	13649 (ASN-VINS) (ASN-VINS)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2600:9000:205... 2600:9000:2057:5000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
167	57

20 167.172.41.42 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

leon26.casino	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

mrspeedtime.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnimages3.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:2c::216:f2c9 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tm.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.195.87 (United Kingdom)

ASN46636 (NATCOWEB, US)

track.leonretarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:fa00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::860:1 (Germany)

ASN200325 (BUNNYCDN, SI)

dsp-media.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o237537.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.224.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-224-17.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.169.10.207 (United Kingdom)

ASN20860 (IOMART-AS, GB)

leoncas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.139.69 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.139.120.34.bc.googleusercontent.com

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.201.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.201.186.35.bc.googleusercontent.com

dsp-ap.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

20828756p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (Staten Island, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

11843672.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.71.228.5 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-228-5.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.93.190 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-93-190.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.251.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-251-164.eu-central-1.compute.amazonaws.com

eu.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.157.3.29 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.180.155 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-180-155.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.20.27 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-20-27.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.153 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.158 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-158.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.57.20.61 (Antakya, Turkey)

ASN34984 (TELLCOM-AS, TR)
PTR: host-212-57-20-61.reverse.superonline.net

prebid.serve.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.122 (Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.53 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-209.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.64.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-64-147.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.185.96 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-185-96.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.105.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.80.231 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.187.68 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm42.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.184.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-184-195.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-72.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.237.77.135 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-77-135.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.195.8 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-195-8.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.157.48 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-157-48.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.111.154 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-111-154.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.182 (Littleton, United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:5000:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.21 (United States) 1 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	gcdn.co mrspeedtime.gcdn.co cdnimages3.gcdn.co	2 MB
20	leon26.casino leon26.casino	528 KB
17	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 6490 track.adform.net — Cisco Umbrella Rank: 3621 c1.adform.net — Cisco Umbrella Rank: 635 dmp.adform.net — Cisco Umbrella Rank: 3522	43 KB
9	bidswitch.net 9 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	4 KB
6	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3239	76 KB
5	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 476 ib.adnxs.com — Cisco Umbrella Rank: 249	5 KB
4	semasio.net 4 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1332 se.semasio.net — Cisco Umbrella Rank: 22310	2 KB
4	casalemedia.com 2 redirects dsum.casalemedia.com — Cisco Umbrella Rank: 1634 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	3 KB
4	doubleclick.net 3 redirects 11843672.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 244	2 KB
4	gstatic.com fonts.gstatic.com	63 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2906	2 KB
3	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 2994	1 KB
3	sportradarserving.com 1 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2903 eu.sportradarserving.com — Cisco Umbrella Rank: 64559	3 KB
3	eskimi.com dsp-media.eskimi.com — Cisco Umbrella Rank: 40379 dsp-trk.eskimi.com — Cisco Umbrella Rank: 36579 dsp-ap.eskimi.com — Cisco Umbrella Rank: 38718	4 KB
3	sportradar.com tm.ads.sportradar.com — Cisco Umbrella Rank: 51038 tracker.ads.sportradar.com — Cisco Umbrella Rank: 52888	72 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	191 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	3 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 513	1 KB
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 805	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12988	628 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1012	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	529 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 653	646 B
2	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1145	835 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 340	490 B
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 656 pixel.rubiconproject.com — Cisco Umbrella Rank: 381	453 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 662	853 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 618	717 B
2	leoncas.com leoncas.com	574 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1832	306 B
2	leonretarget.com track.leonretarget.com	1 KB
1	google.no adservice.google.no — Cisco Umbrella Rank: 147689	515 B
1	sojern.com pixel.sojern.com — Cisco Umbrella Rank: 7038	162 B
1	e-volution.ai 1 redirects sync.e-volution.ai — Cisco Umbrella Rank: 3357	464 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 421	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 31777	49 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1088	99 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1404	279 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 434	1 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 2381	72 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1651	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 533	492 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 27644	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 761	472 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 637	338 B
1	adsafety.net cm.adsafety.net — Cisco Umbrella Rank: 18411	229 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3499	419 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 34432	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2623	273 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 948	266 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 426	98 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1685	324 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1137	344 B
1	admatic.com.tr prebid.serve.admatic.com.tr — Cisco Umbrella Rank: 77598	563 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 617	638 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615	669 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3918	400 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 107	664 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 30121	467 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281	378 B
1	rfihub.com 1 redirects 20828756p.rfihub.com	605 B
1	sentry.io o237537.ingest.sentry.io	301 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5518	6 KB
0	1dmp.io Failed sync.1dmp.io Failed
167	66

	Domain	Requested by
37	mrspeedtime.gcdn.co	leon26.casino mrspeedtime.gcdn.co
21	cdnimages3.gcdn.co
20	leon26.casino	mrspeedtime.gcdn.co
11	c1.adform.net	1 redirects track.adform.net c1.adform.net
9	x.bidswitch.net	9 redirects
6	mc.yandex.ru	1 redirects mrspeedtime.gcdn.co
4	secure.adnxs.com	2 redirects c1.rfihub.net c1.adform.net
4	fonts.gstatic.com	fonts.googleapis.com
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	ih.adscale.de	2 redirects
3	www.googletagmanager.com	leon26.casino www.googletagmanager.com
3	fonts.googleapis.com	leon26.casino mrspeedtime.gcdn.co
2	pixel.tapad.com	2 redirects
2	s.ad.smaato.net	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	match.adsrvr.org	c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	pixel.mathtag.com	c1.adform.net
2	se.semasio.net	2 redirects
2	uipglob.semasio.net	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	ad.360yield.com	1 redirects c1.adform.net
2	sync.1rx.io	2 redirects
2	dsum.casalemedia.com	1 redirects
2	11843672.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	track.adform.net	s2.adform.net
2	leoncas.com	mrspeedtime.gcdn.co
2	region1.google-analytics.com	www.googletagmanager.com
2	a.sportradarserving.com	1 redirects
2	tracker.ads.sportradar.com	tm.ads.sportradar.com tracker.ads.sportradar.com
2	track.leonretarget.com	www.googletagmanager.com
1	adservice.google.no	adservice.google.com
1	pixel.sojern.com	c1.adform.net
1	pixel.rubiconproject.com	c1.adform.net
1	sync.e-volution.ai	1 redirects
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	sync.taboola.com	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.adsafety.net	c1.adform.net
1	pixel.onaudience.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	loadm.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	ib.adnxs.com	1 redirects
1	prebid.serve.admatic.com.tr	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	adservice.google.com	11843672.fls.doubleclick.net
1	server.seadform.net
1	eu.sportradarserving.com
1	sync.targeting.unrulymedia.com
1	20828756p.rfihub.com	1 redirects
1	dsp-ap.eskimi.com	mrspeedtime.gcdn.co
1	dsp-trk.eskimi.com	mrspeedtime.gcdn.co
1	o237537.ingest.sentry.io	mrspeedtime.gcdn.co
1	dsp-media.eskimi.com	leon26.casino
1	s2.adform.net	leon26.casino
1	c1.rfihub.net	leon26.casino
1	tm.ads.sportradar.com	leon26.casino
0	sync.1dmp.io Failed	c1.adform.net
167	79

This site contains links to these domains. Also see Links.

Domain
affiliates.lbaffiliates.com
leon.bet

Subject Issuer	Validity	Valid
leon26.casino R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gcdn.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-07-01` - `2023-07-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tracker.ads.sportradar.com R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.leonretarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-17` - `2024-01-17`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M01	`2023-02-24` - `2023-12-29`	10 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2023-03-20` - `2024-04-12`	a year	crt.sh
ingest.sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh
leoncas.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-06` - `2024-01-06`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adsafety.net R3	`2023-06-05` - `2023-09-03`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ib-ibi.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-02`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
*.google.no GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh

This page contains 6 frames:

Primary Page: https://leon26.casino/
Frame ID: 68DBCF93DBAA7BB1AD3B1F1840888D2B
Requests: 118 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252Fleon26.casino%252F%26pf%3D
Frame ID: 15B1CA3DDCAC431D98B5310D6D5BDEE5
Requests: 1 HTTP requests in this frame

Frame: https://11843672.fls.doubleclick.net/activityi;dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fleon26.casino%2F
Frame ID: 1F8B54E76661591140E4731650FB4F59
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Frame ID: D3ED12C8F2094E802187D05306EF4689
Requests: 47 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fleon26.casino%2F
Frame ID: 457C0D15129944C589CEC202FA922959
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.no/ddm/fls/i/dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fleon26.casino%2F
Frame ID: 27EADDB536B356F016889268AEF374BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Casino & Sportsbook | Quick & Easy Sports Bets at Leon

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

167
Requests

84 %
HTTPS

16 %
IPv6

66
Domains

79
Subdomains

57
IPs

11
Countries

2737 kB
Transfer

8697 kB
Size

96
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://affiliates.lbaffiliates.com/
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://leon.bet/blog/forecasts/
Title: Sports tips & forecasts

Search URL Search Domain Scan URL

URL: https://leon.bet/blog/
Title: Blog

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235 HTTP 302
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235

Request Chain 65

https://20828756p.rfihub.com/ca.html?ver=9&rb=43197&ca=20828756&_o=43197&_t=20828756&pe=https%3A%2F%2Fleon26.casino%2F&pf=&ra=9539335684459946 HTTP 302
https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2Fleon26.casino%2F&pf= HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252Fleon26.casino%252F%26pf%3D

Request Chain 68

https://11843672.fls.doubleclick.net/activityi;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fleon26.casino%2F HTTP 302
https://11843672.fls.doubleclick.net/activityi;dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fleon26.casino%2F

Request Chain 87

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=73aa36f4-df41-427b-91e5-669e45165560 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=73aa36f4-df41-427b-91e5-669e45165560 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=83450786-b27b-4a14-a728-cbd5356738f2&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=83450786-b27b-4a14-a728-cbd5356738f2&gdpr=&gdpr_consent=&us_privacy=&C=1

Request Chain 88

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=6dd31154-e979-4430-89e6-5b42f278cec5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=6dd31154-e979-4430-89e6-5b42f278cec5 HTTP 302
https://ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=83450786-b27b-4a14-a728-cbd5356738f2&gdpr=&gdpr_consent=

Request Chain 89

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=19e6b691-bbbe-43ac-9914-c5a2162b6f15 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=19e6b691-bbbe-43ac-9914-c5a2162b6f15 HTTP 302
https://sync.1rx.io/usersync/bidswitch/83450786-b27b-4a14-a728-cbd5356738f2?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/83450786-b27b-4a14-a728-cbd5356738f2?zcc=1&cb=1687356829309 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-626079d5-5023-451c-9b5a-5d1da3332ab9-003

Request Chain 90

https://x.bidswitch.net/syncd?dsp_id=409&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP 302
https://eu.sportradarserving.com/bsw_sync?bsw_uid=83450786-b27b-4a14-a728-cbd5356738f2

Request Chain 114

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=1949462838072400481&Expiration=1688566429 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1949462838072400481&Expiration=1688566429

Request Chain 117

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1949462838072400481&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1949462838072400481&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=a3966ba4b3e4484da4fd271e02b9cd1e HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=d00bb93d5b18fc134c6e03b0fcc60fbfebe5b36171c6aaf6628578a95ee63b3a

Request Chain 118

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=1949462838072400481&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=4163618529311602163

Request Chain 119

https://ups.analytics.yahoo.com/ups/55944/sync?uid=1949462838072400481&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=1949462838072400481&_origin=1&verify=true

Request Chain 121

https://x.bidswitch.net/sync?dsp_id=70&user_id=1949462838072400481 HTTP 302
https://prebid.serve.admatic.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=${BSW_UUID}&dsp_uuid=&dsp_id=

Request Chain 122

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1949462838072400481&expiration=1688566429 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1949462838072400481&expiration=1688566429&C=1

Request Chain 123

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=1949462838072400481&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=1949462838072400481&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=1949462838072400481&gdpr=&sInitiator=external HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=6863867119751714503&sInitiator=internal&gdpr= HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal

Request Chain 130

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 131

https://pixel.onaudience.com/?mapped=1949462838072400481&partner=68 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTk0OTQ2MjgzODA3MjQwMDQ4MQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECLvMjoBYmPwSIn3gGfuaiE&google_cver=1&google_ula=1641347,0

