leannashair.com Open in urlscan Pro
172.67.192.120 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tayo4dbawang.me/
Effective URL:
https://leannashair.com/
Submission: On August 07 via api (August 7th 2024, 5:39:42 am UTC) from US — Scanned from DE

Summary HTTP 59 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 12 domains to perform 59 HTTP transactions. The main IP is 172.67.192.120, located in United States and belongs to CLOUDFLARENET, US. The main domain is leannashair.com.
TLS certificate: Issued by WE1 on July 24th 2024. Valid for: 3 months.

This is the only time leannashair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:50a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.192.120 172.67.192.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	51.68.36.8 51.68.36.8	16276 (OVH) (OVH)
15	2606:4700::68... 2606:4700::6812:dc0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19 20	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.16.193 172.217.16.193	15169 (GOOGLE) (GOOGLE)
1	54.39.156.32 54.39.156.32	16276 (OVH) (OVH)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
59	11

1 2606:4700:3031::6815:50a5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tayo4dbawang.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.192.120 (United States)

ASN13335 (CLOUDFLARENET, US)

leannashair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.36.8 (United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3121917.ip-51-68-36.eu

i.gifer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:dc0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.d32jers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnlp.sgp1.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

object-d001-cloud.cloudstoragesharingservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 188.114.97.3 (Amsterdam, Netherlands) 19 redirects

ASN13335 (CLOUDFLARENET, US)

landingsplash.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net

sstatic1.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	cloudstoragesharingservice.com object-d001-cloud.cloudstoragesharingservice.com — Cisco Umbrella Rank: 13412	648 KB
19	landingsplash.xyz 19 redirects landingsplash.xyz — Cisco Umbrella Rank: 15931	9 KB
14	d32jers.com cdn.d32jers.com — Cisco Umbrella Rank: 178677	1 MB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	153 KB
7	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 7953	409 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123	253 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 20480	3 KB
1	histats.com sstatic1.histats.com — Cisco Umbrella Rank: 28380	163 B
1	digitaloceanspaces.com cdnlp.sgp1.cdn.digitaloceanspaces.com	16 KB
1	gifer.com i.gifer.com — Cisco Umbrella Rank: 114870	18 KB
1	leannashair.com leannashair.com	12 KB
1	tayo4dbawang.me 1 redirects tayo4dbawang.me	444 B
59	12

	Domain	Requested by
23	object-d001-cloud.cloudstoragesharingservice.com	leannashair.com
19	landingsplash.xyz	19 redirects
14	cdn.d32jers.com	leannashair.com
8	cdn.ampproject.org	leannashair.com cdn.ampproject.org
7	blogger.googleusercontent.com	leannashair.com
1	region1.google-analytics.com	cdn.ampproject.org
1	amp.analytics-debugger.com	cdn.ampproject.org
1	sstatic1.histats.com	leannashair.com
1	cdnlp.sgp1.cdn.digitaloceanspaces.com	leannashair.com
1	i.gifer.com	leannashair.com
1	leannashair.com
1	tayo4dbawang.me	1 redirects
59	12

This site contains links to these domains. Also see Links.

Domain
hsllink.com
demogamesfree.pragmaticplay.net
m.pgsoft-games.com
app-test.insvr.com
redirector32.valueactive.eu
redirector3.valueactive.eu
api-ire1.5p1n5.com
api.whatsapp.com
secure.livechatenterprise.com

Subject Issuer	Validity	Valid
leannashair.com WE1	`2024-07-24` - `2024-10-22`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
misc-sni.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
gifer.com R10	`2024-06-27` - `2024-09-25`	3 months	crt.sh
d32jers.com E5	`2024-08-01` - `2024-10-30`	3 months	crt.sh
*.sgp1.cdn.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-19` - `2025-05-07`	a year	crt.sh
cloudstoragesharingservice.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
histats.com R11	`2024-08-06` - `2024-11-04`	3 months	crt.sh
analytics-debugger.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://leannashair.com/
Frame ID: 6686A027A473AB88EF61FEBEDCADD806
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Slot Demo PG Soft & Pragmatic Play: Gacor, Gratis, Maxwin

Page URL History Show full URLs

https://tayo4dbawang.me/ HTTP 301
https://leannashair.com/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Page Statistics

59
Requests

66 %
HTTPS

45 %
IPv6

12
Domains

12
Subdomains

11
IPs

5
Countries

2598 kB
Transfer

3102 kB
Size

2
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://hsllink.com/slottayo

Search URL Search Domain Scan URL

URL: https://hsllink.com/0KetMV
Title: Masuk

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?gameSymbol=vs20olympgate&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobby_url=https%3A%2F%2Fwww.pragmaticplay.com%2Fen%2F&lang=EN&cur=USD

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=id&cur=IDR&websiteUrl=demogamesfree.pragmaticplay.net%26&gameSymbol=vs20gatotgates&jurisdiction=99&lobbyUrl=https://demoslot.monster

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?gameSymbol=vs20fruitsw&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobby_url=https%3A%2F%2Fwww.pragmaticplay.com%2Fen%2F&lang=ID&cur=IDR

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/74/index.html?l=id&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2&from=https://demoslot.monster/&language=id-ID&__refer=m.pg-redirect.net&or=static.pgsoft-games.com

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/135/index.html?l=id&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2&from=https://demoslot.monster/&language=id-ID&__refer=m.pg-redirect.net&or=static.pgsoft-games.com

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/89/index.html?l=id&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2&from=https://www.demoslot.monster/&language=id-ID&__refer=m.pg-redirect.net&or=static.pgsoft-games.com

Search URL Search Domain Scan URL

URL: https://app-test.insvr.com/games/?brandid=a9d542ac-c9bb-e311-93f6-80c16e0883f4&brandgameid=a103867f-7f21-467c-9208-5ee7149820cb&mode=fun&locale=id&ifrm=1&lobbyurl=pm-closeGame

Search URL Search Domain Scan URL

URL: https://app-test.insvr.com/games/?brandid=a9d542ac-c9bb-e311-93f6-80c16e0883f4&brandgameid=e5a04f51-6d20-4504-91bc-d17656d2e542&mode=fun&locale=id&ifrm=1&lobbyurl=pm-closeGame

Search URL Search Domain Scan URL

URL: https://redirector32.valueactive.eu/Casino/Default.aspx?applicationid=4023&serverid=22619&gameid=ancientFortunesPoseidonMegawaysDesktop&ul=en&variant=uat-demo&sext1=demo&sext2=demo&lobbyURL=http://www.microgaming.co.uk/games?pagesize=25&sortorder=Descending&sortfield=Release%20Date

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=id&cur=IDR&jurisdiction=99&gameSymbol=vs20starlightx

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?gameSymbol=vswayslions&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobby_url=https%3A%2F%2Fwww.pragmaticplay.com%2Fen%2F&lang=ID&cur=IDR

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?gameSymbol=vs40wildwest&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobby_url=https%3A%2F%2Fwww.pragmaticplay.com%2Fen%2F&lang=ID&cur=IDR

Search URL Search Domain Scan URL

URL: https://redirector3.valueactive.eu/Casino/Default.aspx?applicationid=4123&serverid=33253&gameid=mastersOfValhallaDesktop&ul=en&bankingURL=https://www.leovegas.com/account/deposit&lobbyURL=https://demoslot.lol&playmode=demo

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/53/index.html?l=id&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2&from=https://pgdemo.asia/&language=id-ID&__refer=m.pg-redirect.net&or=static.pgsoft-games.com

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?gameSymbol=vs20clustext&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobby_url=https%3A%2F%2Fwww.pragmaticplay.com%2Fen%2F&lang=EN&cur=USD

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/html5Game.do?extGame=1&symbol=vs20stckwldsc&gname=Pot%20of%20Fortune&jurisdictionID=99&mgckey=stylename@generic~SESSION@d0f1cbe1-201f-4bda-a552-2a2e03841f3c

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?gameSymbol=vswaysbewaretd&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobby_url=https%3A%2F%2Fwww.pragmaticplay.com%2Fen%2F&lang=ID&cur=IDR

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?gameSymbol=vs10bbbnz&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobby_url=https%3A%2F%2Fwww.pragmaticplay.com%2Fen%2F&lang=ID&cur=IDR

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?gameSymbol=vs20sugarrushx&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobby_url=https%3A%2F%2Fwww.pragmaticplay.com%2Fen%2F&lang=ID&cur=IDR

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?gameSymbol=vs20olympx&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobby_url=https%3A%2F%2Fwww.pragmaticplay.com%2Fen%2F&lang=ID&cur=IDR

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/1682240/index.html?l=en&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2&from=https://www.pgsoftslots.com/&_refer=m.pg-redirect.net&or=static.pgsoft-games.com&_hv=1f8e1d3b

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/1671262/index.html?l=en&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2&from=https://hellodemoslotsfunweknowyouscrapeus/&_refer=m.pg-redirect.net&or=static.pgsoft-games.com&_hv=1f8e1d3b

Search URL Search Domain Scan URL

URL: https://api-ire1.5p1n5.com/api/brands/launcher/05afe33ab70a46d6b6bbb6d8cf924dd9

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/106/index.html?l=id&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2&from=https://www.demoslot.monster/&language=id-ID&__refer=m.pg-redirect.net&or=static.pgsoft-games.com

Search URL Search Domain Scan URL

URL: https://redirector32.valueactive.eu/Casino/Default.aspx?applicationid=4023&serverid=22619&gameid=breakaway&ul=en&variant=uat-demo&sext1=demo&sext2=demo&lobbyURL=http://www.microgaming.co.uk/games?pagesize=25&sortorder=Descending&sortfield=Release%20Date

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/71/index.html?l=id&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2/&language=id-ID&__refer=m.pg-redirect.net&or=static.pgsoft-games.com

