Submitted URL: https://roselocation5.xyz/event_90192fcb-c969-0f42-0f55-29f39a4fba71_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZX...
Effective URL: https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_...
Submission: On August 19 via api from US — Scanned from CA

Summary

This website contacted 23 IPs in 3 countries across 27 domains to perform 100 HTTP transactions. The main IP is 15.197.153.157, located in United States and belongs to AMAZON-02, US. The main domain is leon.casino.
TLS certificate: Issued by R11 on July 4th 2024. Valid for: 3 months.
This is the only time leon.casino was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 6 173.214.240.15 15317 (SERVEREL-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2 199.182.164.180 15317 (SERVEREL-AS)
1 1 104.19.133.76 13335 (CLOUDFLAR...)
2 2 2a00:1d26:c77... 49544 (I3DNET)
3 5 88.214.195.101 46636 (NATCOWEB)
2 88.214.195.112 46636 (NATCOWEB)
5 2607:f8b0:400... 15169 (GOOGLE)
1 1 104.19.132.76 13335 (CLOUDFLAR...)
1 1 2a00:1d26:877... 49544 (I3DNET)
8 15.197.153.157 16509 (AMAZON-02)
36 2a03:90c0:999... 199524 (GCORE)
2 2600:9000:251... 16509 (AMAZON-02)
3 2600:141b:1c0... ()
2 2607:f8b0:400... ()
1 2600:9000:24f... ()
1 185.167.164.44 ()
1 2a02:6ea0:c45... ()
1 2620:116:800b... ()
1 6 68.67.178.10 ()
1 151.101.1.108 ()
1 2600:9000:21d... ()
1 2 35.211.233.246 ()
1 142.251.35.168 ()
1 2 2001:4860:480... ()
1 2600:9000:24f... ()
1 2600:9000:21d... ()
100 23
Apex Domain
Subdomains
Transfer
36 gcdn.co
leoncasino.gcdn.co
cdnimages3.gcdn.co — Cisco Umbrella Rank: 987434
cdnimages2.gcdn.co
1 MB
8 leon.casino
leon.casino
320 KB
7 adnxs.com
secure.adnxs.com
acdn.adnxs.com
ib.adnxs.com
13 KB
7 r2drtb.com
track-us.r2drtb.com
ads-us.r2drtb.com
pixel-us.r2drtb.com
176 KB
5 gstatic.com
fonts.gstatic.com
92 KB
4 manhattanstream4.xyz
manhattanstream4.xyz
3 KB
3 googletagmanager.com
www.googletagmanager.com
253 KB
3 sportradar.com
tm.ads.sportradar.com
tracker.ads.sportradar.com
62 KB
3 skated.co
us.skated.co — Cisco Umbrella Rank: 54985
2 KB
2 google-analytics.com
www.google-analytics.com
893 B
2 sportradarserving.com
a.sportradarserving.com
3 KB
2 liftdsp.com
pj.l.liftdsp.com
ps.l.liftdsp.com
3 KB
2 antillephone.com
0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com
2 KB
2 mgid.com
c.mgid.com — Cisco Umbrella Rank: 5722
clck.mgid.com — Cisco Umbrella Rank: 29499
2 KB
2 pushking.net
xml.pushking.net — Cisco Umbrella Rank: 48173
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
1 quantcount.com
rules.quantcount.com
703 B
1 quantserve.com
secure.quantserve.com
pixel.quantserve.com Failed
10 KB
1 eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com Failed
dsp-ap.eskimi.com Failed
3 KB
1 adform.net
s2.adform.net
track.adform.net Failed
a1.adform.net Failed
31 KB
1 rfihub.net
c1.rfihub.net
6 KB
1 freetrckr.com
freetrckr.com — Cisco Umbrella Rank: 637579
353 B
1 roselocation5.xyz
roselocation5.xyz
129 B
0 admedo.com Failed
pool.admedo.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 doubleclick.net Failed
11843672.fls.doubleclick.net Failed
ad.doubleclick.net Failed
0 leoncas.com Failed
leoncas.com Failed
100 27
Domain Requested by
25 leoncasino.gcdn.co leoncasino.gcdn.co
leon.casino
10 cdnimages2.gcdn.co
8 leon.casino manhattanstream4.xyz
leoncasino.gcdn.co
5 fonts.gstatic.com fonts.googleapis.com
4 secure.adnxs.com 1 redirects c1.rfihub.net
www.googletagmanager.com
4 manhattanstream4.xyz 1 redirects manhattanstream4.xyz
3 www.googletagmanager.com manhattanstream4.xyz
www.googletagmanager.com
3 track-us.r2drtb.com 3 redirects
3 us.skated.co 3 redirects
2 www.google-analytics.com 1 redirects
2 ib.adnxs.com acdn.adnxs.com
2 a.sportradarserving.com 1 redirects
2 tracker.ads.sportradar.com tm.ads.sportradar.com
tracker.ads.sportradar.com
2 pixel-us.r2drtb.com www.googletagmanager.com
2 0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com leoncasino.gcdn.co
leon.casino
2 ads-us.r2drtb.com manhattanstream4.xyz
2 xml.pushking.net 2 redirects
2 fonts.googleapis.com manhattanstream4.xyz
leoncasino.gcdn.co
1 rules.quantcount.com secure.quantserve.com
1 ps.l.liftdsp.com pj.l.liftdsp.com
1 pj.l.liftdsp.com manhattanstream4.xyz
1 acdn.adnxs.com manhattanstream4.xyz
1 secure.quantserve.com manhattanstream4.xyz
1 dsp-media.eskimi.com manhattanstream4.xyz
1 s2.adform.net manhattanstream4.xyz
1 c1.rfihub.net manhattanstream4.xyz
1 tm.ads.sportradar.com manhattanstream4.xyz
1 cdnimages3.gcdn.co leon.casino
1 clck.mgid.com 1 redirects
1 c.mgid.com 1 redirects
1 freetrckr.com 1 redirects
1 roselocation5.xyz 1 redirects
0 pool.admedo.com Failed pj.l.liftdsp.com
0 pixel.quantserve.com Failed
0 x.bidswitch.net Failed
0 ad.doubleclick.net Failed
0 11843672.fls.doubleclick.net Failed www.googletagmanager.com
0 a1.adform.net Failed s2.adform.net
0 track.adform.net Failed s2.adform.net
0 dsp-ap.eskimi.com Failed dsp-media.eskimi.com
0 dsp-trk.eskimi.com Failed dsp-media.eskimi.com
0 leoncas.com Failed leoncasino.gcdn.co
100 42
Subject Issuer Validity Valid
wordbazar4.xyz
E6
2024-07-21 -
2024-10-19
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
leon.casino
R11
2024-07-04 -
2024-10-02
3 months crt.sh
*.gcdn.co
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-07-03 -
2025-08-03
a year crt.sh
*.snippet.antillephone.com
Starfield Secure Certificate Authority - G2
2024-04-29 -
2025-05-31
a year crt.sh
tracker.ads.sportradar.com
R11
2024-07-11 -
2024-10-09
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.r2drtb.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-08 -
2025-07-08
a year crt.sh
*.rfihub.net
Amazon RSA 2048 M03
2023-10-31 -
2024-11-28
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
*.eskimi.com
GeoTrust TLS RSA CA G1
2024-04-08 -
2025-05-09
a year crt.sh
quantserve.com
R10
2024-06-24 -
2024-09-22
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2024-04-08 -
2025-05-09
a year crt.sh
pj.l.liftdsp.com
Amazon RSA 2048 M03
2024-03-22 -
2025-04-20
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
ps.l.liftdsp.com
Amazon RSA 2048 M03
2024-03-22 -
2025-04-20
a year crt.sh

This page contains 3 frames:

Primary Page: https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
Frame ID: E731B6E6513DC7539BF4C345CA6E5ED9
Requests: 100 HTTP requests in this frame

Frame: https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s&pf=
Frame ID: 9ACC6D4D9372EA3F118B2DA3F087CA7A
Requests: 1 HTTP requests in this frame

Frame: https://11843672.fls.doubleclick.net/activityi;src=11843672;type=safev0;cat=safeg000;ord=4205164389991;npa=0;auiddc=466101468.1724031819;ps=1;pcor=1917012409;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9190706784za200zb871047016;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s
Frame ID: 1BC5C821A677FB0663FF5BCF586217CB
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Leon | Slots | LIVE Casino | Online Sports Betting

Page URL History Show full URLs

  1. https://roselocation5.xyz/event_90192fcb-c969-0f42-0f55-29f39a4fba71_102_0_3001?payload=JTdCJTIyaCUyMi... HTTP 302
    https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
  2. https://xml.pushking.net/click?s=1&tid=534&sid=0fb397038d7dbfb6396c282470bfaed9&rnd=840484144 HTTP 302
    https://clck.mgid.com/ghits/d/610131/i/57755505/src/3991/pp/1/1?h=A8Z90u8N_-HPFaLhPl9vIQa_kPFKU4lv... HTTP 301
    https://us.skated.co/nty/postback/click?key=v2-1724031809144-7-1820-1341322-caa7801a-8d5c-d716-7e... HTTP 302
    https://track-us.r2drtb.com/push/c?auth=xqgsw3&c=PidgZKg74grUVeREOdPoiJv34bgi4J3Ber3u5kuPKEqgfxFon8aS_3U... HTTP 302
    https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-ba... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