Request Chain 135

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=6863867119751714503&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=1949462838072400481

Request Chain 139

https://a.audrte.com/a?adform_uid=1949462838072400481 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmNtVG9Eck1GcGxUU21RVHlsMWVOTU0yQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 140

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1949462838072400481&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=1949462838072400481&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=83669974676506073782534251710276068673&noredirect=1

Request Chain 141

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=1949462838072400481 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219623204554003279966

Request Chain 142

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7247142401535309964

Request Chain 145

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=edgddfq31QbYAK5

Request Chain 149

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=700090222 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Lj5OONSASr7Z.zdNusq0le

Request Chain 152

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=1949462838072400481 HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=1949462838072400481&cookieCheck=1 HTTP 302
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=660c4336

Request Chain 153

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=1949462838072400481&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=1949462838072400481&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=8edc7f5e-1afd-4535-905a-c9d4b0f1e04a

Request Chain 156

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=1949462838072400481 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 163

https://mc.yandex.ru/watch/71598811?wmode=7&page-url=https%3A%2F%2Fleon26.casino%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1121213492627%3Ahid%3A107702223%3Az%3A0%3Ai%3A20230621141351%3Aet%3A1687356832%3Ac%3A1%3Arn%3A548959180%3Arqn%3A1%3Au%3A1687356832862797383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C160%2C108%2C33%2C0%2C0%2C%2C261%2C0%2C1063%2C1063%2C0%2C881%3Aco%3A0%3Acpf%3A1%3Ans%3A1687356826069%3Arqnl%3A1%3Ast%3A1687356832%3At%3AOnline%20Casino%20%26%20Sportsbook%20%7C%20Quick%20%26%20Easy%20Sports%20Bets%20at%20Leon&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/71598811/1?wmode=7&page-url=https%3A%2F%2Fleon26.casino%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1121213492627%3Ahid%3A107702223%3Az%3A0%3Ai%3A20230621141351%3Aet%3A1687356832%3Ac%3A1%3Arn%3A548959180%3Arqn%3A1%3Au%3A1687356832862797383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C160%2C108%2C33%2C0%2C0%2C%2C261%2C0%2C1063%2C1063%2C0%2C881%3Aco%3A0%3Acpf%3A1%3Ans%3A1687356826069%3Arqnl%3A1%3Ast%3A1687356832%3At%3AOnline%20Casino%20%26%20Sportsbook%20%7C%20Quick%20%26%20Easy%20Sports%20Bets%20at%20Leon&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

167 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
leon26.casino/ 21 KB
9 KB 276ms
108ms Document
text/html 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

67b008bdc8d9527476cce9e9d57af49a0504cd697c8ec84c385ce5ce25be999f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 21 Jun 2023 14:13:46 GMT
expires: 0
link: <https://eun1.fptls.com>; rel="dns-prefetch", <https://cdnimages3.gcdn.co>; rel="preconnect"; crossorigin=anonymous, <https://fonts.gstatic.com>; rel="preconnect"; crossorigin=anonymous, <https://leoncas.com>; rel="dns-prefetch", <https://mc.yandex.ru>; rel="dns-prefetch", <https://mrspeedtime.gcdn.co>; rel="preconnect"; crossorigin=anonymous, <https://eun1.fptls2.com>; rel="dns-prefetch", <https://fonts.googleapis.com>; rel="preconnect"; crossorigin=anonymous
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 252ms
86ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Requested by

Host: leon26.casino
URL: https://leon26.casino/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4502c04a231c443378a1831d10a35177e7ee514d37c390a7512e5f0dc24c1398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 14:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 14:13:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 14:13:46 GMT

GET
H2 200 webpack.5a335c8c.js Show response
mrspeedtime.gcdn.co/js/ 39 KB
7 KB 232ms
74ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/webpack.5a335c8c.js
Requested by: Host: leon26.casino
URL: https://leon26.casino/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2d70f850c4dc6ee282b172bddce2a38d8b53a3fb239176fe89a840a88dfdfd38

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:46 GMT
content-encoding: br
x-cached-since: 2023-06-20T18:00:12+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 7302
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-1c86"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors.ffe3bb03.js Show response
mrspeedtime.gcdn.co/js/ 394 KB
110 KB 83ms
82ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/vendors.ffe3bb03.js
Requested by: Host: leon26.casino
URL: https://leon26.casino/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 692b5e9c679d96fccf218db8919bdd3c10294117cdadeaabcd3ece66e195cd69

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:46 GMT
content-encoding: br
x-cached-since: 2023-06-20T18:11:18+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 111963
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-1b55b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.d2d886b7.js Show response
mrspeedtime.gcdn.co/js/ 1 MB
209 KB 91ms
90ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Requested by: Host: leon26.casino
URL: https://leon26.casino/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4281e9660b3be574a212a49a17acc3967e83b21133eaf94b63e22eb96145e519

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:46 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:30:11+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 214123
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-3446b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 initial-styles.6bceb107.css
mrspeedtime.gcdn.co/css/ 193 KB
21 KB 240ms
83ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/css/initial-styles.6bceb107.css
Requested by: Host: leon26.casino
URL: https://leon26.casino/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 19ed5f0efb846d80590ba2b2dba05feaeee55605c28545f62d565416ddac35b7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:46 GMT
content-encoding: br
x-cached-since: 2023-06-20T13:29:45+00:00
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
content-length: 20919
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-51b7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
616 B 243ms
86ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;900&display=swap

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/css/initial-styles.6bceb107.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4126f7396d5bf3b156fed003736fb5c4c980ccabd3b241da33518975d8ee550f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://mrspeedtime.gcdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 14:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 14:12:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 14:13:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 237ms
75ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 489460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 22:16:07 GMT

GET
H2 200 async-vendors.fec7c5dc.js Show response
mrspeedtime.gcdn.co/js/ 299 KB
79 KB 77ms
77ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ddbc8df5627f88741cc16e4372b28745dde0971b3ed29c1deba766c0b425dad6

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:46 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:30:11+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 80610
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-13ae2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 api-1 Show response
leon26.casino/ 85 KB
19 KB 218ms
218ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e5dcba698bebaed84d83c7d1769936de26577d8f2033226ea004aea97debdc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-browser: chrome
x-app-version: 6.65.0
x-app-os: windows
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://leon26.casino/
x-app-modernity: 2019
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: no-NO
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 time Show response
leon26.casino/api-2/ 13 B
347 B 101ms
101ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-2/time

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7db8bcdbd969e3238d7b0742d0f4a4fdf4c4c532ef0ad1bff29dc9afe7ca4122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-browser: chrome
x-app-version: 6.65.0
x-app-os: windows
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://leon26.casino/
x-app-modernity: 2019
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

POST
H2 200 api-1 Show response
leon26.casino/ 141 KB
31 KB 303ms
302ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

595f73ca8877a713867c65320f3b7dd1a373f6c2fdb42cfb641b709d3cbafba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-browser: chrome
x-app-version: 6.65.0
x-app-os: windows
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://leon26.casino/
x-app-modernity: 2019
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: no-NO
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
59 KB 264ms
95ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Requested by

Host: leon26.casino
URL: https://leon26.casino/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78745761a332d80364fcd82b9452b521c04bb608d679d07e20f0c5524f1f65eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60423
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 14:13:47 GMT

GET
H2 200 tag-manager.js Show response
tm.ads.sportradar.com/dist/ 272 KB
36 KB 400ms
160ms Script
application/javascript 2a02:26f0:2c::216:f2c9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Requested by: Host: leon26.casino
URL: https://leon26.casino/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2c::216:f2c9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d566ddb79dffb9ea7d7cdc73ebc327f642fab184c9d610735e5bcfa9b9f1b23b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
x-n: S
content-length: 36728
apigw-requestid: G33QXjMIjoEEJdA=

POST
H2 200 api-1 Show response
leon26.casino/ 790 B
712 B 99ms
99ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fba5db76e6e743c8b5d2ef85518308c90f2cefce2958651aef6742e8c04fc29c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: no-NO,no;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.65.0
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: no-NO
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

POST
H2 200 api-1 Show response
leon26.casino/ 7 KB
2 KB 110ms
109ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5c8c145573e9bd5e09c7124354633df1efb417c10d1f7e6c7a1aa95060581aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: no-NO,no;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.65.0
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: no-NO
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

POST
H2 200 api-1 Show response
leon26.casino/ 899 B
725 B 99ms
99ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

40a236900575284249ff9353904509727f5c0e932193743c9de3aa632f047cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: no-NO,no;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.65.0
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: no-NO
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 async-app.a1210806.js Show response
mrspeedtime.gcdn.co/js/ 742 KB
121 KB 74ms
73ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-app.a1210806.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e721209bf321b38c6822e48c9f4582536031ce1ead1d48361f267bca95d2fd97

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:30:13+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 123369
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-1e1e9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendor-sentry.8eda826f.js Show response
mrspeedtime.gcdn.co/js/ 136 KB
37 KB 87ms
87ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/vendor-sentry.8eda826f.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d4d836059ea8f33695648802c12093986727fc436f258e9f4871a4b0c00d5e06

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:18:43+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 37274
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-919a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-search.deaaa443.js Show response
mrspeedtime.gcdn.co/js/ 71 KB
14 KB 84ms
83ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-search.deaaa443.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 779361127b686c50f436ce1f541cdd5de7b6ab1a09246eef84402b32b1e4239b

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:35+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 13877
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-3635"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-sporteventdetails.fda0faf5.js Show response
mrspeedtime.gcdn.co/js/ 83 KB
19 KB 101ms
101ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-sporteventdetails.fda0faf5.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9f0cab3a57ff29e4c5ac99346263b99bc9cbdd5a0618ce7edd3b8a9f3fa8c460

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:30:13+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 18914
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-49e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-sporteventscybersport.8722deb1.js Show response
mrspeedtime.gcdn.co/js/ 15 KB
4 KB 90ms
88ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-sporteventscybersport.8722deb1.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3e5be5d08156e844d1ac151ae44b522809a12dbeb188769740582f1840e382c9

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:35+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 4347
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-10fb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-sport-events-core.a1c6cc16.js Show response
mrspeedtime.gcdn.co/js/ 27 KB
7 KB 94ms
93ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-sport-events-core.a1c6cc16.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 08a6857f4129f0c4042ee387df7cb958e903b24523e794015ac2d181308a7db9

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:35+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 7006
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-1b5e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-sport-events-rest.f71964eb.js Show response
mrspeedtime.gcdn.co/js/ 17 KB
5 KB 90ms
89ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-sport-events-rest.f71964eb.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9e4ac1930ab5104c80a5fa3e0aeb864929619b9dc738e110489d9b379c7a5460

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:35+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 4607
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-11ff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-home.25cec5eb.js Show response
mrspeedtime.gcdn.co/js/ 35 KB
8 KB 94ms
94ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-home.25cec5eb.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4f8e3e01adbef641b93a1d9d08bdf861a2cc5418a3f24b2a2b2e2fe803c85977

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:35+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 8033
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-1f61"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 api-1 Show response
leon26.casino/ 182 KB
19 KB 116ms
114ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b2ee5398620745dd56f802f9d75c6aea87aa11d95327325b3795c98398a5a328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: no-NO,no;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.65.0
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: no-NO
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK js Show response
track.leonretarget.com/pixel/ 477 B
770 B 554ms
144ms Script
text/javascript 88.214.195.87
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://track.leonretarget.com/pixel/js?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.87 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: b2cb126cc335d3af70094c5627edc02a541ceb27d3c6c51906dd80589795df8a

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:13:48 GMT
Server: nginx/1.20.0
Content-Type: text/javascript
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 477
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 249ms
69ms Script
application/x-javascript 2600:9000:214f:fa00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: leon26.casino
URL: https://leon26.casino/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:fa00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:36 GMT
content-encoding: gzip
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Wed, 21 Jun 2023 14:13:26 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: FRA53-C1
age: 12
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: 8jR76s8tfiEK8nfu9JpkbYkWmjpMOzkLPau-_LR6QRUixbif9-0__g==
expires: Wed, 21 Jun 2023 15:13:36 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 230ms
52ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: leon26.casino
URL: https://leon26.casino/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000004a99d1e4c6dfecaa-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gtr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ 6 KB
3 KB 220ms
66ms Script
application/javascript 2400:52e0:1e00::860:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4