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/1312883/index.html?l=id&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2&from=https://demoslot.monster/&language=id-ID&__refer=m.pg-redirect.net&or=static.pgsoft-games.com

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/123/index.html?l=id&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2&__refer=m.pg-redirect.net&or=static.pgsoft-games.com

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/57/index.html?l=id&ot=6a4e665bff55c79e7a4675050d5bc991&btt=2&__refer=m.pg-redirect.net&or=static.pgsoft-games.com

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=id&cur=IDR&websiteUrl=demogamesfree.pragmaticplay.net%26&gameSymbol=vs15godsofwar&jurisdiction=99&lobbyUrl=https://demoslot.cloud/

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=id&cur=IDR&websiteUrl=https%3A%2F%2Fclienthub.pragmaticplay.com%2F&gcpif=2273&gameSymbol=vs20procount&jurisdiction=99&lobbyUrl=https://demoslot.cloud/

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=id&cur=IDR&websiteUrl=https%3A%2F%2Fclienthub.pragmaticplay.com%2F&gcpif=2273&gameSymbol=vs20porbs&jurisdiction=99&lobbyUrl=https://clienthub.pragmaticplay.com/slots/game-library/

Search URL Search Domain Scan URL

URL: https://app-test.insvr.com/games/?brandid=a9d542ac-c9bb-e311-93f6-80c16e0883f4&brandgameid=0dc1a412-a01a-44cc-8d65-b575ca2aa8eb&mode=fun&locale=id&ifrm=1&lobbyurl=pm-closeGame

Search URL Search Domain Scan URL

URL: https://app-test.insvr.com/games/?brandid=a9d542ac-c9bb-e311-93f6-80c16e0883f4&brandgameid=29254f13-920e-42f7-918b-8bb4a0c25388&mode=fun&locale=id&ifrm=1&lobbyurl=pm-closeGame

Search URL Search Domain Scan URL

URL: https://app-test.insvr.com/games/?brandid=a9d542ac-c9bb-e311-93f6-80c16e0883f4&brandgameid=89d47514-abaf-4056-a5e4-69ec1e67693f&mode=fun&locale=id&ifrm=1&lobbyurl=pm-closeGame

Search URL Search Domain Scan URL

URL: https://app-test.insvr.com/games/?brandid=a9d542ac-c9bb-e311-93f6-80c16e0883f4&brandgameid=a6b411b7-43da-47a3-969e-7cdce44e6d27&mode=fun&locale=id&ifrm=1&lobbyurl=pm-closeGame

Search URL Search Domain Scan URL

URL: https://app-test.insvr.com/games/?brandid=a9d542ac-c9bb-e311-93f6-80c16e0883f4&brandgameid=d6d1d02c-1973-416f-92ce-9802501132e3&mode=fun&locale=id&ifrm=1&lobbyurl=pm-closeGame

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=id&cur=IDR&websiteUrl=https%3A%2F%2Fclienthub.pragmaticplay.com%2F&gcpif=2273&gameSymbol=vs20swordofares&jurisdiction=99&lobbyUrl=https://clienthub.pragmaticplay.com/slots/game-library/

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?gameSymbol=vswayshammthor&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobby_url=https%3A%2F%2Fwww.pragmaticplay.com%2Fen%2F&lang=ID&cur=IDR

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=id&cur=IDR&gameSymbol=vs20goldfever&websiteUrl=https%3A%2F%2Fdemogamesfree.pragmaticplay.net&jurisdiction=99&lobbyURL=https%3A%2F%2Fwww.pragmaticplay.com

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=id&cur=IDR&websiteUrl=demogamesfree.pragmaticplay.net%26&gameSymbol=vs20doghousemh&jurisdiction=99&lobbyUrl=https://demoslot.monster/

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=id&cur=IDR&websiteUrl=demogamesfree.pragmaticplay.net%26&gameSymbol=vs20pistols&jurisdiction=99&lobbyUrl=https://demoslot.monster/

Search URL Search Domain Scan URL

URL: https://demogamesfree.pragmaticplay.net/gs2c/openGame.do?lang=id&cur=IDR&websiteUrl=https%3A%2F%2Fclienthub.pragmaticplay.com%2F&gcpif=2273&gameSymbol=vs20muertos&jurisdiction=99&lobbyUrl=https://clienthub.pragmaticplay.com/slots/game-library/

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/79/index.html?l=en&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2&from=https://demoslot.monster/&language=en-EN&__refer=m.pg-redirect.net&or=static.pgsoft-games.com

Search URL Search Domain Scan URL

URL: https://m.pgsoft-games.com/104/index.html?l=id&ot=ca7094186b309ee149c55c8822e7ecf2&btt=2&__refer=m.pg-redirect.net&or=static.pgsoft-games.com

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=6281352248982&text=&source=&data=
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://secure.livechatenterprise.com/licence/15293634/v2/open_chat.cgi
Title: Live Chat

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tayo4dbawang.me/ HTTP 301
https://leannashair.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://landingsplash.xyz/banner/image/games/slots/pragmatic/SugarRush1000R.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/SugarRush1000R.jpg

Request Chain 32

https://landingsplash.xyz/banner/image/games/slots/pragmatic/GatesofOlympus1000.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/GatesofOlympus1000.jpg

Request Chain 33

https://landingsplash.xyz/banner/image/games/slots/pgs/CashManiaR.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/CashManiaR.jpg

Request Chain 34

https://landingsplash.xyz/banner/image/games/slots/pgs/GemstonesGoldR.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/GemstonesGoldR.jpg

Request Chain 35

https://landingsplash.xyz/banner/image/games/slots/pgs/FortuneDragonR.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/FortuneDragonR.jpg

Request Chain 36

https://landingsplash.xyz/banner/image/games/slots/PGsoft/DewaTangkas/WaysOfQilin.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/PGsoft/DewaTangkas/WaysOfQilin.jpg

Request Chain 37

https://landingsplash.xyz/banner/image/games/slots/sg8-mg/BreakAwaySpinRoyalR.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/sg8-mg/BreakAwaySpinRoyalR.jpg

Request Chain 38

https://landingsplash.xyz/banner/image/games/slots/PGsoft/DewaTangkas/CaishenWins.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/PGsoft/DewaTangkas/CaishenWins.jpg

Request Chain 39

https://landingsplash.xyz/banner/image/games/slots/pgs/ProsperityFortuneTree.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/ProsperityFortuneTree.jpg

Request Chain 40

https://landingsplash.xyz/banner/image/games/slots/pgs/RoosterRumble.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/RoosterRumble.jpg

Request Chain 41

https://landingsplash.xyz/banner/image/games/slots/pgs/DragonHatch2R.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/DragonHatch2R.jpg

Request Chain 42

https://landingsplash.xyz/banner/image/games/slots/pragmatic/GodsofWar.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/GodsofWar.jpg

Request Chain 43

https://landingsplash.xyz/banner/image/games/slots/pragmatic/WisdomofAthena.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/WisdomofAthena.jpg

Request Chain 44

https://landingsplash.xyz/banner/image/games/slots/pragmatic/SantasGreatGift.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/SantasGreatGift.jpg

Request Chain 45

https://landingsplash.xyz/banner/image/Slots/SGWealthInn_UBO.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/SGWealthInn_UBO.jpg

Request Chain 55

https://landingsplash.xyz/banner/image/Slots/Habanero/SGFaCaiShen.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SGFaCaiShen.jpg

Request Chain 56

https://landingsplash.xyz/banner/image/Slots/Habanero/SGWildTrucks.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SGWildTrucks.jpg

Request Chain 57

https://landingsplash.xyz/banner/image/Slots/facai-shen-Boltang&DT.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/facai-shen-Boltang&DT.jpg

Request Chain 58

https://landingsplash.xyz/banner/image/Slots/Habanero/SG5LuckyLions.jpg HTTP 301
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SG5LuckyLions.jpg

59 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
leannashair.com/
Redirect Chain

https://tayo4dbawang.me/
https://leannashair.com/

71 KB
12 KB

473ms
211ms

Document
text/html

172.67.192.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leannashair.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.192.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3205c90f3606e84177e0813d9598b15fcea53b31012ed6e94421dc43b2616acd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8af4ed3cb8f79734-FRA
content-encoding: br
content-type: text/html
date: Wed, 07 Aug 2024 05:39:32 GMT
last-modified: Thu, 01 Aug 2024 14:24:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooHr%2FWcr2cBk0UX2Z%2F%2BUBy8tyeZFH5U9J%2F1yswxPFSmyk4c4TKk65bzGIctfAkWLNnOjY5Or%2FDHmP8I%2FlL%2BoCF524nkYKvfvKx79Ex0521QQECDcQ6Sxtjiwt7wZZL%2BZ5ps%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cache-control: max-age=3600
cf-ray: 8af4ed3abce21e50-FRA
content-length: 167
content-type: text/html
date: Wed, 07 Aug 2024 05:39:31 GMT
expires: Wed, 07 Aug 2024 06:39:31 GMT
location: https://leannashair.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9c0tc8Q7G%2FjAhJK8bbnl83TWENtOmDGt7Rib6gePXmbeyq47zcTm%2FRRySWM3ud6qmTsodC%2BGRnS4qS%2BONpWOXDHUuMYGQrY4e9MnglaroAQ9bpY%2F76qL57CC%2BkJdsct2%2FIYOtFOybZMs3NUm84%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Banner-24-03-2024.webp%20%20
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGfFN1k0T8BizbbA9EBHpLvq9rZIa1fsl0cJrXJOo3RUbbClPZS3KOS9DDvukTWTrIDswNGg5jKukOG9932d3q5PvkCHHJcB56v7dKO_gNDw0-DA_Hzytjkb430lyMNB1FFVLZjh9k7pOspx0m... 164 KB
164 KB 654ms
510ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGfFN1k0T8BizbbA9EBHpLvq9rZIa1fsl0cJrXJOo3RUbbClPZS3KOS9DDvukTWTrIDswNGg5jKukOG9932d3q5PvkCHHJcB56v7dKO_gNDw0-DA_Hzytjkb430lyMNB1FFVLZjh9k7pOspx0m48ib7BEHJlwT-gKB-sNVQromCoGmN70bNjObO2ya-r7u/s16000/Banner-24-03-2024.webp%20%20