100
Requests

76 %
HTTPS

56 %
IPv6

27
Domains

42
Subdomains

23
IPs

3
Countries

2500 kB
Transfer

7342 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://roselocation5.xyz/event_90192fcb-c969-0f42-0f55-29f39a4fba71_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtYTdkNmY4ZjYwM2YxYWM2NDQxNDliYjc0MzdjZjI4MGUtMjUxMy0wLjAwMjY0NyUyMiU1RCU3RA%3D%3D&t=1723437756220&rnd=224198291...%20396%20...4ZTQ2NTdfcmV4X2NhJTIyJTdE&if=1 HTTP 302
    https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
    https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
  2. https://xml.pushking.net/click?s=1&tid=534&sid=0fb397038d7dbfb6396c282470bfaed9&rnd=840484144 HTTP 302
    https://clck.mgid.com/ghits/d/610131/i/57755505/src/3991/pp/1/1?h=A8Z90u8N_-HPFaLhPl9vIQa_kPFKU4lvqCYWiHvx82-46HlQVMi819e2yNUt6v4m28n8OaEcLpyYYDh-5_kK86yPz2O1qa5BieEf4v121gI*&rid=6f1c58af-5dcc-11ef-8602-c84bd6836428&u=SlD-eoYJqFer0KkA4Pm0z6TjS3-fzzM5_UBdMaKg1bJbqqDoFD4dMKuM03mklwYUkCrrHjAUOJ6qT6Omjey-g_CVIgkxYsnXYOLot16OFliCzLCFjVKOx3bYjG2SDvFq6TsZoX6SPKC94vgF8EAviNi1mEjHZwyUsptU0jeeLno*&tt=Direct&att=3&pubsrcid=890922&ct=1&st=-240&h2=woxgTEBV7TgdHauzxy6ijojH529SlqhGbp_BMCT1tud1CkIQUo96Plo-7Z4R0L66 HTTP 301
    https://us.skated.co/nty/postback/click?key=v2-1724031809144-7-1820-1341322-caa7801a-8d5c-d716-7ef9-1259f0a0818b HTTP 302
    https://track-us.r2drtb.com/push/c?auth=xqgsw3&c=PidgZKg74grUVeREOdPoiJv34bgi4J3Ber3u5kuPKEqgfxFon8aS_3UlRHPMrf5Np7MMW0vL_Ffhz9oDCeW3Iv1yiBRq1Ta9idHRTiAQyjhb_oS2x-40e0TtJYlIHgeCvm2uMdT8mgOFrUFrzGngnjsA_0gjtPEYTb4FGtQZ2bgDtYLbQ_p1Te1MVQ3YRCC-eQMbjBl4xQrEIhAlsNVh5rytysdK-b27pjU_u1V1lk-gSPC_6jGZx4UonsX5T0rCMWWVCDBFWJSognTsDFjAApInfVJgOPsjokD5Cfip26Y0614oYIXVlHsvj7pdOPGY_dTOEaSe-j5lM5kRBljnl2VuJi_NmVoGHg0Rs1IcXYKemTtyOwVGTJ6haJCq4Dy8NKadfoG4d2cwlg0g10XftAoIl4vwGDL_ltyz4CIdWrhvjj8bksxcvDUZbJRwZZbGSD_hMkw7L0Z8P_wlt9_dCnJ1vbeg6QXrevk41rQggGz5zQ5SBxhKkS3ZEYbRjIROj56srhSwywEFeVqVwaWAVnJlf-oc-oOhnIk9W_SZJoYP5Y2Yekb3xq47c3FJFmmIxEx6dp4rPixj-GZTkyPd20csz5xu1G5e9AMQ5NglAFhVbp6crTMGFHc4MftjP8YM HTTP 302
    https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://roselocation5.xyz/event_90192fcb-c969-0f42-0f55-29f39a4fba71_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtYTdkNmY4ZjYwM2YxYWM2NDQxNDliYjc0MzdjZjI4MGUtMjUxMy0wLjAwMjY0NyUyMiU1RCU3RA%3D%3D&t=1723437756220&rnd=224198291...%20396%20...4ZTQ2NTdfcmV4X2NhJTIyJTdE&if=1 HTTP 302
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
  • https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Request Chain 2
  • https://manhattanstream4.xyz/event_d8a16057-570e-3ad0-f2fb-5c443a530bed_101_3285_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDBmYjM5NzAzOGQ3ZGJmYjYzOTZjMjgyNDcwYmZhZWQ5JTI2cm5kJTNEMTM3NTE4NDY2&t=1724031809867&rnd=891691481&i=1 HTTP 302
  • https://xml.pushking.net/icon?sid=0fb397038d7dbfb6396c282470bfaed9&rnd=137518466 HTTP 302
  • https://c.mgid.com/c?pv=2&v=0|0|0|A8Z90u8N_-HPFaLhPl9vIQa_kPFKU4lvqCYWiHvx82-46HlQVMi819e2yNUt6v4m28n8OaEcLpyYYDh-5_kK86yPz2O1qa5BieEf4v121gI*&cid=1423484&f=1&h2=woxgTEBV7TgdHauzxy6ijojH529SlqhGbp_BMCT1tud1CkIQUo96Plo-7Z4R0L66&rid=6f1c58af-5dcc-11ef-8602-c84bd6836428&psid=890922&turl=https%3A%2F%2Fservicer.mgid.com%2Fpixel%3Fh%3DiAcBaoikOiMDCARGsoYjJ5jMcGkeBRJ3Wni9ZEuV7BgOEpyxPGJr9c0yvyoxLnnD2WorxeWbhqeMJwKuJsXXQB2Yp3RlNiuU9yz-ya5e-Lu6VaeV9PM5pw%26r%3D6f1c58af-5dcc-11ef-8602-c84bd6836428%26l%3D%26c%3D%26ps%3D890922%26tt%3DDirect%26ts%3D%26iv%3D0%26prid%3D0%26advsrc%3D3991&iub=aHR0cHM6Ly91cy5za2F0ZWQuY28vbnR5L21ldHJpY3Mvc2F2ZS5pbWc_ZXZlbnQ9aW1wcmVzc2lvbnMmYmlkLWlkPXYyLTE3MjQwMzE4MDkxNDQtNy0xODIwLTEzNDEzMjItY2FhNzgwMWEtOGQ1Yy1kNzE2LTdlZjktMTI1OWYwYTA4MThiJmltZz1odHRwcyUzQSUyRiUyRnRyYWNrLXVzLnIyZHJ0Yi5jb20lMkZwdXNoJTJGaWMlM0ZhdXRoJTNEeHFnc3czJTI2YyUzRHl4dWFLRDRMMmdDVGgyUGh3b2dsSngyTGd0NXVkQS1nc3drTFJGdFV6c2F5eHplS2pXYkJtMTd0b2lhcWEzSXM0Z0pfaWsxV1U0Vm91S2Ewc21RczNVNE5VRTNKVWU1WDlOYzI4a0trWE9IYmNmblY4SVAzQzJuZzJqYlJJV0ZwdkJuMUs1UkhUNmhTd1daQ013RVJOLU1pNFdoeV9EQ3ZrM0pzYnR1Nnd1ZlVjV08zSmtlbEhwWlpXVlNYVWtfSXh3ZmE4aDJTcVJNR1lSY3c5MmNYQUJEcWRNNHFIc0hqN2ctOFRQUFlHY0NTcF9BeTd0eXVNUjJmUW1iYnVvbEVFRUtJdzJwLXREeXFvRXhtVVdSQkxyS0pOa0ZxLWFhdFFZVjFvQlVaNVNvRHgxY2gxWTMza011VFZGLTRPbENlM0pwVGZwVzZnN2RNbnVuZjVpSENwNTQwTTdYUC1IQWxXUEJxdG4ySVhZSk9WdjVNdFNGczY5Zy1kMjl1N3FCY1lBR2xlZlpjOHdocm01UkZLWHlnOFVlNVBrbnFUb2lrYjNDTzBCUXNqTlduM25HTEVaR0Z4cjJwdURMLUdjazRGOU1Hb1pNZnVnWmhkMzA3ZXJtRWM3OXJJZ0V5aDlzTlhJSENoOFQwVjNRdVJrQmROMFNQXy1XV2JtWW15V0wzNFktM2hJTUlJR1BJc01qWWllUmZRemhSQnRXTXNOb1VONGVoRndLdDZjUQ== HTTP 301
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1724031809144-7-1820-1341322-caa7801a-8d5c-d716-7ef9-1259f0a0818b&img=https%3A%2F%2Ftrack-us.r2drtb.com%2Fpush%2Fic%3Fauth%3Dxqgsw3%26c%3DyxuaKD4L2gCTh2PhwoglJx2Lgt5udA-gswkLRFtUzsayxzeKjWbBm17toiaqa3Is4gJ_ik1WU4VouKa0smQs3U4NUE3JUe5X9Nc28kKkXOHbcfnV8IP3C2ng2jbRIWFpvBn1K5RHT6hSwWZCMwERN-Mi4Why_DCvk3Jsbtu6wufUcWO3JkelHpZZWVSXUk_Ixwfa8h2SqRMGYRcw92cXABDqdM4qHsHj7g-8TPPYGcCSp_Ay7tyuMR2fQmbbuolEEEKIw2p-tDyqoExmUWRBLrKJNkFq-aatQYV1oBUZ5SoDx1ch1Y33kMuTVF-4OlCe3JpTfpW6g7dMnunf5iHCp540M7XP-HAlWPBqtn2IXYJOVv5MtSFs69g-d29u7qBcYAGlefZc8whrm5RFKXyg8Ue5PknqToikb3CO0BQsjNWn3nGLEZGFxr2puDL-Gck4F9MGoZMfugZhd307ermEc79rIgEyh9sNXIHCh8T0V3QuRkBdN0SP_-WWbmYmyWL34Y-3hIMIIGPIsMjYieRfQzhRBtWMsNoUN4ehFwKt6cQ HTTP 302
  • https://track-us.r2drtb.com/push/ic?auth=xqgsw3&c=yxuaKD4L2gCTh2PhwoglJx2Lgt5udA-gswkLRFtUzsayxzeKjWbBm17toiaqa3Is4gJ_ik1WU4VouKa0smQs3U4NUE3JUe5X9Nc28kKkXOHbcfnV8IP3C2ng2jbRIWFpvBn1K5RHT6hSwWZCMwERN-Mi4Why_DCvk3Jsbtu6wufUcWO3JkelHpZZWVSXUk_Ixwfa8h2SqRMGYRcw92cXABDqdM4qHsHj7g-8TPPYGcCSp_Ay7tyuMR2fQmbbuolEEEKIw2p-tDyqoExmUWRBLrKJNkFq-aatQYV1oBUZ5SoDx1ch1Y33kMuTVF-4OlCe3JpTfpW6g7dMnunf5iHCp540M7XP-HAlWPBqtn2IXYJOVv5MtSFs69g-d29u7qBcYAGlefZc8whrm5RFKXyg8Ue5PknqToikb3CO0BQsjNWn3nGLEZGFxr2puDL-Gck4F9MGoZMfugZhd307ermEc79rIgEyh9sNXIHCh8T0V3QuRkBdN0SP_-WWbmYmyWL34Y-3hIMIIGPIsMjYieRfQzhRBtWMsNoUN4ehFwKt6cQ HTTP 302
  • https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1713964864859-olu6Kytpux7x.png
Request Chain 3
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1724031809144-7-1820-1341322-caa7801a-8d5c-d716-7ef9-1259f0a0818b&price=0&img=https%3A%2F%2Ftrack-us.r2drtb.com%2Fpush%2Fim%3Fauth%3Dxqgsw3%26c%3DuHJQ-i9OQFGkhSSOhtmOSCzM7azuEBX72HMwkYIv-NLd2QXFbnxeyrxl0yJC7UemECmxDIi6E0M4DVAx4Gc2Hq1Yme3SJcgFKZR-9If4AgzLtetPSn_of_y1fLy4R43DDYSN6JFvYvGfu_d8uuHovlgSzmS7pCPTKoU0iYgiGc8NUpELIvxICaqYyeuRFRQBr79Y6KijJ3KNqt0ZwklY9Vt3veGv4Y3Y9uQUVLWhZKMbEPHEVC-_PMCFlLAaxaLOPojhvncfY8as8nXNtimshY9NRo1kWFJITopGW3LJxl5-3kWaSziMIFlaNpBzVsV4NXJXa81oxJCfqOTZx88QMbwiVNtDygqakHW50Z1LUw3kAt3uuqcxSLTbCxwR4rjqtvZAwgULZAh1pSY1-56vCqMwlNtX-k-ep6NpLzyR-DRZpH4ZfUe5faGbYknh7Kh-98TOiT4atVvXXWdj6sYCyDahRcsu3lhgk93Wp-zm8TORCVWisI-V23EM8MYZt6TsjN0bNyrcmZj7Oj8wap0zl6otwgRlAHTS-0RyFBnGdsI HTTP 302
  • https://track-us.r2drtb.com/push/im?auth=xqgsw3&c=uHJQ-i9OQFGkhSSOhtmOSCzM7azuEBX72HMwkYIv-NLd2QXFbnxeyrxl0yJC7UemECmxDIi6E0M4DVAx4Gc2Hq1Yme3SJcgFKZR-9If4AgzLtetPSn_of_y1fLy4R43DDYSN6JFvYvGfu_d8uuHovlgSzmS7pCPTKoU0iYgiGc8NUpELIvxICaqYyeuRFRQBr79Y6KijJ3KNqt0ZwklY9Vt3veGv4Y3Y9uQUVLWhZKMbEPHEVC-_PMCFlLAaxaLOPojhvncfY8as8nXNtimshY9NRo1kWFJITopGW3LJxl5-3kWaSziMIFlaNpBzVsV4NXJXa81oxJCfqOTZx88QMbwiVNtDygqakHW50Z1LUw3kAt3uuqcxSLTbCxwR4rjqtvZAwgULZAh1pSY1-56vCqMwlNtX-k-ep6NpLzyR-DRZpH4ZfUe5faGbYknh7Kh-98TOiT4atVvXXWdj6sYCyDahRcsu3lhgk93Wp-zm8TORCVWisI-V23EM8MYZt6TsjN0bNyrcmZj7Oj8wap0zl6otwgRlAHTS-0RyFBnGdsI HTTP 302
  • https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1713964864871-pBC8WK0csxv6.png
Request Chain 74
  • https://secure.adnxs.com/seg?add=37094577&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1
Request Chain 78
  • https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235 HTTP 302
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
Request Chain 82
  • https://www.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je48e0v871047016z8890860847za200zb890860847&_p=1724031818384&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=17166364.1724031819&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724031818&sct=1&seg=0&dl=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s&dt=Leon%20%7C%20Slots%20%7C%20LIVE%20Casino%20%7C%20Online%20Sports%20Betting&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=4229 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=17166364.1724031819&dbk=10866847483811800023&dma=0&en=page_view&gtm=45je48e0v871047016z8890860847za200zb890860847&npa=0&tid=G-JZZNGY93CC&dl=https%3A%2F%2Fleon.casino%3F
Request Chain 84
  • https://20828756p.rfihub.com/ca.html?ver=9&rb=43197&ca=20828756&_o=43197&_t=20828756&pe=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s&pf=&ra=7400698461365078 HTTP 302
  • https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s&pf=