Requested by

Host: leon26.casino
URL: https://leon26.casino/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-860 /

Resource Hash

c82c372cd5c4a3b46fddb13499d36d8818044e818b53a6794f340effeea5673a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 11:49:13 GMT
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 723
cdn-cachedat: 02/27/2023 11:49:13
cdn-pullzone: 692289
last-modified: Fri, 24 Feb 2023 12:08:35 GMT
server: BunnyCDN-DE1-860
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63f8a8c3-19cc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: b8a28a6e8dae35bf5c15d1b7250d5c8e
cdn-requestcountrycode: NO
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 94ms
93ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a27de662882ad21b53bd4a94d81c8d9d61a957515ce70f5a2485c763b3fc133a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85418
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Jun 2023 14:13:47 GMT

POST
H2 200 / Show response
o237537.ingest.sentry.io/api/5167813/envelope/ 2 B
301 B 197ms
77ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o237537.ingest.sentry.io/api/5167813/envelope/?sentry_key=a29325eeb5e54765b000e90fca48b7f1&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.51.2

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://leon26.casino/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Jun 2023 14:13:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 async-styles.5a489882.css
mrspeedtime.gcdn.co/css/ 697 KB
68 KB 74ms
74ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/css/async-styles.5a489882.css
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d5f517d1e97eae66f5fe0a80694c78f9efd23c349c305243e50e3c712992e365

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:30:13+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 69260
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-10e8c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 route-casinohome-page.d69d9566.js Show response
mrspeedtime.gcdn.co/js/ 7 KB
2 KB 72ms
71ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/route-casinohome-page.d69d9566.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c8e148d17bf951251e7c8aeb97513cd0eba2e0b502e9d671cb0d3d4b1650bf2b

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 2135
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-857"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-casino.9064eec5.js Show response
mrspeedtime.gcdn.co/js/ 35 KB
9 KB 82ms
82ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-casino.9064eec5.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5760615b7efcf72d5e00d5838a60d2a7da7026d35a34ed4b8ef988d6f62cf72a

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 8932
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-22e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-sportssidebar.9d57448c.js Show response
mrspeedtime.gcdn.co/js/ 27 KB
7 KB 85ms
85ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-sportssidebar.9d57448c.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8b4fa36920cddb5fc8ce0585972a0389d9a7838052896c6de256193ddcaee83a

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 6675
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-1a13"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-promotions.86f758c0.js Show response
mrspeedtime.gcdn.co/js/ 37 KB
8 KB 86ms
85ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-promotions.86f758c0.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a22ea7bd8797eed5299a9db5b71f7e35a6739e1354cb4807642ceb2c5fc32d34

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:30:13+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 8531
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-2153"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-sporteventsleague.0b85c6e8.js Show response
mrspeedtime.gcdn.co/js/ 25 KB
6 KB 83ms
82ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-sporteventsleague.0b85c6e8.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 75b9c2b49056fa1d4389eaec19d11c059fd6214b02feb4f4622af01a38d6443b

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:35+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 6344
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-18c8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-sporteventslist.5bd7435f.js Show response
mrspeedtime.gcdn.co/js/ 83 KB
15 KB 86ms
85ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-sporteventslist.5bd7435f.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a42cad9afea03067456e82dc6aa04029dfb8b760fab4e733dacf80211385863e

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 15606
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-3cf6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-header.a0c21e21.js Show response
mrspeedtime.gcdn.co/js/ 64 KB
13 KB 82ms
81ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-header.a0c21e21.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 588998c9e9be1a3293100e0b61e4b129c70942b11f27fe4ba333713a54ad3ebf

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:35+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 12999
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-32c7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-sporteventsbreadcrumbs.334c640b.js Show response
mrspeedtime.gcdn.co/js/ 19 KB
5 KB 85ms
84ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-sporteventsbreadcrumbs.334c640b.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 975d8403dcb1b53109fc725cd8a12b67f870f627fc8c0bb3ce105b8e93429d43

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 4778
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-12aa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-sportevents.7c606145.js Show response
mrspeedtime.gcdn.co/js/ 14 KB
4 KB 84ms
84ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-sportevents.7c606145.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0b1003eebd5c56031b8d35464040b816fe7925764ddb9ebdc1833756165a383d

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:47 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 3947
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-f6b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 headline-matches Show response
leon26.casino/api-2/betline/ 63 KB
7 KB 122ms
121ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-2/betline/headline-matches?ctag=en-US&flags=reg,urlv2,mm2,rrc&merged=true

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

35e7240aa795ba7990eeb2c7849cdb4be1109a2a030b0e0c8d578b6411f4d5a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
X-APP-THEME: DARK
x-app-browser: chrome
x-app-version: 6.65.0
x-app-os: windows
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

POST
H2 200 api-1 Show response
leon26.casino/ 118 KB
12 KB 145ms
145ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0a4b92198dd6c0603afb25939e1d8c8e33d5347d9ef88d0d4879fe56b3bfd095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: no-NO,no;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.65.0
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: no-NO
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 tracker.js Show response
tracker.ads.sportradar.com/dist/ 39 KB
12 KB 256ms
227ms Script
application/javascript 2a02:26f0:2c::216:f2c9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist/tracker.js
Requested by: Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2c::216:f2c9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 851587577b658ad11cafe62bc010d6d2877e8da18b930eb439bad86a84257ec3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
last-modified: Mon, 05 Jun 2023 07:47:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: "0aaec58a1a1ac725572a3ed51047f3c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
x-amz-cf-id: gXFPuIerjK_P6VBUUrcQ3MXC9fg3-fbi5J0FKdvSCMeri5zlprM7DQ==
content-length: 11962

GET
H/1.1

200
OK

pixel Show response
a.sportradarserving.com/ul_cb/
Redirect Chain

https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235

1 KB
2 KB

78ms
78ms

Script
text/javascript

35.157.224.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
Protocol: HTTP/1.1
Server: 35.157.224.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-224-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7bbb6a1fe73ec7a64bcc02b1d61b372c0a50108c7d736459ef259eff35dcc830

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:13:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 1527
Content-Type: text/javascript; charset=UTF-8

Redirect headers

Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
Date: Wed, 21 Jun 2023 14:13:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
616 B 86ms
85ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;900&display=swap

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/css/async-styles.5a489882.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4126f7396d5bf3b156fed003736fb5c4c980ccabd3b241da33518975d8ee550f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://mrspeedtime.gcdn.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 14:06:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 14:13:48 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 125 KB
48 KB 108ms
108ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-11843672&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64161fc26fd976b3fc958793465067c2fd3d3176ddd215db487f5c89d3d2e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49533
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 14:13:48 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 168ms
61ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je36e2&_p=797685551&cid=877906526.1687356828&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687356828&sct=1&seg=0&dl=https%3A%2F%2Fleon26.casino%2F&dt=Online%20Casino%20%26%20Sportsbook%20%7C%20Quick%20%26%20Easy%20Sports%20Bets%20at%20Leon&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://leon26.casino
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
leoncas.com/rest/auth/saved-passwords/ Frame 0
0 266ms
123ms Preflight 109.169.10.207
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncas.com/rest/auth/saved-passwords/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.169.10.207 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-app-layout,x-app-os,x-app-platform
Access-Control-Request-Method: GET
Origin: https://leon26.casino
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, x-app-layout, x-app-browser, x-app-version, x-app-os, x-requested-uri, x-app-skin, x-app-rendering, x-app-platform, x-app-env, x-app-modernity, user-agent, cookie
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin: https://leon26.casino
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 21 Jun 2023 14:13:48 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 sprite.4a9a41ab.svg
leon26.casino/img/ 383 KB
133 KB 133ms
133ms Other
image/svg+xml 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://leon26.casino/img/sprite.4a9a41ab.svg
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/vendors.ffe3bb03.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e10f4cfa708f6701d7bab85b7a78ffe9686711032cba2fceb8d5456841fc7fb6

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"648c2081-5fde7"
content-type: image/svg+xml
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 route-cybersport-page.e7d0cb16.js Show response
mrspeedtime.gcdn.co/js/ 15 KB
4 KB 72ms
72ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/route-cybersport-page.e7d0cb16.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3848006e0f51ff805b7c66a986c1de9fe5ad5391483c54cd77b59e6d0679359a

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:18:44+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 3662
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-e4e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 route-mainbannersection-component.0ffe90cc.js Show response
mrspeedtime.gcdn.co/js/ 18 KB
5 KB 87ms
86ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/route-mainbannersection-component.0ffe90cc.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d7ffb375a78d6b95aae55628f17e8d315c03715986e62c8f8183a1bc5e08ba51

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 4765
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-129d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 route-onboarding-page.89b5c8ce.js Show response
mrspeedtime.gcdn.co/js/ 20 KB
6 KB 77ms
77ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/route-onboarding-page.89b5c8ce.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2ddfa954b20ead944515dea9a009068b25ae194c75c3c2a5034683e90d0357cd

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:31:14+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 6335
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-18bf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 route-thefooter-component.b2fb380a.js Show response
mrspeedtime.gcdn.co/js/ 13 KB
3 KB 79ms
78ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/route-thefooter-component.b2fb380a.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 844b7a94b9288b4ead2caa2537132cb513b311a927d0ad9c33570b07ca91139f

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 3080
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-c08"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-footer.a301b7f2.js Show response
mrspeedtime.gcdn.co/js/ 14 KB
3 KB 87ms
86ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-footer.a301b7f2.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c3eeccba7169b039b35447b8d6fa0c80e839a956d8031906062a7c3c6f689265

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 2931
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-b73"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 route-headerfeedbacklegacy-page.5645311a.js Show response
mrspeedtime.gcdn.co/js/ 41 KB
8 KB 78ms
77ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/route-headerfeedbacklegacy-page.5645311a.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 805756861293bd94ef92f2c7fb37c2ebb40a2f3573daa7f8c35b8a820e8d9970

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 8324
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-2084"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 route-thebetslip-component.6680a25d.js Show response
mrspeedtime.gcdn.co/js/ 127 KB
23 KB 74ms
74ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/route-thebetslip-component.6680a25d.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c35d7ed109576a05ab81ff746e440da1034a9dbb4412f39a2f90b3897f90725d

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:30:14+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 23323
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-5b1b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 route-affiliateregistrations-component.81fd277f.js Show response
mrspeedtime.gcdn.co/js/ 16 KB
4 KB 80ms
80ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/route-affiliateregistrations-component.81fd277f.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 922ef4a05120c597fef6e30b56736232ef7b71608bf0fde7eec138efac7bd562

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 4443
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-115b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 module-userprofile.8a5467ad.js Show response
mrspeedtime.gcdn.co/js/ 18 KB
6 KB 79ms
78ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/module-userprofile.8a5467ad.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0b4c9471e5a35341909e4a77a676712cbb90d88e846e9f01b51b99fb56bc9e75

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:40:36+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 5573
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-15c5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.654034ce.svg
mrspeedtime.gcdn.co/img/ 5 KB
2 KB 75ms
75ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrspeedtime.gcdn.co/img/logo.654034ce.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e396720de2ec885895c1c0da9d100c5311408b8e3821799ff4f702e95565db88

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T13:29:19+00:00
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
content-length: 2219
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-8ab"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
leoncas.com/rest/auth/saved-passwords/ 34 B
574 B 281ms
141ms Fetch
application/json 109.169.10.207
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncas.com/rest/auth/saved-passwords/
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.169.10.207 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e19237af2d984f7b772577bee8f16b86c42e21212c0f9cb0fb17762cc2de04e4

Request headers

x-app-layout: desktop
Referer: https://leon26.casino/
x-app-os: windows
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
x-app-platform: web

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://leon26.casino
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, x-app-layout, x-app-browser, x-app-version, x-app-os, x-requested-uri, x-app-skin, x-app-rendering, x-app-platform, x-app-env, x-app-modernity, user-agent, cookie
expires: 0

POST
H2 200 api-1 Show response
leon26.casino/ 56 KB
5 KB 136ms
136ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

23eb53ccf0241fe057507e32347a9febfcf68d70b11378c1e0c8afdbbbc85140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: no-NO,no;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.65.0
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: no-NO
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 sports Show response
leon26.casino/api-2/betline/ 97 KB
12 KB 103ms
102ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-2/betline/sports?ctag=en-US&flags=urlv2