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

242511c4b0659451ecf2ab76b08ec43e13d30710e2c6fc734d5fbd4f77e1a397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v32"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-24-03-2024.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168050
x-xss-protection: 0
expires: Thu, 08 Aug 2024 05:39:32 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 108ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73122
x-xss-protection: 0
server: sffe
etag: "2af4af216080b72b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Aug 2024 05:39:32 GMT

GET
H2 200 amp-bind-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
16 KB 40ms
27ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-bind-0.1.js

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13443ae5ca0734c899cfa3350a33befdf086e9a725fef1b01e6e60853221b0bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16373
x-xss-protection: 0
server: sffe
etag: "ed03e9697165ef03"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Aug 2024 05:39:32 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
12 KB 36ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a4edd02db8c4a0a4ab29fe5e7a5cc3982f1fa2d421305c67722aa42b463c056

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11527
x-xss-protection: 0
server: sffe
etag: "aef697926ee2e511"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Aug 2024 05:39:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 70ms
58ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02a85bd059f93c80bb3d1eba2d4886fad8ab0a950bc988a3471efe187d749fd0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32172
x-xss-protection: 0
server: sffe
etag: "d1ab60b03cd8a04e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Aug 2024 05:39:32 GMT

GET
H2 200 76YS.gif
i.gifer.com/ 31 KB
18 KB 220ms
132ms Image
image/gif 51.68.36.8
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.gifer.com/76YS.gif

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.68.36.8 , United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ns3121917.ip-51-68-36.eu

Software

nginx /

Resource Hash

8a7fd1d24e30f4851f746ea7c47b8dfbc9ef4897afcfb85d6ddd3bc3de48be39

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=604800
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 00:02:18 GMT
server: nginx
etag: W/"6137fd8a-7b8a"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Tayo4d.gif
cdn.d32jers.com/tayo/images/logo/ 413 KB
414 KB 162ms
28ms Image
image/gif 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/tayo/images/logo/Tayo4d.gif

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

783731d055f7f29f6980c794ceae4d980ead33dafe9e657d9ab19dede44fa0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000e845c47fd7bbcbbd-0066b258dc-3cc8d19e-sgp1b
age: 605
x-envoy-upstream-healthchecked-cluster
content-length: 422582
last-modified: Thu, 21 Dec 2023 12:55:00 GMT
server: cloudflare
etag: "d5c165ba998ca069e5f88c58966e9d32"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/gif
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8af4ed408e448f35-FRA

GET
H2 200 Banner-24-03-2024.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGfFN1k0T8BizbbA9EBHpLvq9rZIa1fsl0cJrXJOo3RUbbClPZS3KOS9DDvukTWTrIDswNGg5jKukOG9932d3q5PvkCHHJcB56v7dKO_gNDw0-DA_Hzytjkb430lyMNB1FFVLZjh9k7pOspx0m... 164 KB
164 KB 377ms
376ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

242511c4b0659451ecf2ab76b08ec43e13d30710e2c6fc734d5fbd4f77e1a397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v32"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-24-03-2024.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168050
x-xss-protection: 0
expires: Thu, 08 Aug 2024 05:39:32 GMT

GET
H2 200 isMaStB5ua1BU6oBL1rL.png
cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/ 130 KB
130 KB 334ms
203ms Image
image/png 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/isMaStB5ua1BU6oBL1rL.png

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7729b60630a85fe7db815573a8b13ce9fc492e3535e939f2cf5520c8f5bfacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000003ee070c18694a1df-0066b258d5-3cc900c0-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 132896
last-modified: Thu, 17 Nov 2022 12:24:23 GMT
server: cloudflare
etag: "add07d756b735a569522adf9029376b3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8af4ed408e428f35-FRA

GET
H2 200 GatesOfGatotKaca.png
cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/ 178 KB
178 KB 340ms
209ms Image
image/png 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/GatesOfGatotKaca.png

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6d975b72859fce895140f11d8b854a256a82370dd9fce02b074b3b6dbbf75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx0000081f88d4c42290cd3-0066b258d5-3cca6a98-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 181841
last-modified: Fri, 09 Dec 2022 18:56:59 GMT
server: cloudflare
etag: "7959a5866c9be6d868c6ad01aec2c5b8"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8af4ed408e478f35-FRA

GET
H2 200 SweetBonanza.png
cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/ 139 KB
140 KB 352ms
221ms Image
image/png 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/SweetBonanza.png

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa9f9fe1caa690f332655136280d9aa687c10f2e81d06b9fc72ee5799c9fcbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000003ef4238f20c579da-0066b258d5-3cc900c0-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 142564
last-modified: Thu, 24 Nov 2022 12:18:31 GMT
server: cloudflare
etag: "7a8baf2a9136d004dc27636462425740"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8af4ed408e458f35-FRA

GET
H2 200 AVvXsEiJpKcjmo9Xf2ycUiNbI2YEzQPh9T5ngDigjLc8fEaZBJpqGz0N7tpxLF-XIVfKuPlVrOgaFotZQVCe0zWiFriC5St1g4i05nh3J2lZpbwVpmdd-kVQEtcSDEwMBk48u7lThK7__XXpip7kp3pbtYC-uWqzQK6qJCrnWy15bn7L0MPtSGklfqtg-Km8-L6t
blogger.googleusercontent.com/img/a/ 19 KB
19 KB 704ms
703ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiJpKcjmo9Xf2ycUiNbI2YEzQPh9T5ngDigjLc8fEaZBJpqGz0N7tpxLF-XIVfKuPlVrOgaFotZQVCe0zWiFriC5St1g4i05nh3J2lZpbwVpmdd-kVQEtcSDEwMBk48u7lThK7__XXpip7kp3pbtYC-uWqzQK6qJCrnWy15bn7L0MPtSGklfqtg-Km8-L6t

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d5209cf04cf3d6a003e39bff7066912645ec15ca53c9cfe8c34a364df5331e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v15c"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="daftar.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19460
x-xss-protection: 0
expires: Thu, 08 Aug 2024 05:39:33 GMT

GET
H2 200 AVvXsEh8smPr3qyraDkb5K96eGKnLbOiCQCiqR4D8uLedVSrwmjmuspZAozDQPxNJITyuW2n3g4KS6Ya0jKq_XMJp_d-K0401fZe8fr9oefPjdPr1JxrBIzZZv5X2Asq6yG0fZAP-F2Vs0Jq94RNU-CniiuBHvdksygeyPkvpH9dIpb0qAP6UoiOGUvOcLBsDYCl
blogger.googleusercontent.com/img/a/ 20 KB
20 KB 686ms
686ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEh8smPr3qyraDkb5K96eGKnLbOiCQCiqR4D8uLedVSrwmjmuspZAozDQPxNJITyuW2n3g4KS6Ya0jKq_XMJp_d-K0401fZe8fr9oefPjdPr1JxrBIzZZv5X2Asq6yG0fZAP-F2Vs0Jq94RNU-CniiuBHvdksygeyPkvpH9dIpb0qAP6UoiOGUvOcLBsDYCl

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f5d629647a473b6523d184fdf2d20ab229c819c716540b46b7c53ab327b0486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v15b"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="login.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20212
x-xss-protection: 0
expires: Thu, 08 Aug 2024 05:39:33 GMT

GET
H2 200 wa.png
cdnlp.sgp1.cdn.digitaloceanspaces.com/webhuntinfotech.com/img/ 16 KB
16 KB 263ms
216ms Image
image/png 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnlp.sgp1.cdn.digitaloceanspaces.com/webhuntinfotech.com/img/wa.png

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee3a72b5d0c6b1dfa41c2e2f4080e14d51a74590e4beca8a8362bd73743a262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000949758d0e635035f-0066a603e4-3cc900c0-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 16025
last-modified: Mon, 04 Dec 2023 10:25:06 GMT
server: cloudflare
etag: "e5dd28710fcc5eb2d0f1a55221f386d9"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 93b7c884-f6c0-444d-a104-b2c8a4c9d835
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8af4ed400eb98f2f-FRA

GET
H2 200 AVvXsEjMT9PJJVkg1sv68TIlT8k7pJBH4fojO0iM4JOwSRcV51ObiUcpGsVfkRV_HfI2snRRZaaQCB1Zs_SOi_jWtKd1QR18K-4xFII95-QZqUgRS7_k16VBWgUuyRoKBvevBIGW2rWm2l73Pt8780RLfAEFKxUjD9mxAyF16jG4VLRzOZ7RXyjdwlG1kESqcXf6
blogger.googleusercontent.com/img/a/ 9 KB
9 KB 690ms
690ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjMT9PJJVkg1sv68TIlT8k7pJBH4fojO0iM4JOwSRcV51ObiUcpGsVfkRV_HfI2snRRZaaQCB1Zs_SOi_jWtKd1QR18K-4xFII95-QZqUgRS7_k16VBWgUuyRoKBvevBIGW2rWm2l73Pt8780RLfAEFKxUjD9mxAyF16jG4VLRzOZ7RXyjdwlG1kESqcXf6

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82b048587cabb00d192ae6709509f06af95e97a76e602ee91767f5cbfbb212e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v15b"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ayutogel.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9238
x-xss-protection: 0
expires: Thu, 08 Aug 2024 05:39:33 GMT