100 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js
manhattanstream4.xyz/
Redirect Chain
  • https://roselocation5.xyz/event_90192fcb-c969-0f42-0f55-29f39a4fba71_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtYTdkNmY4ZjYwM2YxYWM2NDQxNDliY...
  • https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
  • https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
6 KB
3 KB
Document
General
Full URL
https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
f763bdcac5045b18348691543a732bcd61c27c3c22ec648036287e268008f039

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 19 Aug 2024 01:43:29 GMT
server
nginx

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date
Mon, 19 Aug 2024 01:43:29 GMT
location
https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server
nginx
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30178da7de15b8e656f518f79bab12b30348156661b2b6c8293bc9a1411a0288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://manhattanstream4.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 01:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 00:13:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Aug 2024 01:43:31 GMT
1713964864859-olu6Kytpux7x.png
ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/
Redirect Chain
  • https://manhattanstream4.xyz/event_d8a16057-570e-3ad0-f2fb-5c443a530bed_101_3285_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDBmYjM5NzAzOGQ3ZGJmYjYzOTZjMjgyNDcwYmZhZWQ...
  • https://xml.pushking.net/icon?sid=0fb397038d7dbfb6396c282470bfaed9&rnd=137518466
  • https://c.mgid.com/c?pv=2&v=0|0|0|A8Z90u8N_-HPFaLhPl9vIQa_kPFKU4lvqCYWiHvx82-46HlQVMi819e2yNUt6v4m28n8OaEcLpyYYDh-5_kK86yPz2O1qa5BieEf4v121gI*&cid=1423484&f=1&h2=woxgTEBV7TgdHauzxy6ijojH529SlqhGbp_...
  • https://us.skated.co/nty/metrics/save.img?event=impressions&bid-id=v2-1724031809144-7-1820-1341322-caa7801a-8d5c-d716-7ef9-1259f0a0818b&img=https%3A%2F%2Ftrack-us.r2drtb.com%2Fpush%2Fic%3Fauth%3Dxq...
  • https://track-us.r2drtb.com/push/ic?auth=xqgsw3&c=yxuaKD4L2gCTh2PhwoglJx2Lgt5udA-gswkLRFtUzsayxzeKjWbBm17toiaqa3Is4gJ_ik1WU4VouKa0smQs3U4NUE3JUe5X9Nc28kKkXOHbcfnV8IP3C2ng2jbRIWFpvBn1K5RHT6hSwWZCMwE...
  • https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1713964864859-olu6Kytpux7x.png
62 KB
62 KB
Image
General
Full URL
https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1713964864859-olu6Kytpux7x.png
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
HTTP/1.1
Server
88.214.195.112 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
35a38ac06e7fa2b8eee7dd079dfbc1f5ff57f2af8f8fc9a31b28855b3330e343

Request headers

Referer
https://manhattanstream4.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 01:43:33 GMT
Last-Modified
Tue, 25 Jun 2024 13:11:07 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"667ac1eb-f7cb"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63435

Redirect headers

Pragma
no-cache
Date
Mon, 19 Aug 2024 01:43:32 GMT
Server
nginx/1.14.0 (Ubuntu)
Location
https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1713964864859-olu6Kytpux7x.png
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
1713964864871-pBC8WK0csxv6.png
ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/
Redirect Chain
  • https://us.skated.co/nty/metrics/save.img?event=tracked_impressions&bid-id=v2-1724031809144-7-1820-1341322-caa7801a-8d5c-d716-7ef9-1259f0a0818b&price=0&img=https%3A%2F%2Ftrack-us.r2drtb.com%2Fpush%...
  • https://track-us.r2drtb.com/push/im?auth=xqgsw3&c=uHJQ-i9OQFGkhSSOhtmOSCzM7azuEBX72HMwkYIv-NLd2QXFbnxeyrxl0yJC7UemECmxDIi6E0M4DVAx4Gc2Hq1Yme3SJcgFKZR-9If4AgzLtetPSn_of_y1fLy4R43DDYSN6JFvYvGfu_d8uuH...
  • https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1713964864871-pBC8WK0csxv6.png
111 KB
111 KB
Image
General
Full URL
https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1713964864871-pBC8WK0csxv6.png
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
HTTP/1.1
Server
88.214.195.112 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5348dcee6746a9fa4370c196b33ea4db8ffa6b91bc3d8c8fe7f04e20af85088a

Request headers

Referer
https://manhattanstream4.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 01:43:33 GMT
Last-Modified
Tue, 25 Jun 2024 13:11:02 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"667ac1e6-1bbe5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113637

Redirect headers

Pragma
no-cache
Date
Mon, 19 Aug 2024 01:43:32 GMT
Server
nginx/1.14.0 (Ubuntu)
Location
https://ads-us.r2drtb.com/creatives/yrxqwv29g84k154jkzepn631/1713964864871-pBC8WK0csxv6.png
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://manhattanstream4.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 20:52:51 GMT
x-content-type-options
nosniff
age
276641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Aug 2025 20:52:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://manhattanstream4.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 20:52:51 GMT
x-content-type-options
nosniff
age
276641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Aug 2025 20:52:51 GMT
favicon.ico
manhattanstream4.xyz/
548 B
245 B
Other
General
Full URL
https://manhattanstream4.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:33 GMT
content-encoding
gzip
server
nginx
content-type
text/html
event_d8a16057-570e-3ad0-f2fb-5c443a530bed_101_0_3000
manhattanstream4.xyz/
117 B
208 B
Script
General
Full URL
https://manhattanstream4.xyz/event_d8a16057-570e-3ad0-f2fb-5c443a530bed_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTBmYjM5NzAzOGQ3ZGJmYjYzOTZjMjgyNDcwYmZhZWQ5LTMyODUtMC4wMTcxNCUyMiU1RCU3RA%3D%3D&t=1724031809867&rnd=555620794&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS
173.214.240.15.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:34 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript
Primary Request loyalty-program-casino
leon.casino/en-ca/promo/bonuses/
Redirect Chain
  • https://xml.pushking.net/click?s=1&tid=534&sid=0fb397038d7dbfb6396c282470bfaed9&rnd=840484144
  • https://clck.mgid.com/ghits/d/610131/i/57755505/src/3991/pp/1/1?h=A8Z90u8N_-HPFaLhPl9vIQa_kPFKU4lvqCYWiHvx82-46HlQVMi819e2yNUt6v4m28n8OaEcLpyYYDh-5_kK86yPz2O1qa5BieEf4v121gI*&rid=6f1c58af-5dcc-11ef...
  • https://us.skated.co/nty/postback/click?key=v2-1724031809144-7-1820-1341322-caa7801a-8d5c-d716-7ef9-1259f0a0818b
  • https://track-us.r2drtb.com/push/c?auth=xqgsw3&c=PidgZKg74grUVeREOdPoiJv34bgi4J3Ber3u5kuPKEqgfxFon8aS_3UlRHPMrf5Np7MMW0vL_Ffhz9oDCeW3Iv1yiBRq1Ta9idHRTiAQyjhb_oS2x-40e0TtJYlIHgeCvm2uMdT8mgOFrUFrzGng...
  • https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
25 KB
10 KB
Document
General
Full URL
https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/event_d8a16057-570e-3ad0-f2fb-5c443a530bed_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTBmYjM5NzAzOGQ3ZGJmYjYzOTZjMjgyNDcwYmZhZWQ5LTMyODUtMC4wMTcxNCUyMiU1RCU3RA%3D%3D&t=1724031809867&rnd=555620794&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.153.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a74c9b096c06d2617.awsglobalaccelerator.com
Software
nginx /
Resource Hash
c4bf78a858a8484bf17bac73363af2ed6f60d8778f4b8de0678c6af012eb3388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 19 Aug 2024 01:43:36 GMT
expires
0
link
<https://leoncasino.gcdn.co/js/webpack.d.m.70f52c03.js>; rel=preload; as=script; crossorigin=anonymous, <https://leoncasino.gcdn.co/js/vendors.d.m.e34031c0.js>; rel=preload; as=script; crossorigin=anonymous, <https://leoncasino.gcdn.co/js/app.14a59ccf553c.js>; rel=preload; as=script; crossorigin=anonymous
pragma
no-cache
server
nginx
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Aug 2024 01:43:35 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Location
https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
Pragma
no-cache
Server
nginx/1.14.0 (Ubuntu)
webpack.d.m.70f52c03.js
leoncasino.gcdn.co/js/
145 KB
26 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/webpack.d.m.70f52c03.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4f1e3cd206c139f7c4a3fe7aee0b0a69d760b721458ac107e432515fcdf34d5b