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

50103acdac8009cdc413bb22302b2b0e6a3907748e9717bad82ebe966fd4cb98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
X-APP-THEME: DARK
x-app-browser: chrome
x-app-version: 6.65.0
x-app-os: windows
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 cssession Show response
dsp-trk.eskimi.com/tracking/ 2 B
168 B 187ms
77ms XHR
text/plain 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-trk.eskimi.com/tracking/cssession?tst&id=28935&url=https%3A%2F%2Fleon26.casino%2F&t=1687356828427
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://leon26.casino
date: Wed, 21 Jun 2023 14:13:48 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/plain; charset=UTF-8

GET
H2 200 gtr Show response
dsp-ap.eskimi.com/v2/ 116 B
573 B 201ms
77ms XHR
application/json 35.186.201.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-ap.eskimi.com/v2/gtr?id=28935&url=https%3A%2F%2Fleon26.casino%2F&t=1687356828428
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.201.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 15b91f234cff4988cce19ea97dbb7cfa8709d49c72baa802f5575a4d9d650b5c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://leon26.casino
date: Wed, 21 Jun 2023 14:13:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 15B1
Redirect Chain

https://20828756p.rfihub.com/ca.html?ver=9&rb=43197&ca=20828756&_o=43197&_t=20828756&pe=https%3A%2F%2Fleon26.casino%2F&pf=&ra=9539335684459946
https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2Fleon26.casino%2F&pf=
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252Fleon26.casino%252F%26pf%3D

43 B
1 KB

66ms
66ms

Document
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252Fleon26.casino%252F%26pf%3D

Requested by

Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://leon26.casino/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

AN-X-Request-Uuid: ed47e72d-1aea-4f60-beb7-898d72fb0cce
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 21 Jun 2023 14:13:49 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 178.255.148.165; 178.255.148.165; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

AN-X-Request-Uuid: 7233fb2d-3c37-420e-8bb8-3769b6143426
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Jun 2023 14:13:49 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252Fleon26.casino%252F%26pf%3D
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 178.255.148.165; 178.255.148.165; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 652 B
957 B 198ms
52ms Script
text/javascript 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2758250&ADFPageName=Leon_Casino_All_Pages&ADFdivider=%7C&ord=443302971484&ADFtpmode=2&loc=https%3A%2F%2Fleon26.casino%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c6d9bc7b84f3af0ce4f9b6ce8ed55fa014f1f4d7455b1d547ad4fd79f6d23aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 441
expires: -1

GET
H2 200 sp-3.8.0.js Show response
tracker.ads.sportradar.com/dist// 73 KB
24 KB 122ms
121ms Script
application/javascript 2a02:26f0:2c::216:f2c9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by: Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2c::216:f2c9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
last-modified: Mon, 05 Jun 2023 07:47:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: "143272dddc33395008a84a86ac9c2e96"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
x-amz-cf-id: d5yoB1g9tIng7cHg6E-h79ADVYO2FlPmy3APueAZMJpjN6YmZ8lRIw==
content-length: 24162

GET
H2

200

activityi;dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=htt... Show response
11843672.fls.doubleclick.net/ Frame 1F8B
Redirect Chain

https://11843672.fls.doubleclick.net/activityi;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=...
https://11843672.fls.doubleclick.net/activityi;dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;u...

529 B
465 B

114ms
113ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11843672.fls.doubleclick.net/activityi;dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fleon26.casino%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11843672&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

db5d02945ae27249c38c4ba557a83c997302a2af3f432f560ad82c7873fd757e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leon26.casino/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 290
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:13:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:13:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11843672.fls.doubleclick.net/activityi;dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fleon26.casino%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 api-1 Show response
leon26.casino/ 131 B
470 B 115ms
114ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

02390d1ab2e2351c60e1851f22c0de132f7343dbc63c6cb190a39309a47d6d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: no-NO,no;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.65.0
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: no-NO
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK pixel
track.leonretarget.com/ 0
260 B 148ms
148ms Image
text/plain 88.214.195.87
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.leonretarget.com/pixel?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined&site=leon26.casino&ln=en-US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.87 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:13:48 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Server: nginx/1.20.0
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sprite.4a9a41ab.svg
leon26.casino/img/ 383 KB
133 KB 108ms
108ms Other
image/svg+xml 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://leon26.casino/img/sprite.4a9a41ab.svg
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/vendors.ffe3bb03.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e10f4cfa708f6701d7bab85b7a78ffe9686711032cba2fceb8d5456841fc7fb6

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"648c2081-5fde7"
content-type: image/svg+xml
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 api-1 Show response
leon26.casino/ 10 KB
4 KB 100ms
100ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c553aa3fa5c2ff48a0d1c689ac379933c7dafa6330d9043a98eabee42b2b8b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: no-NO,no;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.65.0
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: no-NO
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 color-live-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 622 B
703 B 116ms
99ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-live-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c3862cc2028935c5a5f21f873fe7efdc309a56a5776f5a55453c25e94c804b77

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
last-modified: Thu, 25 Mar 2021 21:01:52 GMT
server: nginx
etag: "605cfa40-26e"
x-cached-since: 2023-04-03T13:45:50+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 622
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-cherry-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 2 KB
2 KB 112ms
95ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-cherry-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f7c787a6c2d25303927c9c7a8c60a941044203e259f96a120f8559aac119b7da

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
last-modified: Fri, 19 Mar 2021 17:11:17 GMT
server: nginx
etag: "6054db35-903"
x-cached-since: 2023-04-03T13:45:50+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 2307
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-roulette-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 5 KB
5 KB 104ms
88ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-roulette-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 988e9effd6680b71fa8355efb7f41e55baf7fa096fff438cc8838ad0186043a1

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
last-modified: Fri, 19 Mar 2021 17:11:17 GMT
server: nginx
etag: "6054db35-12f5"
x-cached-since: 2023-04-03T13:45:51+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 4853
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-betgames-2.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 3 KB
3 KB 99ms
82ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-betgames-2.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fe26a1772d4c6a0a07b933f71d9cf7a02bf9a0e6866ba9e820b7590a957c7676

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
last-modified: Fri, 04 Mar 2022 12:05:53 GMT
server: nginx
etag: "622200a1-ab4"
x-cached-since: 2023-04-03T13:45:51+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 2740
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-tv-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 700 B
759 B 93ms
76ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-tv-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7e67ee52b9a022aa7601e1a818cfa91bd7bd9dd4d4e677e24891033ed87b9b61

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
last-modified: Fri, 19 Mar 2021 17:11:17 GMT
server: nginx
etag: "6054db35-2bc"
x-cached-since: 2023-04-03T13:45:50+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 700
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-esport.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 3 KB
3 KB 88ms
71ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-esport.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3dda9b271d14659c452372e5ea0ffeff160b98f06a8f71a1636513fcc9dee439

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
last-modified: Fri, 19 Mar 2021 17:11:17 GMT
server: nginx
etag: "6054db35-c49"
x-cached-since: 2023-04-03T13:45:50+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 3145
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-fastgames-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 1 KB
1 KB 73ms
73ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-fastgames-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fa3b577a638cbb33b1bc0324a32c3f032f945586d316b994e73b766d6e776b66

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
last-modified: Thu, 03 Mar 2022 12:10:23 GMT
server: nginx
etag: "6220b02f-55b"
x-cached-since: 2023-04-03T13:45:50+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 1371
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-promos.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 2 KB
2 KB 73ms
73ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-promos.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 78271c224efe35393eead263436870aa77b3f67c0ee8abd649edfff455c5dfec

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
last-modified: Wed, 03 Aug 2022 11:27:28 GMT
server: nginx
etag: "62ea5ba0-699"
x-cached-since: 2023-04-03T13:45:50+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 1689
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mascot.4ad2ade5.svg
mrspeedtime.gcdn.co/img/ 10 KB
4 KB 72ms
72ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrspeedtime.gcdn.co/img/mascot.4ad2ade5.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4adde8ea365c6a09071b4d1c0115f7fb809ad7622616ccc799146f9b57816d53

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T13:29:20+00:00
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
content-length: 3850
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-f0a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sprite.4a9a41ab.svg
leon26.casino/img/ 383 KB
133 KB 125ms
124ms Other
image/svg+xml 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://leon26.casino/img/sprite.4a9a41ab.svg
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/vendors.ffe3bb03.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e10f4cfa708f6701d7bab85b7a78ffe9686711032cba2fceb8d5456841fc7fb6

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"648c2081-5fde7"
content-type: image/svg+xml
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-margin-0.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 4 KB
5 KB 79ms
79ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-margin-0.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9500d42196478f9d0c4bd68ba9fc8d248bb4bc5b711532ca57f950bf5e311a1c

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
last-modified: Mon, 21 Mar 2022 11:53:22 GMT
server: nginx
etag: "62386732-11dd"
x-cached-since: 2023-04-03T13:45:51+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 4573
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=73aa36f4-df41-427b-91e5-669e45165560
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=73aa36f4-df41-427b-91e5-669e45165560
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=83450786-b27b-4a14-a728-cbd5356738f2&gdpr=&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=83450786-b27b-4a14-a728-cbd5356738f2&gdpr=&gdpr_consent=&us_privacy=&C=1

43 B
632 B

66ms
66ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=83450786-b27b-4a14-a728-cbd5356738f2&gdpr=&gdpr_consent=&us_privacy=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:13:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:13:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=51&external_user_id=83450786-b27b-4a14-a728-cbd5356738f2&gdpr=&gdpr_consent=&us_privacy=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

200

sium
ih.adscale.de/adscale-ih/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=6dd31154-e979-4430-89e6-5b42f278cec5
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=6dd31154-e979-4430-89e6-5b42f278cec5
https://ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=83450786-b27b-4a14-a728-cbd5356738f2&gdpr=&gdpr_consent=

49 B
361 B

210ms
71ms

Image
image/gif

52.58.93.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=83450786-b27b-4a14-a728-cbd5356738f2&gdpr=&gdpr_consent=
Protocol: H2
Server: 52.58.93.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-93-190.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP=NOI PSA OUR
date: Wed, 21 Jun 2023 14:13:49 GMT
content-length: 49
content-type: image/gif

Redirect headers

location: //ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=83450786-b27b-4a14-a728-cbd5356738f2&gdpr=&gdpr_consent=
date: Wed, 21 Jun 2023 14:13:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

RX-626079d5-5023-451c-9b5a-5d1da3332ab9-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=19e6b691-bbbe-43ac-9914-c5a2162b6f15
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&cb=19e6b691-bbbe-43ac-9914-c5a2162b6f15
https://sync.1rx.io/usersync/bidswitch/83450786-b27b-4a14-a728-cbd5356738f2?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/83450786-b27b-4a14-a728-cbd5356738f2?zcc=1&cb=1687356829309
https://sync.targeting.unrulymedia.com/csync/RX-626079d5-5023-451c-9b5a-5d1da3332ab9-003

43 B
378 B

221ms
67ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-626079d5-5023-451c-9b5a-5d1da3332ab9-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:49 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-626079d5-5023-451c-9b5a-5d1da3332ab9-003
pragma: no-cache
date: Wed, 21 Jun 2023 14:13:49 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H/1.1

200
OK

bsw_sync
eu.sportradarserving.com/
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=409&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
https://eu.sportradarserving.com/bsw_sync?bsw_uid=83450786-b27b-4a14-a728-cbd5356738f2

43 B
220 B

273ms
67ms

Image
image/gif

35.156.251.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.sportradarserving.com/bsw_sync?bsw_uid=83450786-b27b-4a14-a728-cbd5356738f2
Protocol: HTTP/1.1
Server: 35.156.251.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-251-164.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:13:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: //eu.sportradarserving.com/bsw_sync?bsw_uid=83450786-b27b-4a14-a728-cbd5356738f2
date: Wed, 21 Jun 2023 14:13:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 848 B
1 KB 52ms
52ms Script
text/javascript 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2758250&ADFPageName=Leon_Casino_All_Pages&ADFdivider=%7C&ord=443302971484&ADFtpmode=2&loc=https%3A%2F%2Fleon26.casino%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=8424841644870224819

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e68e232ad5279308afca8b5a8a5780c778b569e8ae0e6cef9cd18df33fdfe9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 689
expires: -1

POST
H2 200 api-1 Show response
leon26.casino/ 131 B
470 B 110ms
109ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a31eec0c0038529ff395da7cdc6c42795d946f841fd00da0b7947d2c48b90d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: no-NO,no;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.65.0
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type: application/json
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: no-NO
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame D3ED 5 KB
2 KB 261ms
51ms Document
text/html 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Requested by

Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2758250&ADFPageName=Leon_Casino_All_Pages&ADFdivider=%7C&ord=443302971484&ADFtpmode=2&loc=https%3A%2F%2Fleon26.casino%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=8424841644870224819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fc6543edc9d68d6daa660113cd93f8f66bf2723bb3948e71d0076c22d5c43679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://leon26.casino/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 14:13:49 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
467 B 193ms
51ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=1949462838072400481&stamp=14ul2WmNKFADvP-67D9Y4w2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2... Show response
adservice.google.com/ddm/fls/i/ Frame 457C 528 B
664 B 282ms
114ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fleon26.casino%2F

Requested by

Host: 11843672.fls.doubleclick.net
URL: https://11843672.fls.doubleclick.net/activityi;dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fleon26.casino%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

861597d537a36caef2c05fe73ff9ee3a74940653068973343985f6aaa38ef158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11843672.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:13:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sunSw.a7e0e124.svg
mrspeedtime.gcdn.co/img/ 1 KB
570 B 76ms
75ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrspeedtime.gcdn.co/img/sunSw.a7e0e124.svg
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/css/initial-styles.6bceb107.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7250986404d0fe60ab7faae6634e196598b4d3852b17bc8a77fd93cc77af2bc6

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://mrspeedtime.gcdn.co/css/initial-styles.6bceb107.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T13:33:20+00:00
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
content-length: 508
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-1fc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 moonSw.16bb8512.svg
mrspeedtime.gcdn.co/img/ 782 B
510 B 75ms
74ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrspeedtime.gcdn.co/img/moonSw.16bb8512.svg
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/css/initial-styles.6bceb107.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 38a08afb9b3071d30b8f47001ce67eb2269bcb1924cd377bc99318c57c942fe5

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://mrspeedtime.gcdn.co/css/initial-styles.6bceb107.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:48 GMT
content-encoding: br
x-cached-since: 2023-06-20T13:33:20+00:00
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
content-length: 427
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-1ab"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 80ms
79ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 328525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 18:58:23 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 119ms
117ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:55:21 GMT
x-content-type-options: nosniff
age: 469107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 03:55:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 92ms
91ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:10:14 GMT
x-content-type-options: nosniff
age: 79414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 16:10:14 GMT

GET
H2 200 front-1005@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 70 KB
70 KB 88ms
87ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/front-1005@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2c6535d33567beacaf7b9bf92d6e81ad7db872870b21dfadc895e22ac2dd3f04

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Sat, 13 May 2023 15:10:21 GMT
server: nginx
etag: "645fa85d-116ce"
x-cached-since: 2023-05-13T15:18:51+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 71374
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bg-1448x3-11-36@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 96 KB
96 KB 152ms
152ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/bg-1448x3-11-36@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c45347665880c190ad2926082100a71b4e5eed12e5dcbbc8f2fc6ae9ce8cb8b7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Mon, 05 Jun 2023 11:21:15 GMT
server: nginx
etag: "647dc52b-17f06"
x-cached-since: 2023-06-14T11:20:34+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 98054
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 969x696-15@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/banners/ 40 KB
40 KB 151ms
151ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/banners/969x696-15@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2df54189bea1246e51c7f604869e9ea18dbd09aa45b86ea727b54e7ba6501ff7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Wed, 02 Mar 2022 14:12:31 GMT
server: nginx
etag: "621f7b4f-9fd0"
x-cached-since: 2023-06-15T07:12:11+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 40912
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front-980@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 27 KB
27 KB 76ms
76ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/front-980@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9340049af9215dd484a8790882189e8a2c628f51415936f9bd7ae18a6616df7e

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Tue, 09 May 2023 07:14:59 GMT
server: nginx
etag: "6459f2f3-6a30"
x-cached-since: 2023-06-12T07:46:47+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 27184
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Frame-15x31-30@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 49 KB
49 KB 150ms
149ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/Frame-15x31-30@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a29a4c0ab878357858be4d831908f8f131d2d3f5159e12ac96b604288a071dd4

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Mon, 05 Jun 2023 11:26:30 GMT
server: nginx
etag: "647dc666-c51c"
x-cached-since: 2023-06-15T07:12:11+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 50460
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bg-836@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 11 KB
11 KB 149ms
149ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/bg-836@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a4976c215b6ef52791fd350a09071273652ff997d94491cbb5940b328ee10082

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Sat, 13 May 2023 15:10:23 GMT
server: nginx
etag: "645fa85f-2ac4"
x-cached-since: 2023-05-13T15:18:51+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 10948
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bg-1448x3-11-3@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 123 KB
123 KB 143ms
142ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/bg-1448x3-11-3@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e3c701961392acbbe8397e5b283b1935c6a140aa31316686d8a4686621ad0057

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Tue, 25 Apr 2023 12:38:41 GMT
server: nginx
etag: "6447c9d1-1ea74"
x-cached-since: 2023-04-30T21:01:19+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 125556
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4344x696-12@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/banners/ 55 KB
55 KB 142ms
142ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/banners/4344x696-12@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6ad99f42c256056dd505f81f72d49b621aebc3a343e7ff497b95411a716b585b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Wed, 02 Mar 2022 14:12:40 GMT
server: nginx
etag: "621f7b58-dcce"
x-cached-since: 2023-06-15T07:12:11+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 56526
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Frame-15x31-2@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 57 KB
57 KB 140ms
140ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/Frame-15x31-2@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1a863466621b13fda2daaa78fe0d93c2193dba6fbb01251ae64daa912aed244b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Tue, 25 Apr 2023 12:38:41 GMT
server: nginx
etag: "6447c9d1-e46c"
x-cached-since: 2023-04-30T21:01:19+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 58476
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front-1043@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 64 KB
64 KB 140ms
140ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/front-1043@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: de35a85e9e4d404909d5239a07eadd36a7a66c7d4ed3110840fa3ecc4c1de0a9

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Mon, 05 Jun 2023 07:11:09 GMT
server: nginx
etag: "647d8a8d-ff52"
x-cached-since: 2023-06-19T21:22:37+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 65362
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bg-811@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 193 KB
193 KB 133ms
133ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/bg-811@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecb4168a806bb66f0bc69c14099a557d705fe96fca0d4969d02bdd77edd6f075

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Tue, 09 May 2023 07:15:11 GMT
server: nginx
etag: "6459f2ff-303de"
x-cached-since: 2023-06-12T07:46:47+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 197598
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bg-866@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 69 KB
69 KB 133ms
133ms Image
image/webp 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/bg-866@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a73650271fae58dbc111ad770065dccf47c77d36a219a566483df24e85abf811

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc22
date: Wed, 21 Jun 2023 14:13:49 GMT
last-modified: Mon, 05 Jun 2023 07:11:16 GMT
server: nginx
etag: "647d8a94-113c2"
x-cached-since: 2023-06-19T21:22:37+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: fr5-hw-edge-gc22
x-nginx: nginx-be
accept-ranges: bytes
content-length: 70594
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame D3ED 0
384 B 51ms
51ms Image
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame D3ED
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=1949462838072400481&Expiration=1688566429
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1949462838072400481&Expiration=1688566429

43 B
425 B

80ms
79ms

Image
image/gif

99.80.180.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1949462838072400481&Expiration=1688566429
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Server: 99.80.180.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-180-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:13:49 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=1949462838072400481&Expiration=1688566429
access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:13:49 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame D3ED 0
400 B 364ms
203ms Image
text/plain 23.206.20.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.206.20.27 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-20-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:13:49 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Tue, 20 Jun 2023 14:13:49 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame D3ED 0
214 B 305ms
67ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D3ED
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1949462838072400481&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=1949462838072400481&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=a3966ba4b3e4484da...
https://c1.adform.net/serving/cookie/match?party=9&uid=d00bb93d5b18fc134c6e03b0fcc60fbfebe5b36171c6aaf6628578a95ee63b3a

35 B
591 B

53ms
53ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=d00bb93d5b18fc134c6e03b0fcc60fbfebe5b36171c6aaf6628578a95ee63b3a

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=d00bb93d5b18fc134c6e03b0fcc60fbfebe5b36171c6aaf6628578a95ee63b3a
date: Wed, 21 Jun 2023 14:13:49 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D3ED
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=1949462838072400481&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=4163618529311602163

35 B
591 B

52ms
51ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=4163618529311602163

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=4163618529311602163
pragma: no-cache
date: Wed, 21 Jun 2023 14:13:48 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame D3ED
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=1949462838072400481&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=1949462838072400481&_origin=1&verify=true

0
121 B

68ms
68ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=1949462838072400481&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=1949462838072400481&_origin=1&verify=true
date: Wed, 21 Jun 2023 14:13:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame D3ED 43 B
638 B 388ms
76ms Image
image/gif 2.16.238.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-158.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:13:49 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1687356829502018-428
Expires: Wed, 21 Jun 2023 14:13:49 GMT

GET
H/1.1

200
OK

setuid
prebid.serve.admatic.com.tr/ Frame D3ED
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=1949462838072400481
https://prebid.serve.admatic.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=${BSW_UUID}&dsp_uuid=&dsp_id=

86 B
563 B

349ms
113ms

Image
image/png

212.57.20.61
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.serve.admatic.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=${BSW_UUID}&dsp_uuid=&dsp_id=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Server: 212.57.20.61 Antakya, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS: host-212-57-20-61.reverse.superonline.net
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Wed, 21 Jun 2023 14:13:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 86
vary: Origin
content-type: image/png

Redirect headers

location: //prebid.serve.admatic.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=${BSW_UUID}&dsp_uuid=&dsp_id=
date: Wed, 21 Jun 2023 14:13:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D3ED
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1949462838072400481&expiration=1688566429
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1949462838072400481&expiration=1688566429&C=1

43 B
766 B

67ms
66ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=1949462838072400481&expiration=1688566429&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:13:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:13:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=111&external_user_id=1949462838072400481&expiration=1688566429&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

img
pixel.mathtag.com/sync/ Frame D3ED
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=1949462838072400481&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=1949462838072400481&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=1949462838072400481&gdpr=&sInitiator=external
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=6863867119751714503&sInitiator=internal&gdpr=
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal

43 B
417 B

231ms
82ms

Image
image/gif

23.218.208.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Server: 23.218.208.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-209.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x7 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:13:50 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x7 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 21 Jun 2023 14:13:49 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:57 GMT
uip-status: Ok
frontend-id: 01
location: https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame D3ED 0
344 B 289ms
65ms Image
text/plain 3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1949462838072400481&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:13:49 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame D3ED 0
324 B 280ms
74ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame D3ED 0
98 B 183ms
76ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1949462838072400481/gdpr=/ Frame D3ED 49 B
266 B 321ms
79ms Image
image/gif 99.80.64.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1949462838072400481/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.64.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-64-147.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:49 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.240
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame D3ED 62 B
218 B 400ms
241ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 21 Jun 2023 14:13:49 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame D3ED 43 B
273 B 185ms
79ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:49 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame D3ED
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

275ms
81ms

Image
image/gif

52.218.105.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Server: 52.218.105.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:13:51 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: VTGYWAJ0C895HRD7
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 3S8MonNgDG+5FCXGF6ZSe9G2pCsJZBMwnNhD/e2DMgiFmVe+PWkUhjVZFOlLDiWsCyISZBGttPY=

Redirect headers

X-Error-Reason: Missing UserId
Date: Wed, 21 Jun 2023 14:13:49 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame D3ED
Redirect Chain

https://pixel.onaudience.com/?mapped=1949462838072400481&partner=68
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
265 B

234ms
77ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 14:13:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H/1.1 200
OK /
cm.adsafety.net/ Frame D3ED 43 B
229 B 203ms
64ms Image
image/gif 217.79.187.68
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 217.79.187.68 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm42.as.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:13:49 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame D3ED 0
338 B 246ms
78ms Image
text/plain 52.213.184.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.184.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-184-195.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: beacon-n005-dub-prod.krxd.net
date: Wed, 21 Jun 2023 14:13:49 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1687356829
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame D3ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MTk0OTQ2MjgzODA3MjQwMDQ4MQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECLvMjoBYmPwSIn3gGfuaiE&google_cver=1&google_ula=1641347,0