GET
H2 200 QFDGmwHMGE5leHNccwOF.jpg
cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/ 11 KB
11 KB 333ms
208ms Image
image/jpeg 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/QFDGmwHMGE5leHNccwOF.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da715ccdb93227b72dd50095f2c9844db6de22ac1e829dee8e9c289af03c017e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000adf81db9c0f143c1-0066b258d5-3cc900c0-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 11381
cf-bgj: h2pri
last-modified: Thu, 17 Nov 2022 12:24:04 GMT
server: cloudflare
etag: "c2fe0a94af9404974dd43776892ffa8b"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8af4ed408e488f35-FRA

GET
H2 200 wild-bounty-showdown-pg-soft.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlK-wum38Zqbbq0_4sy879Sp6Hz-H7K3pFJ-oylnBXEpCJPY-ZzVpGPy6xXsgigmozEO3_02fjQP9-vtVeMEpU79tK2N9h-yaUwDV_kBoUFunxguMG7EetwH5AsWZGZaPTEq1DvnNyZYH1oBRd... 23 KB
23 KB 473ms
472ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlK-wum38Zqbbq0_4sy879Sp6Hz-H7K3pFJ-oylnBXEpCJPY-ZzVpGPy6xXsgigmozEO3_02fjQP9-vtVeMEpU79tK2N9h-yaUwDV_kBoUFunxguMG7EetwH5AsWZGZaPTEq1DvnNyZYH1oBRdjSTBuHwSW77ptU5wIptBukSm-P6f5oMNIJpIajY54r9n/s16000/wild-bounty-showdown-pg-soft.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0d86c7a0b6c1cdf425e5bd81144ee321a88e11126ef28b2b9802ba1b738adedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v34"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="wild-bounty-showdown-pg-soft.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23064
x-xss-protection: 0
expires: Thu, 08 Aug 2024 05:39:32 GMT

GET
H2 200 jgZPEA0B2JG18oWf12oo.jpg
cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/ 11 KB
11 KB 345ms
221ms Image
image/jpeg 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/jgZPEA0B2JG18oWf12oo.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bbc1b5196a1487d4f6b2c53e8e4bee83e1960e7e7c43bb68ea0dfda6a6a47be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000005c24fdcc109267ba-0066b25985-3cc900c0-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 11387
cf-bgj: h2pri
last-modified: Thu, 17 Nov 2022 12:24:09 GMT
server: cloudflare
etag: "18c08a4b41fb97bb8d98934f0d2fc4da"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8af4ed408e498f35-FRA

GET
H2 200 KoiGateLevelUp.jpg
cdn.d32jers.com/rtpslottergacor.info/game_img/habanero/ 25 KB
25 KB 250ms
248ms Image
image/jpeg 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/habanero/KoiGateLevelUp.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94efcb212ccad2a105fcdf8e935415cabdc137691105f6932901c6a65624f28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000a4aadca88850b84d-0066b2596d-3cc900c0-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 25507
cf-bgj: h2pri
last-modified: Wed, 13 Sep 2023 15:17:18 GMT
server: cloudflare
etag: "93e5846941f010edac18155ca3670972"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8af4ed411ecd8f35-FRA

GET
H2 200 GREVf3EfnJAMJIdkk8GC.jpg
cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/ 13 KB
13 KB 211ms
210ms Image
image/jpeg 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/GREVf3EfnJAMJIdkk8GC.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b53a098a142010fcc269594112f26e2a1a6f7a9906b84dfb22d39565260a671f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000e3bf19569f38523f-0066b258d5-3cc900c0-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 13566
cf-bgj: h2pri
last-modified: Thu, 17 Nov 2022 12:24:04 GMT
server: cloudflare
etag: "8b117670ddad80a1dc21ffd01028d8f4"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8af4ed411ece8f35-FRA

GET
H2 200 U1JQnOZOx5HsLY5Mbx1F.jpg
cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/ 36 KB
36 KB 222ms
220ms Image
image/jpeg 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/U1JQnOZOx5HsLY5Mbx1F.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b43585d19d2a2adace5abc41ce70a7400454e4c8b5e7fd6a7fd1220d0c00ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000004a3878a5da1124b6-0066b25969-3cc88ff8-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 36460
cf-bgj: h2pri
last-modified: Thu, 17 Nov 2022 12:24:18 GMT
server: cloudflare
etag: "c1b5847f165baf39a3ed9850199ccf15"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8af4ed411ed18f35-FRA

GET
H2 200 StarlightPrincess1000.jpg
cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/ 25 KB
25 KB 191ms
190ms Image
image/jpeg 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/StarlightPrincess1000.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee96c7daef462660395a9898916167f945618751a4a7e404efa8d523b906fcb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000accc1967e4024e7f-0066b258d5-3cc9162e-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 25475
cf-bgj: h2pri
last-modified: Fri, 21 Jul 2023 03:48:52 GMT
server: cloudflare
etag: "3e1b685b1162c16ffbdad7f7aeace6dc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8af4ed411ed28f35-FRA

GET
H2 200 2eW6ab66kydXB19pA5GQ.png
cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/ 171 KB
172 KB 221ms
220ms Image
image/png 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/2eW6ab66kydXB19pA5GQ.png

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69319b865e54827cf6d71d2c30cf3465056311bc9ddf9637ac5dd7db0d883ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000deea10e8b653937e-0066b258e5-3cc8d19e-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 175315
last-modified: Thu, 17 Nov 2022 12:24:26 GMT
server: cloudflare
etag: "de0e49962d546ef6dd2b3a46eb40839f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8af4ed411ed38f35-FRA

GET
H2 200 pvjCGB2FYQ5Cd1esTkeF.png
cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/ 153 KB
153 KB 213ms
212ms Image
image/png 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/pvjCGB2FYQ5Cd1esTkeF.png

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e51d05e46509ee9766ab642242af6fac72524d5b9b3aaa41603ecd37039c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-amz-request-id: tx0000032347816dc9f3271-0066b258d8-3cc8d19e-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 156567
last-modified: Thu, 17 Nov 2022 12:25:27 GMT
server: cloudflare
etag: "33efb59f1c4bebdffd2934986f07693c"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 8af4ed411ed48f35-FRA

GET
H2 200 MastersOfValhalla.jpg
cdn.d32jers.com/rtpslottergacor.info/game_img/microgaming/ 18 KB
18 KB 219ms
218ms Image
image/jpeg 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/microgaming/MastersOfValhalla.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e02590d8ac2925cad733c1d1443bbd0e5c8ce77377d18894e6eac18259d504f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000a79e489f72ed55ba-0066b25985-3cca6a98-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 18494
cf-bgj: h2pri
last-modified: Wed, 18 Jan 2023 09:09:52 GMT
server: cloudflare
etag: "06151dc33f917d6e9d104601f5ce5f15"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8af4ed411ed68f35-FRA

GET
H2 200 Y3OI4f67yLa5XWtV6oOP.jpg
cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/ 11 KB
11 KB 244ms
244ms Image
image/jpeg 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.d32jers.com/rtpslottergacor.info/game_img/pragmaticplay/Y3OI4f67yLa5XWtV6oOP.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3d30642037dd33719584ff9e72ebd7748d1fc417d1011098f1c65e05221c488

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000f102aff48ad4c386-0066b258e3-3cc9162e-sgp1b
x-envoy-upstream-healthchecked-cluster
content-length: 10785
cf-bgj: h2pri
last-modified: Thu, 17 Nov 2022 12:24:06 GMT
server: cloudflare
etag: "1823609a8244f7c6b3dcda9e54304303"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: c71f771b-7f2c-492d-9d17-842e045bf3e1
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 8af4ed411ed78f35-FRA

GET
H3 200 GearsofHorusR.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/ 37 KB
38 KB 560ms
518ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/GearsofHorusR.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24821260f6fd08b4a4fe08bc22d93072530b5b84c372132e7e7e271318660dc2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Mar 2024 03:48:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e695fc-9405"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2BDn0Dq6YE37m2TaJd8Gy2%2BaMJqG1AelO4%2FlcuKCignCzp5f4aA0J4aEnP9oaDhDuz2lphfS7HHV4FsflyR5nqCc32HflnkuEd39nOGQ3K3qo1eha1yuKuVXbr6Q1hp%2BJe0s85WhCq%2BxIh7zDPLC8AXC2Hkio3EvDhhcDbiZOipW3pw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed400855b95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 37893

GET
H3 200 PotofFortuneR.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/ 34 KB
35 KB 542ms
501ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/PotofFortuneR.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

136b41c2c12220bff3bc430ba60d21953c191546484f71a1258c6b47be91c02e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 18 Mar 2024 08:25:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f7fa60-8919"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7SXVVvZSip2eIRDOBovNH%2FWf402AVSfQJQPElPRB6QkmgzaEeaUlnH1jE61A97jww%2Feb%2B9d6XSWa4mYTU%2FjoLtkURPBwXU%2FSfCSJG4hbOd1ItJRk1fc2mgKivO%2Bcbb%2B%2B9e7%2BxQM2fhQjugT40P6mE87MtKTeLNDHBt9bZUD3mtoX7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed400856b95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 35097

GET
H3 200 BewareTheDeepMegawaysR.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/ 26 KB
27 KB 554ms
551ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/BewareTheDeepMegawaysR.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d27c4f43c95556ed45c51413a6e56ca010cc1ae22ff12ccacaed06157299b9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:32 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Mar 2024 10:16:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f02b6b-6883"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wX3MdsrDe4OLp%2F%2BFnm%2FAjTdLvJVpc2WaNtTR1iQM4ZXmcLA6eiPRV%2Bzlg7s%2FNCuJvsu3VHSytAvh5BQoOEY8rEu8VKhNZXs8mEinu%2F9ZWM3bbWTDJzX8pQ9ujVNggYR0dJvxM5saKS4wXqTnKMHfbwE8FFstvcgT1Dvx09BRCwRsBJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed400850b95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 26755

GET
H3 200 BigBassDayattheRacesR.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/ 29 KB
30 KB 554ms
552ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/BigBassDayattheRacesR.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