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
gzip
age
306214
x-cached-since
2024-08-15T12:40:02+00:00
x-id-fe
td2-hw-edge-gc10
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-3b980d948ba5301c189977d7ab1d135e-823b8322851e2cea-01
etag
W/"66bcd13b-24465"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
vendors.d.m.e34031c0.js
leoncasino.gcdn.co/js/
201 KB
57 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/vendors.d.m.e34031c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d7151c36b75db9469e442ade91112892922cdddf4c28db6cbb98d404baf8f384

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
br
age
306214
x-cached-since
2024-08-15T12:40:02+00:00
x-id-fe
td2-hw-edge-gc10
content-length
58245
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-de70110951254ed83fed298db181d96d-7d920fe61da09820-01
etag
"66bcd13b-e385"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.14a59ccf553c.js
leoncasino.gcdn.co/js/
418 KB
80 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2eacc40f656e02e92f7e364b7a7e04ac64afd7e2a2060e2139e6d59f38ffef3f

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
br
age
233086
x-cached-since
2024-08-16T08:58:50+00:00
x-id-fe
td2-hw-edge-gc10
content-length
81597
last-modified
Fri, 16 Aug 2024 07:37:29 GMT
server
nginx
traceparent
00-18cd598604d4ccca89858952b3b02f73-e5b462ea041a122a-01
etag
"66bf01b9-13ebd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendor-lodash.d.m.b793a1ab.js
leoncasino.gcdn.co/js/
73 KB
30 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-vendor-lodash.d.m.b793a1ab.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
01d65e39ad41b2521645209375fee26c05d0863a13b687e4156225007609003a

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
gzip
age
306213
x-cached-since
2024-08-15T12:40:03+00:00
x-id-fe
td2-hw-edge-gc10
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-150f5bf78e06d390d417a452528d4b2b-d255487795b3ac1e-01
etag
W/"66bcd13b-123bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendor-vue-router.d.m.a8c7eb76.js
leoncasino.gcdn.co/js/
23 KB
8 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-vendor-vue-router.d.m.a8c7eb76.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1a8e11374ebd6d21753ca4041aface7df69a5965fbea133d5bda0ebf5df1e752

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
br
age
306214
x-cached-since
2024-08-15T12:40:02+00:00
x-id-fe
td2-hw-edge-gc10
content-length
8332
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-e88997d225ad0bea452c8aab92fbd19a-03314d15f958740a-01
etag
"66bcd13b-208c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendor-vue.d.m.a6b5d65b.js
leoncasino.gcdn.co/js/
144 KB
47 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-vendor-vue.d.m.a6b5d65b.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9a98674b09b37609bb5c06d71e9a68673cc5720f3fd1eee87a1889eaac3a85dc

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
br
age
306213
x-cached-since
2024-08-15T12:40:03+00:00
x-id-fe
td2-hw-edge-gc10
content-length
48134
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-6aca973ba678a09d895832eb1d96deff-4e1fa5c7e7608cdd-01
etag
"66bcd13b-bc06"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-route-modules-core.d.m.ca20f000.js
leoncasino.gcdn.co/js/
75 KB
16 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-route-modules-core.d.m.ca20f000.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3f476217073523d6a928b308721f676eefd41ee402888412a039dbac42800f1b

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
br
age
306213
x-cached-since
2024-08-15T12:40:03+00:00
x-id-fe
td2-hw-edge-gc10
content-length
15797
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-2eca9f9adc31a79d6a8386bdb886d083-488a07130d735335-01
etag
"66bcd13b-3db5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-sportline.d.m.d336a68e.js
leoncasino.gcdn.co/js/
36 KB
12 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-module-sportline.d.m.d336a68e.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
baaf4783bfec5deedacc51cc0a7d5f82e815748d3d71c74602d3e54bb5e25621

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
gzip
age
233085
x-cached-since
2024-08-16T08:58:51+00:00
x-id-fe
td2-hw-edge-gc10
last-modified
Fri, 16 Aug 2024 07:37:29 GMT
server
nginx
traceparent
00-85a5039d236f252858af1149e071a087-00bc0a8b8ac95f80-01
etag
W/"66bf01b9-9063"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-profile.d.m.de1944c3.js
leoncasino.gcdn.co/js/
27 KB
9 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-module-profile.d.m.de1944c3.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7817e340f1924eec217db688c5fe66beca15364fad3d42d05778abc8d52c6e0d

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
gzip
age
233085
x-cached-since
2024-08-16T08:58:51+00:00
x-id-fe
td2-hw-edge-gc10
last-modified
Fri, 16 Aug 2024 07:37:29 GMT
server
nginx
traceparent
00-989b1796cb4ab3af2583d91c4f0a8859-b6440b926d6d8c12-01
etag
W/"66bf01b9-6b6a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-core.d.m.ceb63807.js
leoncasino.gcdn.co/js/
146 KB
36 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-module-core.d.m.ceb63807.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e5f10e11104b505cea2347294473cd0a70792ef91c0df9412a2fc588d07c65dd

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
br
age
233085
x-cached-since
2024-08-16T08:58:51+00:00
x-id-fe
td2-hw-edge-gc10
content-length
36304
last-modified
Fri, 16 Aug 2024 07:37:29 GMT
server
nginx
traceparent
00-cd35ae6f569b2511cfe7069d0dd0d5d0-d441111efbec1962-01
etag
"66bf01b9-8dd0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-referral-program.d.m.ed81df90.js
leoncasino.gcdn.co/js/
27 KB
6 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-module-referral-program.d.m.ed81df90.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
14fcf291d49e8ed5e21286d65a31251b08656ffa404e62845d6dde0f392daf96

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
br
age
233085
x-cached-since
2024-08-16T08:58:51+00:00
x-id-fe
td2-hw-edge-gc10
content-length
5999
last-modified
Fri, 16 Aug 2024 07:37:29 GMT
server
nginx
traceparent
00-33af1c56ce7c444b8a06aa2a2abbad96-daea6560ab24dd93-01
etag
"66bf01b9-176f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-errors.d.m.6f060efa.js
leoncasino.gcdn.co/js/
16 KB
6 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-module-errors.d.m.6f060efa.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8bef7b80bb1299d791259d637f28d7002a111591bf0d61dbc40d850bf8374625

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
gzip
age
306213
x-cached-since
2024-08-15T12:40:03+00:00
x-id-fe
td2-hw-edge-gc10
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-0947d10a47aa082395935cbe8ae51e3a-894e9149685e196f-01
etag
W/"66bcd13b-40e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-pin-code.d.m.2f8166ca.js
leoncasino.gcdn.co/js/
29 KB
8 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-module-pin-code.d.m.2f8166ca.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
05039554133861ed7404ea826a89b5f2b08d35ad855d98905afc87ad681f874b

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
br
age
306213
x-cached-since
2024-08-15T12:40:03+00:00
x-id-fe
td2-hw-edge-gc10
content-length
7614
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-0e2722aa173fdfe5179660b11cf1a20d-bbfa2f9736f5c54b-01
etag
"66bcd13b-1dbe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-dialogs.d.m.e76e5dda.js
leoncasino.gcdn.co/js/
22 KB
7 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-module-dialogs.d.m.e76e5dda.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
41836e29b83c27bb9c48a57ee7e987c826b813b75caecdf135156336ae6f00bb

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
gzip
age
306213
x-cached-since
2024-08-15T12:40:03+00:00
x-id-fe
td2-hw-edge-gc10
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-56d3b362e88ba5539b1cafe8a268ac5f-3068ab5216a7da5d-01
etag
W/"66bcd13b-581b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-customer-notifications.d.m.1bbb7761.js
leoncasino.gcdn.co/js/
17 KB
4 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-module-customer-notifications.d.m.1bbb7761.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4c1c639fc0250c7a5a55b04091af0986d4de1038c10b0a97f48daeb51bd0d29c

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
br
age
306213
x-cached-since
2024-08-15T12:40:03+00:00
x-id-fe
td2-hw-edge-gc10
content-length
4237
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-877d2d17ecae3543132c1b739ee78ddd-20131d841dac7c06-01
etag
"66bcd13b-108d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-analytics.d.m.777f023c.js
leoncasino.gcdn.co/js/
26 KB
8 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-module-analytics.d.m.777f023c.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
376da8e02e0d14441afc6dcccaf797fc748f10e529c8e297d715ae03dd5e102f

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
br
age
233085
x-cached-since
2024-08-16T08:58:51+00:00
x-id-fe
td2-hw-edge-gc10
content-length
8103
last-modified
Fri, 16 Aug 2024 07:37:29 GMT
server
nginx
traceparent
00-c0f2dc00cfec4ace5855cf2af3b4b972-2320f7b6c707ca7a-01
etag
"66bf01b9-1fa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-app.d.m.82a8c437.js
leoncasino.gcdn.co/js/
2 MB
687 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-app.d.m.82a8c437.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d433cdd7cdad80b1bcd1b74426fa91456e1c00a33f613d53995f11b69cede39a

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
gzip
age
233085
x-cached-since
2024-08-16T08:58:51+00:00
x-id-fe
td2-hw-edge-gc10
last-modified
Fri, 16 Aug 2024 07:37:29 GMT
server
nginx
traceparent
00-3391015351c41ae95f04718769ff7ee2-9664ca3d89b2d180-01
etag
W/"66bf01b9-2355bb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendors.d.m.84fbdfd0.js
leoncasino.gcdn.co/js/
489 KB
182 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-vendors.d.m.84fbdfd0.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ac6d4386d37da0384c5c8a6e4ca3c95f8d65b20f3904ac3491f60195c32f278c

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
gzip
age
306213
x-cached-since
2024-08-15T12:40:03+00:00
x-id-fe
td2-hw-edge-gc10
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-67f691ac2d0d6525a676e7f64650a3c3-df2d4e343aa8c079-01
etag
W/"66bcd13b-7a4aa"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
api-1
leon.casino/
266 KB
60 KB
Fetch
General
Full URL
https://leon.casino/api-1
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.153.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a74c9b096c06d2617.awsglobalaccelerator.com
Software
nginx /
Resource Hash
3c280be6891ca5143257d8b85488d25d70131e341e7273599f5e269596eef227
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-browser
chrome
x-retention-id
b7780a13-f4bd-4661-bad1-b39d21d2ae82
x-app-platform
web
x-app-env
prod
x-requested-uri
/en-ca/promo/bonuses/loyalty-program-casino
x-app-skin
leoncasino
x-qtag
a27077_t27858_c224_s
x-app-version
6.94.3
x-app-os
linux
x-utm-source
canada
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json
Referer
https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
x-app-modernity
modern
x-app-rendering
csr

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
en-CA
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
css2
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-core.d.m.ceb63807.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1334009059de0bfdd2e69b8428bb1234a8ada5a0f2225f6271bddb39610578d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 01:43:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Aug 2024 01:43:37 GMT
async-route-modules-promotions.d.m.d17b60e6.js
leoncasino.gcdn.co/js/
110 KB
21 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-route-modules-promotions.d.m.d17b60e6.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
023c0d24f0993e78db991bf8f4d447e712a91d7160d9567cb4663b2631ebce59