35 B
600 B

53ms
52ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECLvMjoBYmPwSIn3gGfuaiE&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECLvMjoBYmPwSIn3gGfuaiE&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame D3ED
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=6863867119751714503&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=1949462838072400481

43 B
1 KB

66ms
66ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=1949462838072400481

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:13:49 GMT
AN-X-Request-Uuid: d6bfbdac-dbe5-4371-a2a7-dbcd199557fa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.255.148.165; 178.255.148.165; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=1949462838072400481
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame D3ED 0
384 B 54ms
50ms Image
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame D3ED 42 B
472 B 230ms
74ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 14:13:49 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame D3ED 43 B
444 B 221ms
66ms Image
image/gif 65.9.66.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-72.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 01:19:06 GMT
Via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: FRA56-C1
Age: 46483
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: r9JrnQ7JpMC-jk-mSicC51HXfJ2m-qe7_AehjpNPmxjD0erj3ZMBTA==

GET
H/1.1

200

p
a.audrte.com/ Frame D3ED
Redirect Chain

https://a.audrte.com/a?adform_uid=1949462838072400481
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmNtVG9Eck1GcGxUU21RVHlsMWVOTU0yQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

142ms
141ms

Image
image/png

54.237.77.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Server: 54.237.77.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-77-135.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:13:50 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Wed, 21 Jun 2023 14:13:50 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D3ED
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1949462838072400481&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=1949462838072400481&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=83669974676506073782534251710276068673&noredirect=1

35 B
591 B

59ms
59ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=83669974676506073782534251710276068673&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v049-0915e9d18.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: hH46DvPvRb0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=83669974676506073782534251710276068673&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame D3ED
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=1949462838072400481
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219623204554003279966

35 B
600 B

51ms
51ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219623204554003279966

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:50 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219623204554003279966
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame D3ED
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7247142401535309964

35 B
591 B

52ms
51ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7247142401535309964

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7247142401535309964
Date: Wed, 21 Jun 2023 14:13:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame D3ED 62 B
428 B 256ms
256ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 21 Jun 2023 14:13:50 GMT
content-length: 62
content-type: image/gif

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ Frame D3ED 43 B
418 B 224ms
78ms Image
image/gif 23.218.208.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-209.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x28 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:13:50 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x28 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 21 Jun 2023 14:13:49 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D3ED
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=edgddfq31QbYAK5

35 B
591 B

52ms
51ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=edgddfq31QbYAK5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:13:49 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-0014315516ab858c7@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=edgddfq31QbYAK5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D3ED 70 B
264 B 252ms
84ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 14:13:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame D3ED 0
72 B 691ms
173ms Image
text/plain 216.46.185.182
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.182 Littleton, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame D3ED 43 B
1 KB 209ms
67ms Image
image/gif 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=1949462838072400481

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 21 Jun 2023 14:13:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame D3ED
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=700090222
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Lj5OONSASr7Z.zdNusq0le

35 B
591 B

51ms
51ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Lj5OONSASr7Z.zdNusq0le

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:49 GMT
via: 1.1 google
last-modified: Wed, 21 Jun 2023 14:13:50 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Lj5OONSASr7Z.zdNusq0le
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame D3ED 23 B
279 B 321ms
104ms Image
image/gif 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 21 Jun 2023 14:13:50 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 14:13:50 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET pixel.gif
sync.1dmp.io/ Frame D3ED 0
0

GET
H2

200

/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame D3ED
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=1949462838072400481
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=1949462838072400481&cookieCheck=1
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=660c4336

0
99 B

339ms
64ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=660c4336
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 61858

Redirect headers

date: Wed, 21 Jun 2023 14:13:50 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=660c4336
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: TQfk0ZdCy3v-ivcJCHmjUHwvxHB3ug81wTrW1wH6TGet6myRV3QbuA==

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D3ED
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=1949462838072400481&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=1949462838072400481&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=8edc7f5e-1afd-4535-905a-c9d4b0f1e04a

35 B
591 B

51ms
51ms

Image
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=8edc7f5e-1afd-4535-905a-c9d4b0f1e04a

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Wed, 21 Jun 2023 14:13:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=8edc7f5e-1afd-4535-905a-c9d4b0f1e04a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1949462838072400481
match.contentexchange.me/adform/ Frame D3ED 0
49 B 285ms
93ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/1949462838072400481?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:50 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame D3ED 37 B
140 B 184ms
61ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=1949462838072400481&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/ Frame D3ED
Redirect Chain

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=1949462838072400481
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

316ms
77ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:13:50 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 202 adf
pixel.sojern.com/idsync/ Frame D3ED 0
162 B 215ms
77ms Image
text/plain 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=1949462838072400481
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

GET
H2 200 plf
c1.adform.net/imatch/ Frame D3ED 0
384 B 54ms
52ms Image
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=1949462838072400481&agencyId=8296&advertiserId=2131760&src=tp&rnd=478940
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2... Show response
adservice.google.no/ddm/fls/i/ Frame 27EA 194 B
515 B 326ms
114ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.no/ddm/fls/i/dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fleon26.casino%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COS9i4PG1P8CFahfwgodu78Ajw;src=11843672;type=safev0;cat=safeg000;ord=9814328899263;gtm=45fe36e2;auiddc=1836151907.1687356828;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fleon26.casino%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:13:49 GMT
expires: Wed, 21 Jun 2023 14:13:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vendor-firebase.c1674476.js Show response
mrspeedtime.gcdn.co/js/ 40 KB
11 KB 76ms
75ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/vendor-firebase.c1674476.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 060276613e518ac511bdc288160bd259dbb17c686cbf2615088a55099d929682

Request headers

Referer: https://leon26.casino/
Origin: https://leon26.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc33
date: Wed, 21 Jun 2023 14:13:51 GMT
content-encoding: br
x-cached-since: 2023-06-20T10:18:47+00:00
x-id-fe: fr5-hw-edge-gc33
x-nginx: nginx-be
content-length: 11169
last-modified: Fri, 16 Jun 2023 08:42:41 GMT
server: nginx
etag: "648c2081-2ba1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 214 KB
74 KB 376ms
179ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.d2d886b7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d061d49d7dca2febc35bb2f24f549365f423cd71b305f8b70a568a531504c165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Jun 2023 08:10:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64928657-12498"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74904
expires: Wed, 21 Jun 2023 15:13:51 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
114 B 91ms
90ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:13:51 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Jun 2023 08:10:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64928657-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 21 Jun 2023 15:13:51 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/71598811/
Redirect Chain

https://mc.yandex.ru/watch/71598811?wmode=7&page-url=https%3A%2F%2Fleon26.casino%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.ru/watch/71598811/1?wmode=7&page-url=https%3A%2F%2Fleon26.casino%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afp%3A818%3Afu%3A0%3Aen%3Autf-...

428 B
583 B

96ms
95ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71598811/1?wmode=7&page-url=https%3A%2F%2Fleon26.casino%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1121213492627%3Ahid%3A107702223%3Az%3A0%3Ai%3A20230621141351%3Aet%3A1687356832%3Ac%3A1%3Arn%3A548959180%3Arqn%3A1%3Au%3A1687356832862797383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C160%2C108%2C33%2C0%2C0%2C%2C261%2C0%2C1063%2C1063%2C0%2C881%3Aco%3A0%3Acpf%3A1%3Ans%3A1687356826069%3Arqnl%3A1%3Ast%3A1687356832%3At%3AOnline%20Casino%20%26%20Sportsbook%20%7C%20Quick%20%26%20Easy%20Sports%20Bets%20at%20Leon&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8c268886a14393f4d246c2418099de662c30214fd4c7f2cbab0248bca1d89ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 21-Jun-2023 14:13:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://leon26.casino
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Wed, 21-Jun-2023 14:13:52 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:51 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 21-Jun-2023 14:13:51 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/71598811/1?wmode=7&page-url=https%3A%2F%2Fleon26.casino%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A1121213492627%3Ahid%3A107702223%3Az%3A0%3Ai%3A20230621141351%3Aet%3A1687356832%3Ac%3A1%3Arn%3A548959180%3Arqn%3A1%3Au%3A1687356832862797383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A8%2C160%2C108%2C33%2C0%2C0%2C%2C261%2C0%2C1063%2C1063%2C0%2C881%3Aco%3A0%3Acpf%3A1%3Ans%3A1687356826069%3Arqnl%3A1%3Ast%3A1687356832%3At%3AOnline%20Casino%20%26%20Sportsbook%20%7C%20Quick%20%26%20Easy%20Sports%20Bets%20at%20Leon&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://leon26.casino
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 21-Jun-2023 14:13:51 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/71598811/ 43 B
74 B 91ms
90ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71598811/1?page-url=goal%3A%2F%2Fleon26.casino%2FzABTestNewUsers&page-ref=https%3A%2F%2Fleon26.casino%2F&charset=utf-8&hittoken=1687356832_541267bd9b4dc6729ad1b1486d6179ac2f31fe03efe8c6271db785d53fab44ff&browser-info=ar%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A1%3Als%3A1121213492627%3Ahid%3A107702223%3Az%3A0%3Ai%3A20230621141352%3Aet%3A1687356832%3Ac%3A1%3Arn%3A221616197%3Arqn%3A2%3Au%3A1687356832862797383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1687356826069%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687356832%3At%3AOnline%20Casino%20%26%20Sportsbook%20%7C%20Quick%20%26%20Easy%20Sports%20Bets%20at%20Leon&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)lt(43900)aw(1)ti(2)

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leon26.casino/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:52 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 21-Jun-2023 14:13:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://leon26.casino
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 21-Jun-2023 14:13:52 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/71598811/ 43 B
74 B 92ms
92ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71598811/1?page-url=goal%3A%2F%2Fleon26.casino%2FzInit&page-ref=https%3A%2F%2Fleon26.casino%2F&charset=utf-8&hittoken=1687356832_541267bd9b4dc6729ad1b1486d6179ac2f31fe03efe8c6271db785d53fab44ff&browser-info=ar%3A1%3Avf%3A7g4yzra6nxw2gnzhfy8utpb%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A1%3Als%3A1121213492627%3Ahid%3A107702223%3Az%3A0%3Ai%3A20230621141352%3Aet%3A1687356832%3Ac%3A1%3Arn%3A741804250%3Arqn%3A3%3Au%3A1687356832862797383%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1687356826069%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687356832%3At%3AOnline%20Casino%20%26%20Sportsbook%20%7C%20Quick%20%26%20Easy%20Sports%20Bets%20at%20Leon&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(3)lt(43900)aw(1)ti(2)

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leon26.casino/
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:52 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 21-Jun-2023 14:13:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://leon26.casino
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 21-Jun-2023 14:13:52 GMT

GET
H2 200 changes Show response
leon26.casino/api-2/betline/headline-matches/ 63 KB
7 KB 114ms
113ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-2/betline/headline-matches/changes?ctag=en-US&allVtag=9c2cd386-31e1-4ce9-a140-28e9b63a9300&flags=reg,urlv2,mm2,rrc

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fb691f794534525c2daafd192014e7f6d45c55a1607e06eeb58ac5b795fa2e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
X-APP-THEME: DARK
x-app-browser: chrome
x-app-version: 6.65.0
x-app-os: windows
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 59ms
58ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je36e2&_p=797685551&cid=877906526.1687356828&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1687356828&sct=1&seg=0&dl=https%3A%2F%2Fleon26.casino%2F&dt=Online%20Casino%20%26%20Sportsbook%20%7C%20Quick%20%26%20Easy%20Sports%20Bets%20at%20Leon&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://leon26.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://leon26.casino
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all Show response
leon26.casino/api-2/betline/count/ 41 B
374 B 107ms
106ms Fetch
application/json 167.172.41.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://leon26.casino/api-2/betline/count/all?ctag=en-US&hideClosed=true&flags=reg,urlv2,mm2,rrc,nodup&zeroMarginMarkets=true

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fec7c5dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.172.41.42 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7e64dfbbe51df0faefd492b25419cd24f42659c7da0cbd673d32fa998e202e48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-layout: desktop
X-APP-THEME: DARK
x-app-browser: chrome
x-app-version: 6.65.0
x-app-os: windows
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://leon26.casino/
x-app-language: en_US
x-app-modernity: 2019
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=1949462838072400481