472c4b320b51452f002f2fb20d01338d427f07894cf074e5496f7a80f41fb776

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Mar 2024 10:16:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f02b6c-746e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b2567aNG2evIMbdvsPWNhUWevewsLzpZOY%2FYPdYye8SXYq9UJUHN0AHaJdwyU6e%2FxePABTOM2v8zOPAnI%2FVYtz%2BK95fEUnYNDbpejYYh5NROSGKRc0IW75DtGqMds9BCtz5Foifz5yOSg6apdHV20Pb2C4rygi1Em3FKSnMHm7jDTv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed400853b95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 29806

GET
H3

200

SugarRush1000R.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/pragmatic/SugarRush1000R.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/SugarRush1000R.jpg

33 KB
33 KB

535ms
528ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/SugarRush1000R.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a03b9922a8a8a11dd75fd756bb04bb84a0c7eddebbc9db9459a3c7d693f467eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 22 Feb 2024 06:42:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65d6ecc1-828d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZzanCon03Dw8yDdAjg7ZQBqjNWDs%2Bs3fyf0qhLi8Fu5q03Y0WR%2BpgHbeJTFcNN85z7FBCtBj4JBBG1jXo7TUDuwYkJHjYtwUUBwJ8UPywVsktVKbPb4oXM8jdWDITvCdaeIGX0ClanOB4BhxJYYRS8zBNR20M0O%2FLHUQnJrIT5DmO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed43bb95b95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 33421

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUC9meHemgDfJhUN9R%2F1zXcMKAFOCYVh4MNW%2F0XOB1KuonVo3BpQ3kJhv1AN0%2BuwiLS%2BLklY4f6d2wtMwAFlolvAF3dDGP9Lsj0X1GoXpsXdHfGQu320Kfeax7lk6A0KEAiqqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/SugarRush1000R.jpg
cache-control: max-age=14400
cf-ray: 8af4ed403e811eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

GatesofOlympus1000.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/pragmatic/GatesofOlympus1000.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/GatesofOlympus1000.jpg

32 KB
33 KB

53ms
39ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/GatesofOlympus1000.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea63e2e9656f9c150c4846080bc913cbeb216b009b825764297fd2550c3c98b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3471
alt-svc: h3=":443"; ma=86400
content-length: 32830
last-modified: Fri, 15 Dec 2023 02:53:27 GMT
server: cloudflare
etag: "657bbfa7-803e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxtSnYqOoYws%2FkFQ%2FtHL4U0q0t1a2y%2FOp%2FYEKCrEKx84ePyXD2i6uE0Dj5I6cWDykA0xU6aZKyh6kJ08N9RT5%2BY13j%2BTFWI1OeCM5ypTXrVednogvisrFXc12z7APXCfA2KqS%2BvPwIZBa5YSmNOkUcZV5KwRKCtcn9z3mW7IFpFq0rU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed43ab84b95a-AMS

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zyAC8DQYYKT9miAGnAN9Sxs6ufjbAFZuonsrYaN5%2BDtYx124kumijSwW2AyTqRJo8hBV9ouUeVqXLxmVOdvv2OU8rjLdM7H3L7GePExmM2iFbD%2F8oQcmV7MNR3QtauC7e9TVYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/GatesofOlympus1000.jpg
cache-control: max-age=14400
cf-ray: 8af4ed403e821eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

CashManiaR.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/pgs/CashManiaR.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/CashManiaR.jpg

38 KB
38 KB

522ms
513ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/CashManiaR.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc86ec3d0d3bb25f0c11328ecee7a4046a7c86f81ada525cce7c7d27e4602b54

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 18 Mar 2024 08:22:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f7f9c9-9686"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0P9B4Q94%2BH6m5uJdrjz4SG0ipl%2F5BE%2BD9NzdhnoUNS%2Bc7Z4i4lv7gDOONaHD4pPR9NdZAR6YeKmV%2BAVZaP9DnSvUBfyE%2B1MlN4itNzGY76bjd%2BjfsOvDS0EU8KkgCtNFWTawJWroeXAAEK1vKdltka%2BC3vsR%2FSTHzer36Ea%2Bywwqac%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed43bb92b95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 38534

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jynnm92tMUPd4qIGKdEHcFG83J2PhGWoQOleM7QZ0OK7veaSfmocQu1HfyRUtAfyyUjQTOWj39jRjzOAcjiPPJouQyZXrbuevHTJOhXQZ8PDmP9mUaS6oczHpW34j9SWzZVIDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/CashManiaR.jpg
cache-control: max-age=14400
cf-ray: 8af4ed403e831eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

GemstonesGoldR.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/pgs/GemstonesGoldR.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/GemstonesGoldR.jpg

26 KB
26 KB

532ms
532ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/GemstonesGoldR.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33b6cba7a89fb6dc1eab340c972143b717997212adb4ad16e594308e607d408a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 04 Mar 2024 09:18:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e59201-66b6"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3p1N7Hs3Dq25i7SlCilcxtoHP%2BI%2FuAZw4G4c9olK1nd%2Bd9yevd37GtFXw%2FfBEK6Atjz%2F26um2JXwrcJwnr4Uwjzr7NshA7Rc9BrqTIrH%2Fzw983q5b8W3GxJr48WcpPLGfiXmfl%2Blmswbbz1qvuQtk1t8s3%2BG6Hj8aA4M1PfjlmZwog%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed453cf6b95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 26294

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7YAiwUsE%2FNYzm4lB7TTIeBQx1p%2BBOt6SzXG0lYRNUYYPBcGdnbqWY%2Bq0Syu6F69RzCh15WX0JT1D181enzG4qXae7wHBkP4FEJV3Fo9ccNuEwCtwdtoZZSwDNE6EeJ1rX0ghqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/GemstonesGoldR.jpg
cache-control: max-age=14400
cf-ray: 8af4ed41ef071eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

FortuneDragonR.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/pgs/FortuneDragonR.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/FortuneDragonR.jpg

32 KB
33 KB

537ms
537ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/FortuneDragonR.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbd6bc1b6a4ab52146fef4e7581c27aa83b37fcddc3639c1e1a0c7dca1c1e53a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Jan 2024 10:31:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65b38a01-8166"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zu8u6UY9%2Bv9T1OpLW5o3zutsGc8o7NxRUr5ZSb1qxH1wIAUnT6HvaEb9eT81PMzIbJ6CEn6zDY0s7WUVMNpgijrwSxI1cVDWeNKyj0smtwO%2F60SLJrfKacAC4OCBATnwt86w4PMkhp%2BhrCAVBjvBBSPwEci8dFWghsV04cgZMk6be4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed452cecb95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 33126

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wt1riJmO%2BcjZhftat44ewrJGbzcdddC6nnfeWTSHaB38bWXhpZp8DmZ9%2BdvxFhsjSV2dnKKs0RSAVRkvIKRI2JYC4GpzpxQ1P7Iz2dIH20UvYqmzlN60fzANzL4CjHN5Zrtp5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/FortuneDragonR.jpg
cache-control: max-age=14400
cf-ray: 8af4ed41ff091eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

WaysOfQilin.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/PGsoft/DewaTangkas/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/PGsoft/DewaTangkas/WaysOfQilin.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/PGsoft/DewaTangkas/WaysOfQilin.jpg

11 KB
12 KB

27ms
26ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/PGsoft/DewaTangkas/WaysOfQilin.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da8f8b1e4351c8df05b5aa35da0c886a9374229b1e904ffce689676e7f0c8f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1190
alt-svc: h3=":443"; ma=86400
content-length: 11738
last-modified: Fri, 20 Aug 2021 06:39:50 GMT
server: cloudflare
etag: "611f4e36-2dda"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5dhu%2BUueD1UrcERBr4u1YXDV3pk%2FNWgQoa882ZGwkHYTZO2SuaH7cw3YiMwfFuG8AgpzWRACQZNgzN64rAue%2B7XcB7fPN2XPl%2BvCIvcT6VuVrqRX9hpONGpGzEgS5OeMy0vTZzBG1nv6pDn6VJ%2F2mebWrF6bAS8fUUi4Dx9cDLz2KQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed45dd87b95a-AMS

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pozt0389yU1b0vNKf8xIrvUDGNC5C%2FevYnPEaN1hXCs7KZeptRZ%2FQGJd9jJ6U2OyrKZPKlLqYItM79%2BzKIYeeuFevYJH3VWKxLtU9vkXLMFOXu0rf3n3SCDiz5pX52lbSa7t%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/PGsoft/DewaTangkas/WaysOfQilin.jpg
cache-control: max-age=14400
cf-ray: 8af4ed429f561eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

BreakAwaySpinRoyalR.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/sg8-mg/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/sg8-mg/BreakAwaySpinRoyalR.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/sg8-mg/BreakAwaySpinRoyalR.jpg

37 KB
37 KB

515ms
514ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/sg8-mg/BreakAwaySpinRoyalR.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5bd177fbc3fd02857b148d6370846779a72b1c058cc75b77c1bcb6c4809a35

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:34 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 28 Feb 2024 08:29:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65deeef4-92ba"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5dd%2Bwgmjr%2FhRXmObpu4nc4se7bKwtLl24OiyaiukR05S2Xdnfa9NjQB%2BJv%2F52QVeU%2FME%2FgIEi7bBE0edjmsrwzkssjpu9i7wjvlBbmp68TyumHN46CQ314XSRIMOWcXOTaARjiIMR5za%2F6fodLWckHAQnkutorFNlt8azrph5%2B7n58%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed46fedeb95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 37562

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVdjNFIpEj%2F38BGgWB860q0OvUP96xOJDMiDIt5f3zxUcPDig9G20eaXONG9pgojjwf2tZ8HTH%2FyJKYFJdyK98Jci3LBYel2%2F9e4q8LbRumC59n6AmEfKPQr5N0SBC5zhzM29Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/sg8-mg/BreakAwaySpinRoyalR.jpg
cache-control: max-age=14400
cf-ray: 8af4ed43dff11eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