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
br
age
306484
x-cached-since
2024-08-15T12:35:33+00:00
x-id-fe
td2-hw-edge-gc10
content-length
20844
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-ca536183f4a9a31d431b493a4c1bbddb-5e8105b75bf7d705-01
etag
"66bcd13b-516c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
api-1
leon.casino/
19 KB
6 KB
Fetch
General
Full URL
https://leon.casino/api-1
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.153.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a74c9b096c06d2617.awsglobalaccelerator.com
Software
nginx /
Resource Hash
60802c5f058bb0171368f6319adeeb64b3dface5f03c4e4701d5ce0087ca314b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
DARK
x-app-browser
chrome
x-retention-id
b7780a13-f4bd-4661-bad1-b39d21d2ae82
x-app-platform
web
x-app-env
prod
x-requested-uri
/en-ca/promo/bonuses/loyalty-program-casino
x-app-skin
leoncasino
x-qtag
a27077_t27858_c224_s
x-app-version
6.94.3
x-app-os
linux
x-utm-source
canada
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json
Referer
https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
x-app-language
en_CA
x-app-modernity
modern
x-app-rendering
csr

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
en-CA
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
api-1
leon.casino/
163 B
452 B
Fetch
General
Full URL
https://leon.casino/api-1
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.153.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a74c9b096c06d2617.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f0a02425e67a783796dbe43c01ebf516c7fc8a66de12946972b8d24ba4bbb793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
DARK
x-app-browser
chrome
x-app-version
6.94.3
x-app-os
linux
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
x-app-language
en_CA
x-app-modernity
modern
x-requested-uri
/en-ca/promo/bonuses/loyalty-program-casino
x-app-skin
leoncasino
x-app-rendering
csr

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
en-CA
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
sprite.svg
leon.casino/
704 KB
239 KB
Other
General
Full URL
https://leon.casino/sprite.svg
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-vendor-vue.d.m.a6b5d65b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.153.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a74c9b096c06d2617.awsglobalaccelerator.com
Software
nginx /
Resource Hash
fabfcf248c42ec8b189e75ee7e2e676d502e96ecbaea40a4668aeb7680656d6d

Request headers

Referer
https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
gzip
last-modified
Fri, 16 Aug 2024 07:37:29 GMT
server
nginx
etag
W/"66bf01b9-affb2"
content-type
image/svg+xml
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
apg-seal.js
0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com/
4 KB
2 KB
Script
General
Full URL
https://0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com/apg-seal.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-app.d.m.82a8c437.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:5400:12:fffc:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7224739197dc0b35f12e7a1189e493734243bf47779de7523a65dc796de0d2ce
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:39:46 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
via
1.1 7c55514b62254664b7255cfc5da6dc92.cloudfront.net (CloudFront)
server
cloudflare
x-amz-cf-pop
JFK50-P6
age
231
x-powered-by
Express
etag
W/"e63-iTyVue8i3MXX3s8X5A8EetsyC44"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
cf-ray
8b566e86ceae0819-IAD
x-amz-cf-id
X0B7dw__VsdoE3vs7IRovuYcj47oa2oGSH02Gm39C2kCu1_f_fuoyA==
logo.79938eaf.svg
leoncasino.gcdn.co/img/
1 KB
895 B
Image
General
Full URL
https://leoncasino.gcdn.co/img/logo.79938eaf.svg
Requested by
Host: leon.casino
URL: https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
bb0581de4c73e0dc2cc1522b7876e8d5a5f2415e2bfb648e480d6dfb812bb00f

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
br
age
10306340
x-cached-since
2024-04-21T18:51:17+00:00
x-id-fe
td2-hw-edge-gc4
content-length
561
last-modified
Thu, 18 Apr 2024 07:37:00 GMT
server
nginx
traceparent
00-893df8a7f8d0a241d84c4a1f3cde1a5a-80309e1c17484162-01
etag
"6620cd9c-231"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
vip-ic.svg
cdnimages3.gcdn.co/HRJLWPLB/files/top-nav/
4 KB
4 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/files/top-nav/vip-ic.svg
Requested by
Host: leon.casino
URL: https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
155705ad90a321b396a52fbab695bc92f9a2046aac18371fb9a172657e97c2a6

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc5
date
Mon, 19 Aug 2024 01:43:37 GMT
last-modified
Mon, 29 Jul 2024 11:38:11 GMT
server
nginx
traceparent
00-f96cb876bdc1eb37a933b44badaee79f-bc02efe6e33ca271-01
age
809158
etag
"66a77f23-106a"
x-cached-since
2024-08-09T16:57:39+00:00
content-type
image/svg+xml
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
td2-hw-edge-gc5
accept-ranges
bytes
content-length
4202
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 20:52:51 GMT
x-content-type-options
nosniff
age
276646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Aug 2025 20:52:51 GMT
async-module-slip.d.m.6252e061.js
leoncasino.gcdn.co/js/
150 KB
29 KB
Script
General
Full URL
https://leoncasino.gcdn.co/js/async-module-slip.d.m.6252e061.js
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a82550f248cccf4d2a5142aff90f51f4a8677da323176ba4738574700b91ba8a

Request headers

Referer
https://leon.casino/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc10
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
br
age
306484
x-cached-since
2024-08-15T12:35:33+00:00
x-id-fe
td2-hw-edge-gc10
content-length
29282
last-modified
Wed, 14 Aug 2024 15:46:03 GMT
server
nginx
traceparent
00-7ba866d3a3966254fdc0cc1a2a22b176-f2ad84e0ca5c9ccd-01
etag
"66bcd13b-7262"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
api-1
leon.casino/
21 KB
4 KB
Fetch
General
Full URL
https://leon.casino/api-1
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.153.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a74c9b096c06d2617.awsglobalaccelerator.com
Software
nginx /
Resource Hash
c16a051227c6790df50308732090474968e8809e143ab459213f75641b35e4b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
DARK
x-app-browser
chrome
x-app-version
6.94.3
x-app-os
linux
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
x-app-language
en_CA
x-app-modernity
modern
x-requested-uri
/en-ca/promo/bonuses/loyalty-program-casino
x-app-skin
leoncasino
x-app-rendering
csr

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
en-CA
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
api-1
leon.casino/
0
0

css2
fonts.googleapis.com/
0
0

2dedf4b1c5d04ecedd03dae6f0af4b31-leon.casino-d88c2ce2cb030fedbe4337125bc70726ae6c2a5aef9dc98a6a4da0c7728b45b8eac53ba8f597ee0bc836596e6618bab0-c3BhY2VyLXNwcml0ZS5wbmc%3D
0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com/sealassets/
0
0

2dedf4b1c5d04ecedd03dae6f0af4b31-leon.casino-d88c2ce2cb030fedbe4337125bc70726ae6c2a5aef9dc98a6a4da0c7728b45b8eac53ba8f597ee0bc836596e6618bab0-c3ByaXRlLXNlYWwucG5n
0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com/sealassets/
0
0

/
leoncas.com/rest/auth/saved-passwords/ Frame
0
0

/
leoncas.com/rest/auth/saved-passwords/
0
0

KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 07:36:14 GMT
x-content-type-options
nosniff
age
238043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18588
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Aug 2025 07:36:14 GMT
api-1
leon.casino/
1 KB
753 B
Fetch
General
Full URL
https://leon.casino/api-1
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.153.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a74c9b096c06d2617.awsglobalaccelerator.com
Software
nginx /
Resource Hash
64a51c9cff69fa000cc162d54f38e55e6e4ba32c436ea16a5d70abd73bbd1ad9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
DARK
x-app-browser
chrome
x-app-version
6.94.3
x-app-os
linux
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
x-app-language
en_CA
x-app-modernity
modern
x-requested-uri
/en-ca/promo/bonuses/loyalty-program-casino
x-app-skin
leoncasino
x-app-rendering
csr

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
en-CA
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
gb.d5b362a4.svg
leoncasino.gcdn.co/img/
871 B
562 B
Image
General
Full URL
https://leoncasino.gcdn.co/img/gb.d5b362a4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3162bcee4769e804f2e0f93911f0fca2f243e8d32773db6fd526a0a78759a584

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
br
age
11799942
x-cached-since
2024-04-04T11:57:55+00:00
x-id-fe
td2-hw-edge-gc4
content-length
407
last-modified
Wed, 03 Apr 2024 09:28:31 GMT
server
nginx
traceparent
00-fd135de8aaf27fe8ca46925aff005f56-2c8519e1e98bdadc-01
etag
"660d213f-197"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
sunSw.ed0b29cf.svg
leoncasino.gcdn.co/img/
447 B
429 B
Image
General
Full URL
https://leoncasino.gcdn.co/img/sunSw.ed0b29cf.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
775042c1fe9439c9066a6d08cb873a8be580b1f68bc1d0cec530291043fe3bd5

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
br
age
6650847
x-cached-since
2024-06-03T02:16:10+00:00
x-id-fe
td2-hw-edge-gc4
content-length
274
last-modified
Fri, 31 May 2024 10:28:03 GMT
server
nginx
traceparent
00-8566ec06a7c5ad171a01f1b37c4cfa92-5a739c4b9b93740b-01
etag
"6659a633-112"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
moonSw.42d77c61.svg
leoncasino.gcdn.co/img/
382 B
377 B
Image
General
Full URL
https://leoncasino.gcdn.co/img/moonSw.42d77c61.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c020aa5e9eb7aac89747e8a51508d90351d160dfe83e4b0a21dbbb0f05be0f9c

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
gzip
age
6650847
x-cached-since
2024-06-03T02:16:10+00:00
x-id-fe
td2-hw-edge-gc4
last-modified
Fri, 31 May 2024 10:28:03 GMT
server
nginx
traceparent
00-d04329f8fae6b9c113df63a1c2442ab8-65cd9ad8681874a0-01
etag
W/"6659a633-17e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com/
68 B
449 B
Image
General
Full URL
https://0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:5400:12:fffc:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 12:26:58 GMT
via
1.1 7c55514b62254664b7255cfc5da6dc92.cloudfront.net (CloudFront)
last-modified
Tue, 15 Dec 2020 08:04:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
393400
etag
"e679fbd466a2d656f194a5da4fa083cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
68
x-amz-cf-id
N9PLTZ4ToI1sPd5ld-G7EEB4TBelGwUfhZk0OZNplaUXBRl9ehy1Eg==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leon.casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 20:52:51 GMT
x-content-type-options
nosniff
age
276646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Aug 2025 20:52:51 GMT
instagram-15.svg
cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/
3 KB
3 KB
Image
General
Full URL
https://cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/instagram-15.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
746bae94c41adcb7178b98becf13ebcbc594756323672cf1c615ef010e76a86b

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
age
196537
x-cached-since
2024-08-16T19:08:00+00:00
x-id-fe
td2-hw-edge-gc4
content-length
3128
pragma
public
last-modified
Wed, 21 Feb 2024 07:49:59 GMT
server
nginx
traceparent
00-7ab498d33cc80346a442fad53491780c-954d4a3bbfc89dfe-01
etag
"c38-611df92dd930b"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 18 Apr 2024 18:06:45 GMT
facebook-15.svg
cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/
479 B
662 B
Image
General
Full URL
https://cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/facebook-15.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7fa26959ab75b2ce478c8dc88a969855746946c6fc88fda478b1b4f2fc4f91d0