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

96 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
leon26.casino/	1970-01-20 22:18:36	Name: x-app-language Value: en_US
leon26.casino/	1970-01-20 21:28:12	Name: ipfrom Value: 178.255.148.165
leon26.casino/	1970-01-20 22:18:36	Name: ABTestSeed Value: 26
leon26.casino/	1970-01-20 13:25:48	Name: qtag_rfrr Value: null-null
leon26.casino/	1970-01-20 22:18:36	Name: theme Value: DARK
leon26.casino/	1970-01-20 22:18:36	Name: firstTheme Value: DARK
.leon26.casino/	1970-01-20 22:18:36	Name: _ga Value: GA1.1.877906526.1687356828
.leon26.casino/	1970-01-20 22:18:36	Name: _ga_JZZNGY93CC Value: GS1.1.1687356828.1.0.1687356828.0.0.0
.sportradarserving.com/	1970-01-20 21:28:12	Name: zuuid Value: 57f9c9c9-7a1a-4f5d-ab57-bf2e10cba4dd
.sportradarserving.com/	1970-01-20 21:28:12	Name: c Value: 1687356828
.sportradarserving.com/	1970-01-20 21:28:12	Name: zuuid_lu Value: 1687356828
.leon26.casino/	1970-01-20 14:52:12	Name: _gcl_au Value: 1.1.1836151907.1687356828
.sportradarserving.com/	1970-01-20 21:28:12	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 21:28:12	Name: zuuid_k_lu Value: 1687356828
.sportradarserving.com/	1970-01-20 21:28:12	Name: cm2 Value: !bidswitch,456686028
.sportradarserving.com/	1970-01-20 21:28:12	Name: bss Value: !bidswitch,456614028
.eskimi.com/	1970-01-20 13:25:48	Name: __eConsent Value: 1
.eskimi.com/	1970-01-20 13:25:48	Name: __eDId Value: 20a7345d-35ce-4223-98ea-39040eab5ab6
.eskimi.com/	1970-01-20 13:02:46	Name: __eP Value: 1
.adform.net/	1970-01-20 13:25:48	Name: C Value: 1
leoncas.com/	1970-01-20 12:44:03	Name: Control Value: OK
.leon26.casino/	1970-01-20 12:42:38	Name: _sp_srt_ses.74be Value: *
.leon26.casino/	1970-01-20 22:18:36	Name: _sp_srt_id.74be Value: 46347582-090c-4e6e-8f1a-c83fafeda0eb.1687356829.1.1687356829..9568c710-346d-406e-b511-57418ceff0a1....0
leon26.casino/	1970-01-20 13:25:48	Name: adformfrpid Value: 8424841644870224819
.adform.net/	1970-01-20 14:09:00	Name: uid Value: 1949462838072400481
.adform.net/	1970-01-20 12:44:03	Name: CM Value: 1\|1
.rfihub.com/	1970-01-20 22:04:12	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjAxNbM0MzAxshTiM9T1DyuJqjSxdCt0Ty4FAHjSDqclAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjAxNbM0MzAxshTiM9T1DyuJqjSxdCt0Ty4FAHjSDqclAAAA
.bidswitch.net/	1970-01-20 21:28:12	Name: c Value: 1687356828
.bidswitch.net/	1970-01-20 21:28:12	Name: tuuid Value: 83450786-b27b-4a14-a728-cbd5356738f2
.seadform.net/	1970-01-20 14:09:00	Name: uid Value: 1949462838072400481
.adnxs.com/	1970-01-20 14:52:12	Name: uuid2 Value: 6863867119751714503
.bidswitch.net/	1970-01-20 21:28:12	Name: tuuid_lu Value: 1687356829
.adform.net/	1970-01-20 13:02:46	Name: CM14 Value: 1687443229_1687356829_1_Hu7u4e4e4R7u7u4REREeERERERHhERA
.adscale.de/	1970-01-20 21:24:52	Name: uu Value: a3966ba4b3e4484da4fd271e02b9cd1e
.adscale.de/	1970-01-20 21:24:52	Name: cct Value: 1687356829302
.1rx.io/	1970-01-20 21:28:12	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-626079d5-5023-451c-9b5a-5d1da3332ab9-003%22%7D
.casalemedia.com/	1970-01-20 21:28:12	Name: CMID Value: ZJMFnWEgpKxhjWmMjIpoiwAA
.casalemedia.com/	1970-01-20 14:52:12	Name: CMPS Value: 3325
.casalemedia.com/	1970-01-20 14:52:12	Name: CMPRO Value: 3325
.smartadserver.com/	1970-01-20 22:12:51	Name: pid Value: 4163618529311602163
.smartadserver.com/	1970-01-20 22:12:51	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 21:29:39	Name: csync Value: 22:1949462838072400481
.yahoo.com/	1970-01-20 21:28:34	Name: A3 Value: d=AQABBJ0Fk2QCEIi1nn09RUNNvg5XaVYalJQFEgEBAQFXlGScZPmbzSMA_eMAAA&S=AQAAArnG1H8WF2kv1jVyI2Y4--o
.semasio.net/	1970-01-20 21:28:12	Name: SEUNCY Value: 9D547025A922D906
.360yield.com/	1970-01-20 14:52:12	Name: tuuid Value: d6bd570a-a299-48e3-98cd-8063838bee6f
.360yield.com/	1970-01-20 14:52:12	Name: tuuid_lu Value: 1687356829
.ih.adscale.de/	1970-01-20 21:24:52	Name: tu Value: 4#3271372120#42~1949462838072400481~468710~0~0
.eyeota.net/	1970-01-20 12:42:37	Name: SERVERID Value: 18939~DM
.analytics.yahoo.com/	1970-01-20 21:28:12	Name: IDSYNC Value: 1760~2cce
.360yield.com/	1970-01-20 14:52:12	Name: um Value: !42,WiMSdr36ZQbRozkdXVFNKYIqs86SkV3nmexf30fEZpnp,1688566429
.360yield.com/	1970-01-20 14:52:12	Name: umeh Value: !42,0,1749564829,-1
.admatic.com.tr/	1970-01-20 14:52:12	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJibXRtIjp7InVpZCI6IiR7QlNXX1VVSUR9IiwiZXhwaXJlcyI6IjIwMjMtMDctMDVUMTQ6MTM6NDkuNTM5NjM5MTcyWiJ9fSwiYmRheSI6IjIwMjMtMDYtMjFUMTQ6MTM6NDkuNTM5NjIzMTUyWiJ9
.targeting.unrulymedia.com/	1970-01-20 21:28:12	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-626079d5-5023-451c-9b5a-5d1da3332ab9-003%22%7D
.krxd.net/	1970-01-20 17:01:48	Name: _kuid_ Value: PoPF95t6
.adnxs.com/	1970-01-20 14:52:12	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2GU$l8Q7]!]tbPl1M66+q([OUf!3`Q8C(xSgP(tN`ut#NYw_6XytMS4NCDKbpRzqF1`*b_DI(:^aC
.doubleclick.net/	1970-01-20 22:18:36	Name: IDE Value: AHWqTUkjzgpLuLHGIClrsN5bAm5iPVEYAGFXebo0xUIOfvorNBFhync62rMScdifefg
.pubmatic.com/	1970-01-20 13:25:48	Name: KRTBCOOKIE_391 Value: 22924-1949462838072400481&KRTB&23263-1949462838072400481&KRTB&23481-1949462838072400481
.pubmatic.com/	1970-01-20 13:25:48	Name: PugT Value: 1687356829
.onaudience.com/	1970-01-20 21:28:12	Name: cookie Value: 069052db1e4a26b1
.onaudience.com/	1970-01-20 12:44:03	Name: done_redirects147 Value: 1
.adfarm1.adition.com/	1970-01-20 14:52:12	Name: UserID1 Value: 7247142401535309964
.agkn.com/	1970-01-20 21:28:12	Name: ab Value: 0001%3AF2cxM2crKJsJlB%2F%2F6eSrYDuoxKTo497%2B
.bluekai.com/	1970-01-20 17:06:08	Name: bku Value: aG/99JTaAtEK8cz4
.bluekai.com/	1970-01-20 17:06:08	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEW8BeA6BM/T1pQyBp/61e96meWe9JlHYeQ=
.demdex.net/	1970-01-20 17:01:48	Name: demdex Value: 83669974676506073782534251710276068673
.dpm.demdex.net/	1970-01-20 17:01:48	Name: dpm Value: 83669974676506073782534251710276068673
.w55c.net/	1970-01-20 22:12:51	Name: wfivefivec Value: edgddfq31QbYAK5
.w55c.net/	1970-01-20 13:25:48	Name: matchadform Value: 5
.weborama.fr/	1970-01-20 22:08:32	Name: AFFICHE_W Value: 48uFlx2Ckhrj41
.id5-sync.com/	1970-01-20 12:42:37	Name: cf Value:
.id5-sync.com/	1970-01-20 12:42:37	Name: cip Value:
.id5-sync.com/	1970-01-20 12:42:37	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:42:37	Name: car Value:
.id5-sync.com/	1970-01-20 12:42:37	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:42:37	Name: callback Value:
.audrte.com/	1970-01-20 13:04:12	Name: arcki2 Value: bcmToDrMFplTSmQTyl1eNMM2A!20220908!1687356830289!ip#178.255.148.165
.audrte.com/	1970-01-20 13:04:12	Name: arcki2_adform Value: 1949462838072400481!20220908!1687356830292
.tapad.com/	1970-01-20 14:09:00	Name: TapAd_TS Value: 1687356830371
.tapad.com/	1970-01-20 14:09:00	Name: TapAd_DID Value: 8edc7f5e-1afd-4535-905a-c9d4b0f1e04a
.smaato.net/	1970-01-20 13:12:51	Name: SCM Value: 660c4336
.smaato.net/	1970-01-20 12:57:44	Name: SCM1001213 Value: 660c4336
.smaato.net/	1970-01-20 12:57:44	Name: SCMt Value: 660c4336
.tapad.com/	1970-01-20 14:09:00	Name: TapAd_3WAY_SYNCS Value:
.teads.tv/	1970-01-20 21:26:46	Name: tt_viewer Value: 868b468e-0242-4f78-8a44-5562735be3c7
.e-volution.ai/	1970-01-20 13:02:46	Name: v_usr Value: 89eb62e1-0fd3-40b8-8ce7-0e6ebe440299
.audrte.com/	1970-01-20 13:04:12	Name: arcki2_ddp2 Value: bcmToDrMFplTSmQTyl1eNMM2A!20220908!1687356830532
.leon26.casino/	1970-01-20 21:28:12	Name: _ym_uid Value: 1687356832862797383
.leon26.casino/	1970-01-20 21:28:12	Name: _ym_d Value: 1687356832
.leon26.casino/	1970-01-20 12:43:48	Name: _ym_isad Value: 2
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1814489661687356831
.yandex.ru/	1970-01-20 22:18:36	Name: i Value: gcZBj1ybmyHvTSqqV6eXb87o130E4+clrZnLymxrCW+xcQpXOKIxtGrGKCqkThM2HymLNr4+TjYdkwBg6Cog6AqVVJU=
.yandex.ru/	1970-01-20 22:18:36	Name: yandexuid Value: 2779230661687356831
.yandex.ru/	1970-01-20 21:28:12	Name: yuidss Value: 2779230661687356831
.yandex.ru/	1970-01-20 21:28:12	Name: ymex Value: 1718892831.yc.1687356831#1718892831.yrts.1687356831#1718892831.yrtsi.1687356831
.yandex.ru/	1970-01-20 21:28:12	Name: bh Value: KgI/MA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=1949462838072400481 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=1949462838072400481/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11843672.fls.doubleclick.net
20828756p.rfihub.com
a.audrte.com
a.sportradarserving.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
adservice.google.com
adservice.google.no
api.adrtx.net
beacon.krxd.net
c1.adform.net
c1.rfihub.net
cdnimages3.gcdn.co
cm.adsafety.net
cm.g.doubleclick.net
dmp.adform.net
dpm.demdex.net
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eu.sportradarserving.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
leon26.casino
leoncas.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
mc.yandex.ru
mrspeedtime.gcdn.co
o237537.ingest.sentry.io
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sojern.com
pixel.tapad.com
pm.w55c.net
prebid.serve.admatic.com.tr
ps.eyeota.net
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
sync.1dmp.io
sync.1rx.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.bluekai.com
tm.ads.sportradar.com
token.rubiconproject.com
track.adform.net
track.leonretarget.com