CaishenWins.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/PGsoft/DewaTangkas/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/PGsoft/DewaTangkas/CaishenWins.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/PGsoft/DewaTangkas/CaishenWins.jpg

11 KB
11 KB

52ms
51ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/PGsoft/DewaTangkas/CaishenWins.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c82f6ae86060ec537cb9ae708fe295eb268a1216ff18814f697586aef6f8724

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1187
alt-svc: h3=":443"; ma=86400
content-length: 10864
last-modified: Fri, 20 Aug 2021 06:39:42 GMT
server: cloudflare
etag: "611f4e2e-2a70"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zfj%2BuythepwGG6uo%2BwxHDO4S2U%2Bcjhm5ws4QXm1OG2ELT0072SWaZd2wwIGb0jU4X4pC%2Beq8q3eppXN%2BpCCApQPt3FJnx1THYI5KErrLVDuiezeuZE43Ouc4Rx4EdP2%2Fe2zuqJrtM1ukpvg77LgWTO9%2BeCvB3QkccaOJpKr1VhYQx%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed471f1ab95a-AMS

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=esIUSAFj2xfiyeKZApMGrThwqT9cXg2DPUQQUQ4qrMhEoyHe3auy6TH8XiF7GVh3DgyDq2gYwVD95Xt%2FurfwHLutnpqfEEx42XmzQVFIcdxUpcwRW%2FZVkbZZej%2FFfhfI9XftDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/PGsoft/DewaTangkas/CaishenWins.jpg
cache-control: max-age=14400
cf-ray: 8af4ed43dff41eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

ProsperityFortuneTree.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/pgs/ProsperityFortuneTree.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/ProsperityFortuneTree.jpg

28 KB
28 KB

40ms
40ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/ProsperityFortuneTree.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e26e72422012277bd47da3755747c2bf93cec4ba0faedbb50777dd0d8ccb3ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1181
alt-svc: h3=":443"; ma=86400
content-length: 28263
last-modified: Fri, 02 Sep 2022 02:29:44 GMT
server: cloudflare
etag: "63116a98-6e67"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZyeG5hLGrtBump5WWs66h31M7qwtmhk1fQ0H2yChhkbwZMMZiPPwpfCalayBR7Tjyq6QhMkoEAJv0Tpl9i6ULQCuS%2B3MHT%2FkP5qo%2B%2FOK3IXNUX6uTYEGJYUJ7f801GEsqUTIJ4kUCde4w1odNmHPBcwt5JIISw6Sps08nWOFcxztxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed472f2bb95a-AMS

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJ2TmV5fsiDkMoVrJrhTuDrwpf1dLH5QpNeIM9q8hX%2FG5FpOIv%2BpeFFDgwrhYHLYTp0gyDdoL0iXFBYHhkTGoGx5E%2BypFASyHWtYAUdlOk9Ek11Pxe29h4HTL8ug1w4tnjDngg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/ProsperityFortuneTree.jpg
cache-control: max-age=14400
cf-ray: 8af4ed43dff51eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

RoosterRumble.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/pgs/RoosterRumble.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/RoosterRumble.jpg

17 KB
18 KB

38ms
37ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/RoosterRumble.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e27e1f47daea46cae54c78dd97dc51263642069cab812f93e83e48ec94fad376

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1180
alt-svc: h3=":443"; ma=86400
content-length: 17787
last-modified: Fri, 01 Jul 2022 05:07:01 GMT
server: cloudflare
etag: "62be80f5-457b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1W6s0JOjiZdUmCBIfab0TD6P7qAk16j5Qy277sQxyxTbXVAR9xPnsKawMdydQPoF7JCySyMNAd3uu1kD2ZeIe8r9wqT2eIksqZvo6cN3v5WTOiAOdHR6SOm4AJ6zaBqgXTPux%2BCI3RNGPz%2F73OZT288%2Fk65FMvCSNExobz61puUNBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed472f29b95a-AMS

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7osH8uuGqWbN9RRVzcbBmzRAUnevcZpoDgxfFonqmvkRNOlwrqSHKdvm1Sy6BzdnRS%2BLPhisDW6%2FS%2F8dsScYuRC2mMntH1VJR8ikR2OFIQzvkO00Nehb0r7%2Bshdq4kRsh%2BJ%2BHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/RoosterRumble.jpg
cache-control: max-age=14400
cf-ray: 8af4ed43dff61eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

DragonHatch2R.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/pgs/DragonHatch2R.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/DragonHatch2R.jpg

28 KB
28 KB

530ms
530ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/DragonHatch2R.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ae7549dcbe15cc8abe5100a55902d1da2565699e5bbe937b262c38e73da38e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:34 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 15 Jan 2024 09:02:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65a4f492-6fa1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FMZo10hTIWTnx5jEqGUedRBYQXc7CylCPcMbVPxMEiEC7Jp7lnXn8gnRPBOnXrwZFEGdXlN3H20V2UPQZCHuOtkc7kHxaAhW9sizSLceHfFbCLTLoE1PJMZc7couPemnlLR2whehhD0XI7y4QJ%2FGn37cWMjMeBMlrZOu0L0tfBVLU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed471f15b95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 28577

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8gVH%2F4rb2AWyOJ%2FPzm%2FZObRlj0HyCOH1QR86%2BuArz7xD%2B8NqfJHWlcoga%2Bm1PlcselLFxS6FJrooQuLM37Mez0ajT031GBRME%2BcRT3pGzRe%2FF%2BWvCovXvb4Z3xvbtO24rzR1Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pgs/DragonHatch2R.jpg
cache-control: max-age=14400
cf-ray: 8af4ed43dff71eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

GodsofWar.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/pragmatic/GodsofWar.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/GodsofWar.jpg

31 KB
31 KB

32ms
32ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/GodsofWar.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

457a60c926502aa4ffed258f332b5d650d34a78bebf88b0493c750527dbd94ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2833
alt-svc: h3=":443"; ma=86400
content-length: 31391
last-modified: Tue, 30 May 2023 02:55:39 GMT
server: cloudflare
etag: "647565ab-7a9f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40gsiq75SNVJgZCsCZTbV%2BxQomSpbuWld7aC5ooWaGoI%2B0QgqXajVL69NI2wCV9EwY95quXd8gPgRDLAYyRq2QtrqrTvG4kmKXl6OR3KVRZdCIZKtZyQB%2BlNMw93IOhJdZ2uyFtZK9IngH3jGT7EQolM0P%2F8ZBr4ZcVWDVCWRz163AY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed471f10b95a-AMS

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QmGvWWlkWkXyWuSx6xCoMFLoGHRrP09MbFJF4k1ge%2BZ0MEbmIgX6yIVI1uTMPwisvnB1hhMKHVY1OZS2o5MJINwTrNNOkJqrNg0rcd2xWeiydZkdHn0cU9UTv7dJo7dfmiRrCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/GodsofWar.jpg
cache-control: max-age=14400
cf-ray: 8af4ed43dff81eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

WisdomofAthena.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/pragmatic/WisdomofAthena.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/WisdomofAthena.jpg

36 KB
37 KB

56ms
54ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/WisdomofAthena.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0696c2a5d61071f418824b8308f0609eb1e40da03eba3fb6fdc951a9bbf89a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3464
alt-svc: h3=":443"; ma=86400
content-length: 37010
last-modified: Mon, 29 May 2023 04:14:23 GMT
server: cloudflare
etag: "6474269f-9092"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hPxlAGqHoYuvAYnR35tblZEZftIhh5PPwkZ0NGUD06LQ3uOg4Y4PlXPUruPmRecCLvPh%2FWrddcjmt3HwS24YibfuUzox7izN%2FVtz9Se8gtDJH6meQPE6NSce3cqwSB0dnoUe9wSyokCcLiy2QdsnIGVjn0Jnfd4CWjdBFZZi22BiIK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed471f13b95a-AMS

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqdS7ZFtU0PNwX8SRGUPv1A1fqHon0yaWrm6QLR6e6Yf5BzOdf3avY7of%2BSLYvO%2FUsWlvv2qhXI0HOnYqIXWQwAzE2liUU5rgnTxmfSCXbfDKAvE2dMy8O5vb78UZ9o9y%2Brphw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/WisdomofAthena.jpg
cache-control: max-age=14400
cf-ray: 8af4ed43dff91eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

SantasGreatGift.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/
Redirect Chain

https://landingsplash.xyz/banner/image/games/slots/pragmatic/SantasGreatGift.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/SantasGreatGift.jpg

23 KB
24 KB

51ms
50ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/SantasGreatGift.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

276885b9c875c0511cdba9e770a4de1836af000bc79437ea8c10676979b50696

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2832
alt-svc: h3=":443"; ma=86400
content-length: 23686
last-modified: Tue, 29 Nov 2022 03:07:34 GMT
server: cloudflare
etag: "63857776-5c86"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FTXlx1ZNOlMY9vu45zf2WBz4MfoT8mX7PiV0TA2KJaXY0C%2FY%2F%2FlZNyTCgGKJZveZbIYtPSIcOmSJYLx2Kw1vv9%2BVoX4xZ0t0vALDUFWO%2B5b71tfShk3BLPQGZi7s7GEWbk5a1w1xwIzNfyg6DxuePKRRG747on0tz3O8Ladgodu6k6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed471f1bb95a-AMS

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rg2RvKJFa4RJGhwMDHWGs1j4o1PYjS9kHbxnxC59J6ukOfFyyNfH7Q2tvvEF9Jn%2FEO1AR919GHvfYdHAENqNKQ1M7KDG3lN3gE3tKufzc%2BjxXiqhtdjViNJB37S8LtQUG9XO3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/games/slots/pragmatic/SantasGreatGift.jpg
cache-control: max-age=14400
cf-ray: 8af4ed43dffa1eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