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
age
196537
x-cached-since
2024-08-16T19:08:00+00:00
x-id-fe
td2-hw-edge-gc4
content-length
479
pragma
public
last-modified
Wed, 21 Feb 2024 07:50:33 GMT
server
nginx
traceparent
00-f38881efb8346987ba7251ea1710da53-7858124bbd3584b4-01
etag
"1df-611df94dfe66b"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 18 Apr 2024 18:06:45 GMT
best-46.svg
cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/
53 KB
53 KB
Image
General
Full URL
https://cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/best-46.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b146039c094babf2ce8c0d5bd5af4a4d6b390bb2c4c33a60f84a3bd992230c39

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
age
185141
x-cached-since
2024-08-16T22:17:56+00:00
x-id-fe
td2-hw-edge-gc4
content-length
54547
pragma
public
last-modified
Fri, 14 Apr 2023 09:53:01 GMT
server
nginx
traceparent
00-2a8bbdc8842fddb4fa9d3de6b4cf071e-a47efbfeaaaf3d02-01
etag
"d513-5f948ce831015"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 18 Apr 2024 20:28:56 GMT
18+-dark-28.svg
cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/
3 KB
3 KB
Image
General
Full URL
https://cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/18+-dark-28.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2c0b2b2f7ac364b363a152aeddf08ad89a3b4043e3347cead0206158492c8a2a

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
age
2223140
x-cached-since
2024-07-24T08:11:17+00:00
x-id-fe
td2-hw-edge-gc4
content-length
2763
pragma
public
last-modified
Thu, 10 Nov 2022 09:19:46 GMT
server
nginx
traceparent
00-4303c33b805f2d92c5e468a20129bf65-d56ed7f5c9fc5817-01
etag
"acb-5ed1a463b2a41"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000, public
cache
HIT
accept-ranges
bytes
expires
Fri, 23 Aug 2024 08:11:17 GMT
3.png
cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/
7 KB
7 KB
Image
General
Full URL
https://cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ae3ee0d6c908745639f475cfa595dacd78d7df7aec9cb487e6fcf26142bba422

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
age
2223710
x-cached-since
2024-07-24T08:01:47+00:00
x-id-fe
td2-hw-edge-gc4
content-length
6790
pragma
public
last-modified
Thu, 10 Nov 2022 07:09:21 GMT
server
nginx
traceparent
00-e57dc8f11cb34aab1ec6d89e5f22869d-772034e6769ea655-01
etag
"1a86-5ed1873d4b778"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
cache
HIT
accept-ranges
bytes
expires
Fri, 23 Aug 2024 08:01:47 GMT
2+-1.svg
cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/
4 KB
4 KB
Image
General
Full URL
https://cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/2+-1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8f8192cc09a7934950638eb68e6edb8cae9a46de6c655a40f9a588f5cf2d6269

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
age
185141
x-cached-since
2024-08-16T22:17:56+00:00
x-id-fe
td2-hw-edge-gc4
content-length
3744
pragma
public
last-modified
Thu, 10 Nov 2022 07:10:38 GMT
server
nginx
traceparent
00-ce2ef4b5d87ba68b57da59d408922bde-0788f9c0ba756222-01
etag
"ea0-5ed1878644b89"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 18 Apr 2024 20:28:56 GMT
1.svg
cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/
4 KB
4 KB
Image
General
Full URL
https://cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/1.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
67313927e62b699dcc1613cc960427b2301723d490a2a3626d1f4a073dcd66d6

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
age
185141
x-cached-since
2024-08-16T22:17:56+00:00
x-id-fe
td2-hw-edge-gc4
content-length
4284
pragma
public
last-modified
Thu, 10 Nov 2022 07:11:29 GMT
server
nginx
traceparent
00-5bcf7cce5d32da2a8a554cac10ab1e64-89719107f7b6351b-01
etag
"10bc-5ed187b77786f"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 18 Apr 2024 20:28:56 GMT
6d-3.svg
cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/
3 KB
3 KB
Image
General
Full URL
https://cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/6d-3.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
793070f67620a3fea86fc80d857382a8b1f6811104a9d39acf076a2e35e0b1ce

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
age
190574
x-cached-since
2024-08-16T20:47:23+00:00
x-id-fe
td2-hw-edge-gc4
content-length
3232
pragma
public
last-modified
Fri, 02 Jun 2023 11:07:48 GMT
server
nginx
traceparent
00-014bb356def6270d2db62436ec332c01-9d3a95fa96a10fc6-01
etag
"ca0-5fd2390348694"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 18 Apr 2024 18:50:31 GMT
SBCAwards23%20horizontal%20logo-2.svg
cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/
32 KB
32 KB
Image
General
Full URL
https://cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/SBCAwards23%20horizontal%20logo-2.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7b626c040aadee9765e07e14b599af4cc2ed9f265653b5b5ef05aee038338a7e

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
age
185141
x-cached-since
2024-08-16T22:17:56+00:00
x-id-fe
td2-hw-edge-gc4
content-length
32963
pragma
public
last-modified
Wed, 29 Nov 2023 13:29:22 GMT
server
nginx
traceparent
00-04e00bcd7e604ce4214bc91b5263904c-bd0ed17d24570d37-01
etag
"80c3-60b4a85e7943a"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 18 Apr 2024 20:28:56 GMT
SiGMA-Awards-Europe-Negative.svg
cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/
122 KB
122 KB
Image
General
Full URL
https://cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/SiGMA-Awards-Europe-Negative.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c38f15c7b168fd96961ea9673f5ab93f5e1eeac70ba805e27369f5d1febbb285

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
age
185141
x-cached-since
2024-08-16T22:17:56+00:00
x-id-fe
td2-hw-edge-gc4
content-length
124642
pragma
public
last-modified
Wed, 29 Nov 2023 13:30:55 GMT
server
nginx
traceparent
00-6d51dd971ca6a72fc962aa33fd2986e6-d81ac8a2ba66c132-01
etag
"1e6e2-60b4a8b7246f7"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 18 Apr 2024 20:28:56 GMT
kahnawake.c6903fcf.svg
leoncasino.gcdn.co/img/
14 KB
4 KB
Image
General
Full URL
https://leoncasino.gcdn.co/img/kahnawake.c6903fcf.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ad354629aa367f7dd2c5c1e9dbbf05d102cf19279603ca083873afd39de7e6ec

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-id
td2-hw-edge-gc4
date
Mon, 19 Aug 2024 01:43:37 GMT
content-encoding
br
age
10315987
x-cached-since
2024-04-21T16:10:30+00:00
x-id-fe
td2-hw-edge-gc4
content-length
4309
last-modified
Thu, 18 Apr 2024 07:37:00 GMT
server
nginx
traceparent
00-2b1cdf1ee72b5d945a18ba779444224b-dda483c7389b6637-01
etag
"6620cd9c-10d5"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
tag-manager.js
tm.ads.sportradar.com/dist/
304 KB
31 KB
Script
General
Full URL
https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2e::17d1:48c7 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
78b98b6ab63aab0fc7779b127b944569a8cd685720e090cf86390ad2c0206f2e

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
content-disposition
inline
content-length
32047
apigw-requestid
cuxrChUPDoEEJqg=
gtm.js
www.googletagmanager.com/
254 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
172d277a2bb83ebe82ba7d0b02112fbbad9e441024f43a1514ad5b701312ccba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78541
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Aug 2024 01:43:38 GMT
api-1
leon.casino/
131 B
438 B
Fetch
General
Full URL
https://leon.casino/api-1
Requested by
Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.14a59ccf553c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.153.157 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a74c9b096c06d2617.awsglobalaccelerator.com
Software
nginx /
Resource Hash
25e997ad38d5a28e3550f68f6af19d922bcdf81436ec0ee132a1aaa232191154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
DARK
x-app-browser
chrome
x-app-version
6.94.3
x-app-os
linux
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://leon.casino/en-ca/promo/bonuses/loyalty-program-casino?retentionId=b7780a13-f4bd-4661-bad1-b39d21d2ae82&utm_source=canada&qtag=a27077_t27858_c224_s
x-app-language
en_CA
x-app-modernity
modern
x-requested-uri
/en-ca/promo/bonuses/loyalty-program-casino
x-app-skin
leoncasino
x-app-rendering
csr

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
en-CA
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
js
www.googletagmanager.com/gtag/
291 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dbeb4e434a9066dd22fa1a5da3b4c6129db409b08c696765f91197907fca38a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100879
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Aug 2024 01:43:38 GMT
js
pixel-us.r2drtb.com/pixel/
474 B
808 B
Script
General
Full URL
https://pixel-us.r2drtb.com/pixel/js?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.195.101 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ca66f8a77b03fd9838cbc5ece0536f51d1e8c8a3d1face8ea1c57e8c06b22b51

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Aug 2024 01:43:38 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
474
Expires
Sat, 01 Jan 2000 00:00:00 GMT
tc.min.js
c1.rfihub.net/js/
19 KB
6 KB
Script
General
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:2200:1:76cf:fe80:93a1 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:18:45 GMT
content-encoding
gzip
via
1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
last-modified
Mon, 19 Aug 2024 01:18:35 GMT
server
Jetty(9.4.51.v20230217)
x-amz-cf-pop
JFK50-P4
age
1493
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
RSXfvb2VoAbbQua6SyooMFKMD2FPFtRvs-vR1GyhOdfOlMi-Yg96Lg==
expires
Mon, 19 Aug 2024 02:18:45 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/
80 KB
31 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:38 GMT
content-encoding
gzip
last-modified
Fri, 08 Mar 2024 07:02:31 GMT
server
nginx
x-amz-request-id
tx000009b5c41859e34eda3-0066976dc2-329720ca-default
etag
W/"1c188eabf1f0749a0cffb2c108473370"
x-cache-status
HIT, HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
gtr.min.js
dsp-media.eskimi.com/assets/js/e/
6 KB
3 KB
Script
General
Full URL
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 -, , ASN (),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
6e17b0821e9b7e789c616bac4ef7ea40f46b4b93a79b9746e836efee0e057d10
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Mon, 19 Aug 2024 01:43:38 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
871
cdn-cachedat
04/16/2024 09:28:06
cdn-pullzone
692289
last-modified
Thu, 11 Jan 2024 08:57:57 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"659fad95-1963"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
20e862618537a6dd035be23184613ead
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
expires
Wed, 16 Apr 2025 09:28:06 GMT
quant.js
secure.quantserve.com/
23 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf -, , ASN (),
Reverse DNS
Software
/
Resource Hash
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:38 GMT
content-encoding
gzip
etag
"tIg8n6xaLBY4WwNLLw9OGA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 26 Aug 2024 01:43:38 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=37094577&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1
0
1 KB
Script
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1
Protocol
H2
Server
68.67.178.10 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:38 GMT
an-x-request-uuid
da3497a3-84b6-40a9-b709-8bfe36a230d1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:38 GMT
an-x-request-uuid
91965c1b-abae-4507-b0c6-4219b7e8b2a4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixie.js
acdn.adnxs.com/dmp/up/
22 KB
8 KB
Script
General
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-Cache-Hits
158760, 15818
Date
Mon, 19 Aug 2024 01:43:38 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
51508
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
7929
X-Served-By
cache-lga21930-LGA, cache-yul1970024-YUL
Last-Modified
Wed, 19 Jun 2024 17:09:07 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1724031819.732855,VS0,VE0
ETag
W/"667310b3-587e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
Expires
Wed, 07 Aug 2024 08:11:18 GMT
admtracker.lib.min.js
pj.l.liftdsp.com/
7 KB
3 KB
Script
General
Full URL
https://pj.l.liftdsp.com/admtracker.lib.min.js
Requested by
Host: manhattanstream4.xyz
URL: https://manhattanstream4.xyz/sw_365049df-f781-9233-0bd7-23c7cfb5898a_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:c00:16:3a8f:8380:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e231ad4957b413aaef88dd602f78a6b38d22750f39eb98a61fc345645512bab