tracker.ads.sportradar.com
uipglob.semasio.net
ups.analytics.yahoo.com
www.googletagmanager.com
x.bidswitch.net
sync.1dmp.io
104.102.35.84
107.178.244.119
109.169.10.207
109.206.161.21
141.226.228.48
142.250.185.130
142.250.74.198
162.19.138.117
167.172.41.42
185.64.191.210
185.80.39.216
185.86.138.153
193.0.160.131
2.16.238.158
2.23.197.190
2001:4860:4802:32::36
212.57.20.61
216.46.185.182
217.79.187.68
23.206.20.27
23.218.208.209
2400:52e0:1e00::860:1
2600:9000:2057:5000:1b:5138:8a40:93a1
2600:9000:214f:fa00:1:76cf:fe80:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:808::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a02:26f0:2c::216:f2c9
2a02:6b8::1:119
2a03:90c0:41:2801::62
3.120.214.218
3.127.111.154
3.71.149.231
3.71.228.5
34.111.113.62
34.120.139.69
34.120.195.249
34.240.185.96
34.254.143.3
35.156.251.164
35.157.224.17
35.186.201.99
35.190.24.218
35.244.159.8
35.244.174.68
35.71.131.137
37.157.3.29
37.157.6.236
37.157.6.243
37.157.6.254
37.252.171.22
37.252.171.53
46.19.11.36
46.228.174.117
51.222.80.231
52.213.184.195
52.218.105.114
52.30.157.48
52.48.195.8
52.58.93.190
54.237.77.135
65.9.66.72
69.173.144.138
69.173.144.165
76.223.111.18
77.243.51.121
77.243.51.122
85.114.159.93
88.214.195.87
99.80.180.155
99.80.64.147
02390d1ab2e2351c60e1851f22c0de132f7343dbc63c6cb190a39309a47d6d9c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
060276613e518ac511bdc288160bd259dbb17c686cbf2615088a55099d929682
08a6857f4129f0c4042ee387df7cb958e903b24523e794015ac2d181308a7db9
0a4b92198dd6c0603afb25939e1d8c8e33d5347d9ef88d0d4879fe56b3bfd095
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b1003eebd5c56031b8d35464040b816fe7925764ddb9ebdc1833756165a383d
0b4c9471e5a35341909e4a77a676712cbb90d88e846e9f01b51b99fb56bc9e75
15b91f234cff4988cce19ea97dbb7cfa8709d49c72baa802f5575a4d9d650b5c
19ed5f0efb846d80590ba2b2dba05feaeee55605c28545f62d565416ddac35b7
1a863466621b13fda2daaa78fe0d93c2193dba6fbb01251ae64daa912aed244b
23eb53ccf0241fe057507e32347a9febfcf68d70b11378c1e0c8afdbbbc85140
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c6535d33567beacaf7b9bf92d6e81ad7db872870b21dfadc895e22ac2dd3f04
2d70f850c4dc6ee282b172bddce2a38d8b53a3fb239176fe89a840a88dfdfd38
2ddfa954b20ead944515dea9a009068b25ae194c75c3c2a5034683e90d0357cd
2df54189bea1246e51c7f604869e9ea18dbd09aa45b86ea727b54e7ba6501ff7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35e7240aa795ba7990eeb2c7849cdb4be1109a2a030b0e0c8d578b6411f4d5a3
3848006e0f51ff805b7c66a986c1de9fe5ad5391483c54cd77b59e6d0679359a
38a08afb9b3071d30b8f47001ce67eb2269bcb1924cd377bc99318c57c942fe5
3dda9b271d14659c452372e5ea0ffeff160b98f06a8f71a1636513fcc9dee439
3e5be5d08156e844d1ac151ae44b522809a12dbeb188769740582f1840e382c9
40a236900575284249ff9353904509727f5c0e932193743c9de3aa632f047cc9
4126f7396d5bf3b156fed003736fb5c4c980ccabd3b241da33518975d8ee550f
4281e9660b3be574a212a49a17acc3967e83b21133eaf94b63e22eb96145e519
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4502c04a231c443378a1831d10a35177e7ee514d37c390a7512e5f0dc24c1398
4adde8ea365c6a09071b4d1c0115f7fb809ad7622616ccc799146f9b57816d53
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8e3e01adbef641b93a1d9d08bdf861a2cc5418a3f24b2a2b2e2fe803c85977
50103acdac8009cdc413bb22302b2b0e6a3907748e9717bad82ebe966fd4cb98
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5760615b7efcf72d5e00d5838a60d2a7da7026d35a34ed4b8ef988d6f62cf72a
588998c9e9be1a3293100e0b61e4b129c70942b11f27fe4ba333713a54ad3ebf
595f73ca8877a713867c65320f3b7dd1a373f6c2fdb42cfb641b709d3cbafba5
5c8c145573e9bd5e09c7124354633df1efb417c10d1f7e6c7a1aa95060581aa1
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
64161fc26fd976b3fc958793465067c2fd3d3176ddd215db487f5c89d3d2e259
67b008bdc8d9527476cce9e9d57af49a0504cd697c8ec84c385ce5ce25be999f
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
692b5e9c679d96fccf218db8919bdd3c10294117cdadeaabcd3ece66e195cd69
6ad99f42c256056dd505f81f72d49b621aebc3a343e7ff497b95411a716b585b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7250986404d0fe60ab7faae6634e196598b4d3852b17bc8a77fd93cc77af2bc6
75b9c2b49056fa1d4389eaec19d11c059fd6214b02feb4f4622af01a38d6443b
779361127b686c50f436ce1f541cdd5de7b6ab1a09246eef84402b32b1e4239b
78271c224efe35393eead263436870aa77b3f67c0ee8abd649edfff455c5dfec
78745761a332d80364fcd82b9452b521c04bb608d679d07e20f0c5524f1f65eb
7bbb6a1fe73ec7a64bcc02b1d61b372c0a50108c7d736459ef259eff35dcc830
7db8bcdbd969e3238d7b0742d0f4a4fdf4c4c532ef0ad1bff29dc9afe7ca4122
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7e64dfbbe51df0faefd492b25419cd24f42659c7da0cbd673d32fa998e202e48
7e67ee52b9a022aa7601e1a818cfa91bd7bd9dd4d4e677e24891033ed87b9b61
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
805756861293bd94ef92f2c7fb37c2ebb40a2f3573daa7f8c35b8a820e8d9970
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844b7a94b9288b4ead2caa2537132cb513b311a927d0ad9c33570b07ca91139f
851587577b658ad11cafe62bc010d6d2877e8da18b930eb439bad86a84257ec3
861597d537a36caef2c05fe73ff9ee3a74940653068973343985f6aaa38ef158
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b4fa36920cddb5fc8ce0585972a0389d9a7838052896c6de256193ddcaee83a
8c268886a14393f4d246c2418099de662c30214fd4c7f2cbab0248bca1d89ac5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
922ef4a05120c597fef6e30b56736232ef7b71608bf0fde7eec138efac7bd562
9340049af9215dd484a8790882189e8a2c628f51415936f9bd7ae18a6616df7e
9500d42196478f9d0c4bd68ba9fc8d248bb4bc5b711532ca57f950bf5e311a1c
975d8403dcb1b53109fc725cd8a12b67f870f627fc8c0bb3ce105b8e93429d43
988e9effd6680b71fa8355efb7f41e55baf7fa096fff438cc8838ad0186043a1
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9e4ac1930ab5104c80a5fa3e0aeb864929619b9dc738e110489d9b379c7a5460
9f0cab3a57ff29e4c5ac99346263b99bc9cbdd5a0618ce7edd3b8a9f3fa8c460
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a22ea7bd8797eed5299a9db5b71f7e35a6739e1354cb4807642ceb2c5fc32d34
a27de662882ad21b53bd4a94d81c8d9d61a957515ce70f5a2485c763b3fc133a
a29a4c0ab878357858be4d831908f8f131d2d3f5159e12ac96b604288a071dd4
a31eec0c0038529ff395da7cdc6c42795d946f841fd00da0b7947d2c48b90d1b
a42cad9afea03067456e82dc6aa04029dfb8b760fab4e733dacf80211385863e
a4976c215b6ef52791fd350a09071273652ff997d94491cbb5940b328ee10082
a73650271fae58dbc111ad770065dccf47c77d36a219a566483df24e85abf811
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb126cc335d3af70094c5627edc02a541ceb27d3c6c51906dd80589795df8a
b2ee5398620745dd56f802f9d75c6aea87aa11d95327325b3795c98398a5a328
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c35d7ed109576a05ab81ff746e440da1034a9dbb4412f39a2f90b3897f90725d
c3862cc2028935c5a5f21f873fe7efdc309a56a5776f5a55453c25e94c804b77
c3eeccba7169b039b35447b8d6fa0c80e839a956d8031906062a7c3c6f689265
c45347665880c190ad2926082100a71b4e5eed12e5dcbbc8f2fc6ae9ce8cb8b7
c553aa3fa5c2ff48a0d1c689ac379933c7dafa6330d9043a98eabee42b2b8b72
c6d9bc7b84f3af0ce4f9b6ce8ed55fa014f1f4d7455b1d547ad4fd79f6d23aac
c82c372cd5c4a3b46fddb13499d36d8818044e818b53a6794f340effeea5673a
c8e148d17bf951251e7c8aeb97513cd0eba2e0b502e9d671cb0d3d4b1650bf2b
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d061d49d7dca2febc35bb2f24f549365f423cd71b305f8b70a568a531504c165
d4d836059ea8f33695648802c12093986727fc436f258e9f4871a4b0c00d5e06
d566ddb79dffb9ea7d7cdc73ebc327f642fab184c9d610735e5bcfa9b9f1b23b
d5f517d1e97eae66f5fe0a80694c78f9efd23c349c305243e50e3c712992e365
d7ffb375a78d6b95aae55628f17e8d315c03715986e62c8f8183a1bc5e08ba51
db5d02945ae27249c38c4ba557a83c997302a2af3f432f560ad82c7873fd757e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddbc8df5627f88741cc16e4372b28745dde0971b3ed29c1deba766c0b425dad6
de35a85e9e4d404909d5239a07eadd36a7a66c7d4ed3110840fa3ecc4c1de0a9
e10f4cfa708f6701d7bab85b7a78ffe9686711032cba2fceb8d5456841fc7fb6
e19237af2d984f7b772577bee8f16b86c42e21212c0f9cb0fb17762cc2de04e4
e396720de2ec885895c1c0da9d100c5311408b8e3821799ff4f702e95565db88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c701961392acbbe8397e5b283b1935c6a140aa31316686d8a4686621ad0057
e5dcba698bebaed84d83c7d1769936de26577d8f2033226ea004aea97debdc55
e68e232ad5279308afca8b5a8a5780c778b569e8ae0e6cef9cd18df33fdfe9aa
e721209bf321b38c6822e48c9f4582536031ce1ead1d48361f267bca95d2fd97
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ecb4168a806bb66f0bc69c14099a557d705fe96fca0d4969d02bdd77edd6f075
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7c787a6c2d25303927c9c7a8c60a941044203e259f96a120f8559aac119b7da
fa3b577a638cbb33b1bc0324a32c3f032f945586d316b994e73b766d6e776b66
fb691f794534525c2daafd192014e7f6d45c55a1607e06eeb58ac5b795fa2e46
fba5db76e6e743c8b5d2ef85518308c90f2cefce2958651aef6742e8c04fc29c
fc6543edc9d68d6daa660113cd93f8f66bf2723bb3948e71d0076c22d5c43679
fe26a1772d4c6a0a07b933f71d9cf7a02bf9a0e6866ba9e820b7590a957c7676

leon26.casino Open in urlscan Pro 167.172.41.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

167 Requests

84 %HTTPS

16 %IPv6

66 Domains

79 Subdomains

57 IPs

11 Countries

2737 kBTransfer

8697 kBSize

96 Cookies

3 Outgoing links

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

leon26.casino Open in urlscan Pro
167.172.41.42 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

84 %
HTTPS

16 %
IPv6

66
Domains

79
Subdomains

57
IPs

11
Countries

2737 kB
Transfer

8697 kB
Size

96
Cookies

167 HTTP transactions
3 data transactions