SGWealthInn_UBO.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/
Redirect Chain

https://landingsplash.xyz/banner/image/Slots/SGWealthInn_UBO.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/SGWealthInn_UBO.jpg

8 KB
8 KB

521ms
519ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/SGWealthInn_UBO.jpg

Requested by

Host: leannashair.com
URL: https://leannashair.com/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e82066a683d62641a28cffaa36176406c9706f6bb460ae3a02a6efdf6880f056

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:34 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Jul 2020 10:10:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f1ff97f-1f39"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WUb%2F6twnW78XzjeJDc6l0G%2BP%2BN8APxGqUJWM%2Fu%2BfDge%2FlSRH%2BdVbzZ5fatBuQbW0LoLjPbCLaTMvc0kN2f9UbpOZk6yyBAk%2FyMXoxaG%2FK8E6Bim%2FJfjjaj%2BFGsymSMmK3X54rqQQuo36EUbd2Qiq1V9f5Qynsilatg5gX7MoCK0WN5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed471f18b95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 7993

Redirect headers

date: Wed, 07 Aug 2024 05:39:33 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zOXCRjNTX3DUejMYSt%2FyVBALx162HTwHvZ%2F24aZOju2H6EunLjIV7YCjQ6fMeWwOKZcEIEwcaWO0rUy5iqH39SRBah6mVf0LaNyg1iOY7Dn1nxiutAOpn0cg3xY5tNJ9N7nz3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/SGWealthInn_UBO.jpg
cache-control: max-age=14400
cf-ray: 8af4ed43dffb1eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 8 KB
3 KB 59ms
27ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
Origin: https://leannashair.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Aug 2024 18:25:15 GMT
age: 126857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "3bb766b5672b9f2f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Aug 2025 18:25:15 GMT

GET
H3 200 ww.js Show response
cdn.ampproject.org/rtv/012406131415000/ 51 KB
14 KB 60ms
28ms Fetch
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/ww.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

0f7b02e0e4df9b624eb1272efd6bd6d70209798c2a498abd4c41e113498eea70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Aug 2024 21:22:46 GMT
age: 29806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14443
x-xss-protection: 0
server: sffe
etag: "db4454252753be3a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Aug 2025 21:22:46 GMT

GET
H/1.1 200
OK 0.gif
sstatic1.histats.com/ 43 B
163 B 321ms
95ms Image
image/gif 54.39.156.32
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sstatic1.histats.com/0.gif?4856417&101
Requested by: Host: leannashair.com
URL: https://leannashair.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562579.ip-54-39-156.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 07 Aug 2024 05:39:33 GMT
Connection: close
Content-Length: 43
Content-Type: image/gif

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 12 KB
4 KB 36ms
28ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
Origin: https://leannashair.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Aug 2024 14:59:19 GMT
age: 52813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
server: sffe
etag: "db107aa2d6068f23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Aug 2025 14:59:19 GMT

GET
BLOB 200
OK b0cfa203-6373-4afb-932a-33df7899ee72
https://leannashair.com/ 51 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://leannashair.com/b0cfa203-6373-4afb-932a-33df7899ee72
Requested by: Host: leannashair.com
URL: https://leannashair.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2f2573588d39c2620beaf6ba62a24b1ce5ced73eca1ae6722882d8b8b6e558f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 52082
Content-Type: text/javascript

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012406131415000/v0/analytics-vendors/ 2 KB
886 B 16ms
15ms Fetch
application/json 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Aug 2024 14:44:50 GMT
age: 140083
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "d5b505b371db2353"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Aug 2025 14:44:50 GMT

GET
H3 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 74ms
38ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fleannashair.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56430
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 06 Aug 2024 13:59:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G5Drv02C4Pr3E2951MBOtvVk%2B%2FaranHSv%2FLLZ86ds0n2VHwFwU1KonjxlROVg43qS73WGwBhZkK4gE2z0ijauJoN%2FNXyAJvi77nUx7Wg%2FDlG5nvFmWQu6lA3J2ZlUOASJsi3s2u6k%2FqpiPCKjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://leannashair.com
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 8af4ed462ae90bc6-AMS

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 61ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-4N7RXCY6YT&ds=AMP&_p=5734&cid=amp-4YYnVJdspJzFb3bby1vLMw&ul=de-de&sr=1600x1200&_s=1&dl=https%3A%2F%2Fleannashair.com%2F&dr=&dt=Slot%20Demo%20PG%20Soft%20%26%20Pragmatic%20Play%3A%20Gacor&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1723009174&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=leannashair.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 07 Aug 2024 05:39:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://leannashair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AVvXsEgfWY8ZHzYnQW3UHW04fESaU1LSzY3XzcGzidc0Nd8s6FfEgycJG177tTtWxatb-Krp_0U_pESeBxBLoA3qjyQHCEqWUMC1jS7pbeAE_-9tbzRQqZy9BbaFeDJ0f2PgS3L1RTiwIQF9i2Ppow9QyFCLpnZnM2tU5MegGX8lZAkXUKOrSlOSMHpMRxlqLaol
blogger.googleusercontent.com/img/a/ 10 KB
10 KB 603ms
599ms Other
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgfWY8ZHzYnQW3UHW04fESaU1LSzY3XzcGzidc0Nd8s6FfEgycJG177tTtWxatb-Krp_0U_pESeBxBLoA3qjyQHCEqWUMC1jS7pbeAE_-9tbzRQqZy9BbaFeDJ0f2PgS3L1RTiwIQF9i2Ppow9QyFCLpnZnM2tU5MegGX8lZAkXUKOrSlOSMHpMRxlqLaol

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e20b164388fc131d6bbeebbce36bf5a122d76b5337b084895989d8dbca6b4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:34 GMT
x-content-type-options: nosniff
server: fife
etag: "v1be"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tayo4d.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9819
x-xss-protection: 0
expires: Thu, 08 Aug 2024 05:39:34 GMT

GET
H3

200

SGFaCaiShen.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/
Redirect Chain

https://landingsplash.xyz/banner/image/Slots/Habanero/SGFaCaiShen.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SGFaCaiShen.jpg

40 KB
40 KB

495ms
494ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SGFaCaiShen.jpg

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9c2bebed9075b349784938252de16a90d99dee8176385deef7846aaa990f652

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:40 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Jun 2024 07:48:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66753052-9eba"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQw5UGCYJUn3D7wtxyKgNIOclvpKjs9ydH44BnWmMBKviakjiGsomFWqe8%2FViM2rEWTbrwj%2FIhrIMMCitf3Zl3lLvQNxu2Z2%2FTcGwlsKZG%2FSrzYCSOAV84GVX1WGpwrwUDzryyAujWd3VtFtDYNT78dwflBnNSqtbEeyB5vLFSEm3DU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed6cf82cb95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 40634

Redirect headers

date: Wed, 07 Aug 2024 05:39:39 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a8hN8ff1TZKBiQoGz3k6htdAOthVDZw4x1Jxu3jZkOzOlmVSyjvmcgUlsBiAyqYOfTkUp8kbHQ3DADWAtDRBTk%2BK6%2FCiKRgR1gYECjXWUe5sy%2BXduNdZKHp807f59q%2BEU6HQJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SGFaCaiShen.jpg
cache-control: max-age=14400
cf-ray: 8af4ed69bf771eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

SGWildTrucks.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/
Redirect Chain

https://landingsplash.xyz/banner/image/Slots/Habanero/SGWildTrucks.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SGWildTrucks.jpg

34 KB
35 KB

501ms
500ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SGWildTrucks.jpg

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23e11f265b86cbdbf9ab16933a2892cfbdba1206bdbfd37d7c239c94f6daf109

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:40 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Jun 2024 07:56:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66753218-89cd"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfazultY%2FMuuHe29OSPZCk3ULTXlJMP%2FNSCompfVd4KfmbdjDIE423bzeoNRJc%2FnSRZb6COhJVuzZVfR922mXaVxaeggDFKvBduz05Mx5kBh%2BdfjWQcgQ6TKMzrO4%2BpgDjFWZMRzDWlndvXEryeBc7prvNs0tbwoRt5u8TWYfbq1ZqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed6cf82ab95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 35277

Redirect headers

date: Wed, 07 Aug 2024 05:39:39 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDjsBdNEJlzxuWt841bfNbXSIRKFPL1WUACzk%2FbJ2c1QAS1GXleJLi6Ctkv%2FBHB5SoA0KwomuuqTUM0rYN9lpNVly67o0jJbyIhd7%2BDHg0nm0MIcQLPc8jtemnq8Rx11JwexAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SGWildTrucks.jpg
cache-control: max-age=14400
cf-ray: 8af4ed69bf7d1eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

facai-shen-Boltang&DT.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/
Redirect Chain

https://landingsplash.xyz/banner/image/Slots/facai-shen-Boltang&DT.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/facai-shen-Boltang&DT.jpg

14 KB
15 KB

32ms
32ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/facai-shen-Boltang&DT.jpg

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bf07eaa41564200cbcc4f2263e10c71f28ca17c0043fb438ffc641f90009ec6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4664
alt-svc: h3=":443"; ma=86400
content-length: 14748
last-modified: Wed, 29 Jan 2020 08:14:37 GMT
server: cloudflare
etag: "5e313eed-399c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygxcsJJWnz2WZYuDYVCY9jd3%2B8hZYxw3EgJb%2BtT1AE9T5Y8aOM37gYpG1ZjAhxtpqbDkOkRQX9LOrzIsArC4XCBFLBrTE0rd1XDL%2BwwPn1X4ep26T4mKbsTwrlq3C8d%2FomvjklYXWqtvWiRlCAn%2BHHEhMc9TKi%2Bunk5l6xy6WZhgPeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed69ed4ab95a-AMS