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:32:45 GMT
content-encoding
br
via
1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 11:47:16 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
662
x-amz-server-side-encryption
AES256
etag
W/"589ae1c612af869f5dc381ed3ef52717"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=900
x-amz-cf-id
W87IDwtPydul_AykjtM9YS9yDLlNvksF4iX2Qhgn_cAXGcrADl6c6w==
tracker.js
tracker.ads.sportradar.com/dist/
27 KB
7 KB
Script
General
Full URL
https://tracker.ads.sportradar.com/dist/tracker.js
Requested by
Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2e::17d1:48c7 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 08:33:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
"235331a0761142ae4fd345cdf7c7f9ed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
PG8qhSzb0400PuC0MbtvsQOP0S6CansGGlkSapQJB4FSJ11rGcdzbQ==
content-length
6405
pixel
a.sportradarserving.com/ul_cb/
Redirect Chain
  • https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
1 KB
2 KB
Script
General
Full URL
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
Protocol
H2
Server
35.211.233.246 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
11b475d685fe2d1912115870069c2a7988bd175ba9a036f30fa8a50fcca88c29

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:39 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1528
content-type
text/javascript; charset=UTF-8

Redirect headers

location
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
date
Mon, 19 Aug 2024 01:43:38 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
up
ib.adnxs.com/pixie/
9 B
309 B
Fetch
General
Full URL
https://ib.adnxs.com/pixie/up?pi=66898741-acbc-4c6d-8ae8-3d320a7a8cf7
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/up/pixie.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:38 GMT
server
nginx/1.23.4
access-control-max-age
0
access-control-allow-methods
GET, OPTIONS
content-type
application/xml
access-control-allow-origin
https://leon.casino
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
access-control-allow-headers
Content-Type
content-length
9
sp-3.8.0.js
tracker.ads.sportradar.com/dist//
73 KB
24 KB
Script
General
Full URL
https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by
Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2e::17d1:48c7 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 08:33:18 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
etag
"143272dddc33395008a84a86ac9c2e96"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
hB_b0TkFMEcAcUS-hAh8Q3OQbAUe-3cnqNzr8fiBPzzoXuXTkZ_8ng==
content-length
24162
destination
www.googletagmanager.com/gtag/
216 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-11843672&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.168 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2010a16f7accbf8e641d74bf11513cfcb6e608eccc1275934e088e747c60f018
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79300
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Aug 2024 01:43:38 GMT
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://www.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je48e0v871047016z8890860847za200zb890860847&_p=1724031818384&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=17166364.1724031819&ul=en...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=17166364.1724031819&dbk=10866847483811800023&dma=0&en=page_view&gtm=45je48e0v871047016z8890860847za200zb890860847&npa=0...
0
0
Fetch
General
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=17166364.1724031819&dbk=10866847483811800023&dma=0&en=page_view&gtm=45je48e0v871047016z8890860847za200zb890860847&npa=0&tid=G-JZZNGY93CC&dl=https%3A%2F%2Fleon.casino%3F
Protocol
H2
Server
2001:4860:4802:38::178 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:39 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:39 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=17166364.1724031819&dbk=10866847483811800023&dma=0&en=page_view&gtm=45je48e0v871047016z8890860847za200zb890860847&npa=0&tid=G-JZZNGY93CC&dl=https%3A%2F%2Fleon.casino%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
475
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixie
ib.adnxs.com/
42 B
227 B
Image
General
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=66898741-acbc-4c6d-8ae8-3d320a7a8cf7&it=1724031818825&v=0.0.38&u=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s&st=1724031818825&et=1724031819005&if=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:39 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.23.4
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
42
content-type
image/gif
seg
secure.adnxs.com/ Frame 9ACC
Redirect Chain
  • https://20828756p.rfihub.com/ca.html?ver=9&rb=43197&ca=20828756&_o=43197&_t=20828756&pe=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-46...
  • https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source...
0
0

pixel
pixel-us.r2drtb.com/
0
301 B
Image
General
Full URL
https://pixel-us.r2drtb.com/pixel?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined&site=leon.casino&ln=en-CA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.195.101 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Aug 2024 01:43:39 GMT
Server
nginx/1.14.0 (Ubuntu)
Access-Control-Allow-Origin
*
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
seg
secure.adnxs.com/
0
1 KB
Script
General
Full URL
https://secure.adnxs.com/seg?add=37094584&t=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:39 GMT
an-x-request-uuid
f7b9a1a2-44c4-4ed8-883f-edf7a66eeda7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cssession
dsp-trk.eskimi.com/tracking/
0
0

gtr
dsp-ap.eskimi.com/v2/
0
0

ac786b28-283a-4d76-a40b-23e03f94ae14.json
ps.l.liftdsp.com/
50 B
519 B
XHR
General
Full URL
https://ps.l.liftdsp.com/ac786b28-283a-4d76-a40b-23e03f94ae14.json
Requested by
Host: pj.l.liftdsp.com
URL: https://pj.l.liftdsp.com/admtracker.lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:ea00:5:e0f4:e840:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:43:39 GMT
via
1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
522
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
50
last-modified
Wed, 07 Aug 2024 15:08:37 GMT
server
AmazonS3
etag
"e96cd5af6f065e5048b3ddd2913dac50"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=900
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
QGmkjHXoUtglKo_oe7AIV1BoLP_RbtwqKsMToq_DiLkt7cLIkSTCiQ==
rules-p-C_a3_CVaT9dWt.js
rules.quantcount.com/
222 B
703 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-C_a3_CVaT9dWt.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:7000:6:44e3:f8c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a789b44412d2879eaf23bdec3da4f565594749435f436640a8f9bb35477fd10

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 01:01:30 GMT
via
1.1 2f04b33f21912079fa9d6afaee0c5dd0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2768
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
222
last-modified
Wed, 02 Aug 2023 13:00:19 GMT
server
AmazonS3
etag
"834f5ada9a90a08951234afdc6ad228e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
nEp_yOZ46lgwSNGlNGOKlvu4eW0cvpB6avBE1m3JLttoRi9oLFXxmg==
/
track.adform.net/Serving/TrackPoint/
0
0

/
a1.adform.net/Serving/TrackPoint/
0
0

activityi;src=11843672;type=safev0;cat=safeg000;ord=4205164389991;npa=0;auiddc=466101468.1724031819;ps=1;pcor=1917012409;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0...
11843672.fls.doubleclick.net/ Frame 1BC5
0
0

activity;register_conversion=1;src=11843672;type=safev0;cat=safeg000;ord=4205164389991;npa=0;auiddc=466101468.1724031819;ps=1;pcor=1917012409;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noa...
ad.doubleclick.net/
0
0

sync
x.bidswitch.net/
0
0

sync
x.bidswitch.net/
0
0

sync
x.bidswitch.net/
0
0

syncd
x.bidswitch.net/
0
0

seg
secure.adnxs.com/
0
1 KB
Script
General
Full URL
https://secure.adnxs.com/seg?add=37094581&t=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://leon.casino/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 01:43:39 GMT
an-x-request-uuid
6b447dc9-6448-4af0-8fe4-e8031bfa67d0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel;r=67595483;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae...
pixel.quantserve.com/
0
0

pixel
pool.admedo.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
leon.casino
URL
https://leon.casino/api-1
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;900&display=swap&family=Prompt:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Domain
0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com
URL
https://0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com/sealassets/2dedf4b1c5d04ecedd03dae6f0af4b31-leon.casino-d88c2ce2cb030fedbe4337125bc70726ae6c2a5aef9dc98a6a4da0c7728b45b8eac53ba8f597ee0bc836596e6618bab0-c3BhY2VyLXNwcml0ZS5wbmc%3D
Domain
0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com
URL
https://0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com/sealassets/2dedf4b1c5d04ecedd03dae6f0af4b31-leon.casino-d88c2ce2cb030fedbe4337125bc70726ae6c2a5aef9dc98a6a4da0c7728b45b8eac53ba8f597ee0bc836596e6618bab0-c3ByaXRlLXNlYWwucG5n?status=valid
Domain
leoncas.com
URL
https://leoncas.com/rest/auth/saved-passwords/
Domain
leoncas.com
URL
https://leoncas.com/rest/auth/saved-passwords/
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s&pf=
Domain
dsp-trk.eskimi.com
URL
https://dsp-trk.eskimi.com/tracking/cssession?tst&id=28935&url=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s&t=1724031819089
Domain
dsp-ap.eskimi.com
URL
https://dsp-ap.eskimi.com/v2/gtr?id=28935&url=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s&t=1724031819090
Domain
track.adform.net
URL
https://track.adform.net/Serving/TrackPoint/?pm=3024289&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=837686317657&ADFtpmode=2&loc=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s&Set1=en-CA%7Cen-CA%7C1600x1200%7C24
Domain
a1.adform.net
URL
https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=794139442901&ADFtpmode=2&loc=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s&Set1=en-CA%7Cen-CA%7C1600x1200%7C24
Domain
11843672.fls.doubleclick.net
URL
https://11843672.fls.doubleclick.net/activityi;src=11843672;type=safev0;cat=safeg000;ord=4205164389991;npa=0;auiddc=466101468.1724031819;ps=1;pcor=1917012409;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9190706784za200zb871047016;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s?
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/activity;register_conversion=1;src=11843672;type=safev0;cat=safeg000;ord=4205164389991;npa=0;auiddc=466101468.1724031819;ps=1;pcor=1917012409;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9190706784za200zb871047016;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s?
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=bf687bf9-af15-4b4e-9629-6dff52c3c0a9&cb=c0d6549a-4822-4635-b46d-c0e2510af67a
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=bf687bf9-af15-4b4e-9629-6dff52c3c0a9&cb=d4ee2f1c-566a-47c3-89c7-7c8466dfbf5e
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=bf687bf9-af15-4b4e-9629-6dff52c3c0a9&cb=04e34266-e40b-4177-9827-5504fa57b413
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/syncd?dsp_id=409&user_id=bf687bf9-af15-4b4e-9629-6dff52c3c0a9&user_group=3&redir=%2F%2Fuse.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel;r=67595483;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2Fleon.casino%2Fen-ca%2Fpromo%2Fbonuses%2Floyalty-program-casino%3FretentionId%3Db7780a13-f4bd-4661-bad1-b39d21d2ae82%26utm_source%3Dcanada%26qtag%3Da27077_t27858_c224_s;uht=2;fpan=1;fpa=P0-863061019-1724031819148;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=leon.casino;dst=1;et=1724031819290;tzo=420;ogl=image.https%3A%2F%2Fleonbets3%252Egcdn%252Eco%2FHRJLWPLB%2Fimages%2Fog%2Fleon%252Epng;ses=71d31454-cf47-475f-8243-bb84f59869e9;mdl=
Domain
pool.admedo.com
URL
https://pool.admedo.com/pixel?id=154038&t=js