Redirect headers

date: Wed, 07 Aug 2024 05:39:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 672
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UJAArAV3s2acycLG6ACvm%2BxzWMUK%2F8yqnPOKapHLMGU1y4i228J7Oh%2BCRNUNqTXEhy1AD1S2RJqekaSOXV5e2Iz%2BQsNyx3bf9Y1DWikCQY%2Bglclv%2FqoPSAcb9LOirukomqxy0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/facai-shen-Boltang&DT.jpg
cache-control: max-age=14400
cf-ray: 8af4ed69bf7f1eda-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

SG5LuckyLions.jpg
object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/
Redirect Chain

https://landingsplash.xyz/banner/image/Slots/Habanero/SG5LuckyLions.jpg
https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SG5LuckyLions.jpg

32 KB
33 KB

512ms
511ms

Image
image/jpeg

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SG5LuckyLions.jpg

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc869e43af06a0923f8f25dee11029a2ea3888a9369877d856b04cad1384ac8d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://leannashair.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:39:40 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Jun 2024 07:52:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66753122-8058"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJ9%2BQqeEufIYzy%2FqTu054eNQ1E%2Fzr%2BlyShRYN3XYpLw4gxGAkRdRrYoKbiA2jSd09X1ZQS%2FKINlXYlYRB5DngpMR3NnvM8pA2FW7sh6Rr7iBAji6sWpTACmHP%2Fco6wWNWlcrj3M0rJlKcw8u3bkS7Ha4pgDqS818%2FTlty1f27kTNv1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8af4ed6cf82bb95a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 32856

Redirect headers

date: Wed, 07 Aug 2024 05:39:39 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlGRsCd2XPDY3HoFx1%2FXujHe5hXK5BzVdkJOrL4zIbY5XZu7RjPVlRL2DmZEee%2BszlNqLaurfK5UnwtAxH%2BUrCYxkeoZ0SdTRCU2uYEtcVAfRj8S1SJMNSCcpLehgbySbM7zdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://object-d001-cloud.cloudstoragesharingservice.com/banner/image/Slots/Habanero/SG5LuckyLions.jpg
cache-control: max-age=14400
cf-ray: 8af4ed69bf801eda-AMS
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cdn.d32jers.com/	1970-01-20 22:36:50	Name: __cf_bm Value: h8_Rt8ve51hSGm.e3HCd_GNxN_C_6QqmfCrOsllTeio-1723009172-1.0.1.1-JKCt6lgyWNUhVNk1qAFdOPTw0a3FugSSbyjv2ANezNhiYtymkErcOQC_moyaiJ6tROA1UauFygDSjPr6MkpCZg
			.leannashair.com/	1970-01-21 07:22:25	Name: _ga Value: amp-4YYnVJdspJzFb3bby1vLMw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://leannashair.com/ Message: The resource https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGfFN1k0T8BizbbA9EBHpLvq9rZIa1fsl0cJrXJOo3RUbbClPZS3KOS9DDvukTWTrIDswNGg5jKukOG9932d3q5PvkCHHJcB56v7dKO_gNDw0-DA_Hzytjkb430lyMNB1FFVLZjh9k7pOspx0m48ib7BEHJlwT-gKB-sNVQromCoGmN70bNjObO2ya-r7u/s16000/Banner-24-03-2024.webp%20%20 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amp.analytics-debugger.com
blogger.googleusercontent.com
cdn.ampproject.org
cdn.d32jers.com
cdnlp.sgp1.cdn.digitaloceanspaces.com
i.gifer.com
landingsplash.xyz
leannashair.com
object-d001-cloud.cloudstoragesharingservice.com
region1.google-analytics.com
sstatic1.histats.com
tayo4dbawang.me
172.217.16.193
172.67.192.120
188.114.96.3
188.114.97.3
2001:4860:4802:34::36
2606:4700:3031::6815:50a5
2606:4700::6812:dc0
2a00:1450:4001:806::2001
2a00:1450:4001:808::2001
51.68.36.8
54.39.156.32
02a85bd059f93c80bb3d1eba2d4886fad8ab0a950bc988a3471efe187d749fd0
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
0d27c4f43c95556ed45c51413a6e56ca010cc1ae22ff12ccacaed06157299b9b
0d86c7a0b6c1cdf425e5bd81144ee321a88e11126ef28b2b9802ba1b738adedf
0da8f8b1e4351c8df05b5aa35da0c886a9374229b1e904ffce689676e7f0c8f1
0f7b02e0e4df9b624eb1272efd6bd6d70209798c2a498abd4c41e113498eea70
13443ae5ca0734c899cfa3350a33befdf086e9a725fef1b01e6e60853221b0bc
136b41c2c12220bff3bc430ba60d21953c191546484f71a1258c6b47be91c02e
23e11f265b86cbdbf9ab16933a2892cfbdba1206bdbfd37d7c239c94f6daf109
242511c4b0659451ecf2ab76b08ec43e13d30710e2c6fc734d5fbd4f77e1a397
24821260f6fd08b4a4fe08bc22d93072530b5b84c372132e7e7e271318660dc2
276885b9c875c0511cdba9e770a4de1836af000bc79437ea8c10676979b50696
3205c90f3606e84177e0813d9598b15fcea53b31012ed6e94421dc43b2616acd
33b6cba7a89fb6dc1eab340c972143b717997212adb4ad16e594308e607d408a
3ae7549dcbe15cc8abe5100a55902d1da2565699e5bbe937b262c38e73da38e7
3bbc1b5196a1487d4f6b2c53e8e4bee83e1960e7e7c43bb68ea0dfda6a6a47be
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
457a60c926502aa4ffed258f332b5d650d34a78bebf88b0493c750527dbd94ca
46e51d05e46509ee9766ab642242af6fac72524d5b9b3aaa41603ecd37039c34
472c4b320b51452f002f2fb20d01338d427f07894cf074e5496f7a80f41fb776
4e20b164388fc131d6bbeebbce36bf5a122d76b5337b084895989d8dbca6b4e7
4fa9f9fe1caa690f332655136280d9aa687c10f2e81d06b9fc72ee5799c9fcbb
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5a4edd02db8c4a0a4ab29fe5e7a5cc3982f1fa2d421305c67722aa42b463c056
5c82f6ae86060ec537cb9ae708fe295eb268a1216ff18814f697586aef6f8724
69319b865e54827cf6d71d2c30cf3465056311bc9ddf9637ac5dd7db0d883ed8
6bf07eaa41564200cbcc4f2263e10c71f28ca17c0043fb438ffc641f90009ec6
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6e26e72422012277bd47da3755747c2bf93cec4ba0faedbb50777dd0d8ccb3ed
6f5d629647a473b6523d184fdf2d20ab229c819c716540b46b7c53ab327b0486
783731d055f7f29f6980c794ceae4d980ead33dafe9e657d9ab19dede44fa0a2
82b048587cabb00d192ae6709509f06af95e97a76e602ee91767f5cbfbb212e0
8a7fd1d24e30f4851f746ea7c47b8dfbc9ef4897afcfb85d6ddd3bc3de48be39
94efcb212ccad2a105fcdf8e935415cabdc137691105f6932901c6a65624f28d
9b43585d19d2a2adace5abc41ce70a7400454e4c8b5e7fd6a7fd1220d0c00ef0
a03b9922a8a8a11dd75fd756bb04bb84a0c7eddebbc9db9459a3c7d693f467eb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a7729b60630a85fe7db815573a8b13ce9fc492e3535e939f2cf5520c8f5bfacc
a9c2bebed9075b349784938252de16a90d99dee8176385deef7846aaa990f652
b2f2573588d39c2620beaf6ba62a24b1ce5ced73eca1ae6722882d8b8b6e558f
b53a098a142010fcc269594112f26e2a1a6f7a9906b84dfb22d39565260a671f
cbd6bc1b6a4ab52146fef4e7581c27aa83b37fcddc3639c1e1a0c7dca1c1e53a
cf6d975b72859fce895140f11d8b854a256a82370dd9fce02b074b3b6dbbf75e
d5209cf04cf3d6a003e39bff7066912645ec15ca53c9cfe8c34a364df5331e5d
da715ccdb93227b72dd50095f2c9844db6de22ac1e829dee8e9c289af03c017e
e02590d8ac2925cad733c1d1443bbd0e5c8ce77377d18894e6eac18259d504f3
e27e1f47daea46cae54c78dd97dc51263642069cab812f93e83e48ec94fad376
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
e82066a683d62641a28cffaa36176406c9706f6bb460ae3a02a6efdf6880f056
ea5bd177fbc3fd02857b148d6370846779a72b1c058cc75b77c1bcb6c4809a35
ea63e2e9656f9c150c4846080bc913cbeb216b009b825764297fd2550c3c98b5
ee96c7daef462660395a9898916167f945618751a4a7e404efa8d523b906fcb0
f0696c2a5d61071f418824b8308f0609eb1e40da03eba3fb6fdc951a9bbf89a9
f3d30642037dd33719584ff9e72ebd7748d1fc417d1011098f1c65e05221c488
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457
fc869e43af06a0923f8f25dee11029a2ea3888a9369877d856b04cad1384ac8d
fc86ec3d0d3bb25f0c11328ecee7a4046a7c86f81ada525cce7c7d27e4602b54
fee3a72b5d0c6b1dfa41c2e2f4080e14d51a74590e4beca8a8362bd73743a262

leannashair.com Open in urlscan Pro 172.67.192.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

66 %HTTPS

45 %IPv6

12 Domains

12 Subdomains

11 IPs

5 Countries

2598 kBTransfer

3102 kBSize

2 Cookies

49 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

leannashair.com Open in urlscan Pro
172.67.192.120 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

66 %
HTTPS

45 %
IPv6

12
Domains

12
Subdomains

11
IPs

5
Countries

2598 kB
Transfer

3102 kB
Size

2
Cookies

59 HTTP transactions
1 data transactions