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __webpack_public_path__ object| initConfig object| webpackChunk_frontend_web function| _ object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ object| mainApp function| _0x2da5 object| apg_0dd241d4_88f7_4a0b_8325_0c40ac10fc44 object| APG function| _0xdd0a

13 Cookies

Domain/Path Name / Value
us.skated.co/nty/postback Name: platform_user_id
Value: desktop:7edec3264c4cc7d2a77eb034906c4cd3
us.skated.co/nty/postback Name: platform_user_id_3rd_party
Value: desktop:7edec3264c4cc7d2a77eb034906c4cd3
us.skated.co/nty/postback Name: platform_user_id_from_ssp
Value: platform:06dc17856676b2c39345c57c8cc0e307
us.skated.co/nty/postback Name: platform_user_id_from_ssp_3rd_party
Value: platform:06dc17856676b2c39345c57c8cc0e307
.mgid.com/ Name: __cf_bm
Value: fmPyCdMla_o3JaoJfgTMX67RbFAKGf7y4piP_U3VdRU-1724031812-1.0.1.1-wirRf0fRR8eKTJDTJqfuEAY.KdtmjNWhfQCQOhJ67hj07LbVqEn9v9eBw494gUOlAiuWYE1DqIFxdN5WeSTHmQ
.mgid.com/ Name: muidn
Value: o7iz3f_9K5Hi
leon.casino/ Name: ABTestSeed
Value: 12
leon.casino/ Name: qtag
Value: a27077_t27858_c224_s
leon.casino/ Name: qtag_rfrr
Value: a27077_t27858_c224_s-null
leon.casino/ Name: ipfrom
Value: 167.114.209.103
leon.casino/ Name: utm_source
Value: canada
leon.casino/ Name: retentionId
Value: b7780a13-f4bd-4661-bad1-b39d21d2ae82
leon.casino/ Name: x-app-language
Value: en_CA

1 Console Messages

Source Level URL
Text
network error URL: https://manhattanstream4.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com
11843672.fls.doubleclick.net
a.sportradarserving.com
a1.adform.net
acdn.adnxs.com
ad.doubleclick.net
ads-us.r2drtb.com
c.mgid.com
c1.rfihub.net
cdnimages2.gcdn.co
cdnimages3.gcdn.co
clck.mgid.com
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
ib.adnxs.com
leon.casino
leoncas.com
leoncasino.gcdn.co
manhattanstream4.xyz
pixel-us.r2drtb.com
pixel.quantserve.com
pj.l.liftdsp.com
pool.admedo.com
ps.l.liftdsp.com
roselocation5.xyz
rules.quantcount.com
s2.adform.net
secure.adnxs.com
secure.quantserve.com
tm.ads.sportradar.com
track-us.r2drtb.com
track.adform.net
tracker.ads.sportradar.com
us.skated.co
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
xml.pushking.net
0dd241d4-88f7-4a0b-8325-0c40ac10fc44.snippet.antillephone.com
11843672.fls.doubleclick.net
a1.adform.net
ad.doubleclick.net
dsp-ap.eskimi.com
dsp-trk.eskimi.com
fonts.googleapis.com
leon.casino
leoncas.com
pixel.quantserve.com
pool.admedo.com
secure.adnxs.com
track.adform.net
x.bidswitch.net
104.19.132.76
104.19.133.76
142.251.35.168
15.197.153.157
151.101.1.108
173.214.240.15
185.167.164.44
199.182.164.180
2001:4860:4802:38::178
2600:141b:1c00:2e::17d1:48c7
2600:9000:21dd:7000:6:44e3:f8c0:93a1
2600:9000:21dd:c00:16:3a8f:8380:93a1
2600:9000:24f0:ea00:5:e0f4:e840:93a1
2600:9000:24f1:2200:1:76cf:fe80:93a1
2600:9000:2511:5400:12:fffc:7680:93a1
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:824::2008
2620:116:800b:21:a021:b886:81cc:55cf
2a00:1d26:8771::12
2a00:1d26:c771::11
2a02:6ea0:c454::1
2a03:90c0:9996::9996
35.211.233.246
68.67.178.10
88.214.195.101
88.214.195.112
01d65e39ad41b2521645209375fee26c05d0863a13b687e4156225007609003a
023c0d24f0993e78db991bf8f4d447e712a91d7160d9567cb4663b2631ebce59
05039554133861ed7404ea826a89b5f2b08d35ad855d98905afc87ad681f874b
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb
11b475d685fe2d1912115870069c2a7988bd175ba9a036f30fa8a50fcca88c29
1334009059de0bfdd2e69b8428bb1234a8ada5a0f2225f6271bddb39610578d0
14fcf291d49e8ed5e21286d65a31251b08656ffa404e62845d6dde0f392daf96
155705ad90a321b396a52fbab695bc92f9a2046aac18371fb9a172657e97c2a6
172d277a2bb83ebe82ba7d0b02112fbbad9e441024f43a1514ad5b701312ccba
1a8e11374ebd6d21753ca4041aface7df69a5965fbea133d5bda0ebf5df1e752
2010a16f7accbf8e641d74bf11513cfcb6e608eccc1275934e088e747c60f018
25e997ad38d5a28e3550f68f6af19d922bcdf81436ec0ee132a1aaa232191154
2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4
2a789b44412d2879eaf23bdec3da4f565594749435f436640a8f9bb35477fd10
2c0b2b2f7ac364b363a152aeddf08ad89a3b4043e3347cead0206158492c8a2a
2eacc40f656e02e92f7e364b7a7e04ac64afd7e2a2060e2139e6d59f38ffef3f
30178da7de15b8e656f518f79bab12b30348156661b2b6c8293bc9a1411a0288
3162bcee4769e804f2e0f93911f0fca2f243e8d32773db6fd526a0a78759a584
35a38ac06e7fa2b8eee7dd079dfbc1f5ff57f2af8f8fc9a31b28855b3330e343
376da8e02e0d14441afc6dcccaf797fc748f10e529c8e297d715ae03dd5e102f
3c280be6891ca5143257d8b85488d25d70131e341e7273599f5e269596eef227
3f476217073523d6a928b308721f676eefd41ee402888412a039dbac42800f1b
41836e29b83c27bb9c48a57ee7e987c826b813b75caecdf135156336ae6f00bb
4c1c639fc0250c7a5a55b04091af0986d4de1038c10b0a97f48daeb51bd0d29c
4e231ad4957b413aaef88dd602f78a6b38d22750f39eb98a61fc345645512bab
4f1e3cd206c139f7c4a3fe7aee0b0a69d760b721458ac107e432515fcdf34d5b
5348dcee6746a9fa4370c196b33ea4db8ffa6b91bc3d8c8fe7f04e20af85088a
60802c5f058bb0171368f6319adeeb64b3dface5f03c4e4701d5ce0087ca314b
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
64a51c9cff69fa000cc162d54f38e55e6e4ba32c436ea16a5d70abd73bbd1ad9
67313927e62b699dcc1613cc960427b2301723d490a2a3626d1f4a073dcd66d6
6e17b0821e9b7e789c616bac4ef7ea40f46b4b93a79b9746e836efee0e057d10
7224739197dc0b35f12e7a1189e493734243bf47779de7523a65dc796de0d2ce
746bae94c41adcb7178b98becf13ebcbc594756323672cf1c615ef010e76a86b
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
775042c1fe9439c9066a6d08cb873a8be580b1f68bc1d0cec530291043fe3bd5
7817e340f1924eec217db688c5fe66beca15364fad3d42d05778abc8d52c6e0d
78b98b6ab63aab0fc7779b127b944569a8cd685720e090cf86390ad2c0206f2e
793070f67620a3fea86fc80d857382a8b1f6811104a9d39acf076a2e35e0b1ce
7b626c040aadee9765e07e14b599af4cc2ed9f265653b5b5ef05aee038338a7e
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7fa26959ab75b2ce478c8dc88a969855746946c6fc88fda478b1b4f2fc4f91d0
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8bef7b80bb1299d791259d637f28d7002a111591bf0d61dbc40d850bf8374625
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
8f8192cc09a7934950638eb68e6edb8cae9a46de6c655a40f9a588f5cf2d6269
9a98674b09b37609bb5c06d71e9a68673cc5720f3fd1eee87a1889eaac3a85dc
a82550f248cccf4d2a5142aff90f51f4a8677da323176ba4738574700b91ba8a
ac6d4386d37da0384c5c8a6e4ca3c95f8d65b20f3904ac3491f60195c32f278c
ad354629aa367f7dd2c5c1e9dbbf05d102cf19279603ca083873afd39de7e6ec
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
ae3ee0d6c908745639f475cfa595dacd78d7df7aec9cb487e6fcf26142bba422
b146039c094babf2ce8c0d5bd5af4a4d6b390bb2c4c33a60f84a3bd992230c39
baaf4783bfec5deedacc51cc0a7d5f82e815748d3d71c74602d3e54bb5e25621
bb0581de4c73e0dc2cc1522b7876e8d5a5f2415e2bfb648e480d6dfb812bb00f
c020aa5e9eb7aac89747e8a51508d90351d160dfe83e4b0a21dbbb0f05be0f9c
c16a051227c6790df50308732090474968e8809e143ab459213f75641b35e4b0
c38f15c7b168fd96961ea9673f5ab93f5e1eeac70ba805e27369f5d1febbb285
c4bf78a858a8484bf17bac73363af2ed6f60d8778f4b8de0678c6af012eb3388
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca66f8a77b03fd9838cbc5ece0536f51d1e8c8a3d1face8ea1c57e8c06b22b51
d433cdd7cdad80b1bcd1b74426fa91456e1c00a33f613d53995f11b69cede39a
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d7151c36b75db9469e442ade91112892922cdddf4c28db6cbb98d404baf8f384
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dbeb4e434a9066dd22fa1a5da3b4c6129db409b08c696765f91197907fca38a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e5f10e11104b505cea2347294473cd0a70792ef91c0df9412a2fc588d07c65dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a02425e67a783796dbe43c01ebf516c7fc8a66de12946972b8d24ba4bbb793
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f763bdcac5045b18348691543a732bcd61c27c3c22ec648036287e268008f039
fabfcf248c42ec8b189e75ee7e2e676d502e96ecbaea40a4668aeb7680656d6d