Submitted URL: http://leon56.bet/
Effective URL: https://leon56.bet/
Submission: On January 31 via api from US — Scanned from NL

Summary

This website contacted 58 IPs in 9 countries across 59 domains to perform 182 HTTP transactions. The main IP is 164.92.210.197, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is leon56.bet.
TLS certificate: Issued by R3 on December 31st 2023. Valid for: 3 months.
This is the only time leon56.bet was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 164.92.210.197 14061 (DIGITALOC...)
72 2a03:90c0:41:... 199524 (GCORE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
1 34.120.195.249 396982 (GOOGLE-CL...)
2 88.214.195.87 46636 (NATCOWEB)
1 2600:9000:20c... 16509 (AMAZON-02)
1 37.157.5.73 198622 (ADFORM)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2620:116:800d... 16509 (AMAZON-02)
1 2 52.28.196.42 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 109.169.10.207 20860 (IOMART-AS)
1 1 193.0.160.130 54312 (ROCKETFUEL)
3 5 185.89.210.153 29990 (ASN-APPNEX)
1 34.120.139.69 396982 (GOOGLE-CL...)
1 35.186.201.99 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20c... 16509 (AMAZON-02)
2 37.157.4.28 198622 (ADFORM)
2 13 37.157.6.243 198622 (ADFORM)
1 2 142.250.74.198 15169 (GOOGLE)
2 37.157.4.29 198622 (ADFORM)
5 35.214.149.91 15169 (GOOGLE)
1 108.129.62.164 16509 (AMAZON-02)
1 23.213.165.82 16625 (AKAMAI-AS)
1 213.19.162.80 26667 (RUBICONPR...)
1 35.157.81.225 16509 (AMAZON-02)
1 5.196.111.73 16276 (OVH)
1 2607:ae80:192... 26558 (FREEWHEEL)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
5 6 77.243.51.122 42697 (NETIC-AS)
4 4 142.250.186.34 15169 (GOOGLE)
1 52.57.150.20 16509 (AMAZON-02)
2 2 54.78.254.47 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 _)
2 3 35.244.174.68 396982 (GOOGLE-CL...)
1 52.210.162.23 16509 (AMAZON-02)
2 72.246.169.24 16625 (AKAMAI-AS)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 1 3.248.27.140 16509 (AMAZON-02)
1 52.218.1.43 16509 (AMAZON-02)
1 193.135.9.134 48314 (IP-PROJECTS)
1 52.214.179.171 16509 (AMAZON-02)
1 185.64.191.210 62713 (AS-PUBMATIC)
1 18.66.192.70 16509 (AMAZON-02)
2 3 54.78.141.128 16509 (AMAZON-02)
2 2 52.212.179.124 16509 (AMAZON-02)
1 1 18.197.132.245 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 52.57.64.28 16509 (AMAZON-02)
1 52.223.40.198 16509 (AMAZON-02)
1 141.95.33.120 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
1 23.35.237.56 16625 (AKAMAI-AS)
1 2600:9000:237... 16509 (AMAZON-02)
1 46.19.11.36 51790 (SIEL)
1 13.248.245.213 16509 (AMAZON-02)
1 35.156.15.64 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.84.88.14 16509 (AMAZON-02)
3 99.84.88.70 16509 (AMAZON-02)
1 3.211.62.72 14618 (AMAZON-AES)
3 10 2a02:6b8::1:119 13238 (YANDEX)
1 15.197.143.135 ()
182 58
Apex Domain
Subdomains
Transfer
72 gcdn.co
mrspeedtime.gcdn.co
cdnimages3.gcdn.co
2 MB
16 adform.net
s2.adform.net — Cisco Umbrella Rank: 7060
track.adform.net — Cisco Umbrella Rank: 5048
a1.adform.net — Cisco Umbrella Rank: 11105
c1.adform.net — Cisco Umbrella Rank: 583
dmp.adform.net — Cisco Umbrella Rank: 3041
43 KB
16 leon56.bet
leon56.bet
281 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8747
5 KB
6 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1382
se.semasio.net — Cisco Umbrella Rank: 18095
3 KB
6 doubleclick.net
11843672.fls.doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
2 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
1 KB
5 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 490
ib.adnxs.com — Cisco Umbrella Rank: 253
5 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
4 KB
4 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2157
downloads.intercomcdn.com
280 KB
4 gstatic.com
fonts.gstatic.com
68 KB
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2054
2 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 451
831 B
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1780
load77.exelator.com — Cisco Umbrella Rank: 4039
2 KB
3 eskimi.com
dsp-media.eskimi.com — Cisco Umbrella Rank: 56798
dsp-trk.eskimi.com — Cisco Umbrella Rank: 52328
dsp-ap.eskimi.com — Cisco Umbrella Rank: 10689
4 KB
3 sportradar.com
tm.ads.sportradar.com — Cisco Umbrella Rank: 57571
tracker.ads.sportradar.com — Cisco Umbrella Rank: 60107
66 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
222 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3982
71 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1661
api-iam.intercom.io — Cisco Umbrella Rank: 2016
6 KB
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13701
631 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 727
647 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
1 KB
2 seadform.net
server.seadform.net — Cisco Umbrella Rank: 38442
933 B
2 leoncas.com
leoncas.com
571 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2298
3 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1364
pixel.quantserve.com — Cisco Umbrella Rank: 1007
10 KB
2 leonretarget.com
track.leonretarget.com — Cisco Umbrella Rank: 740794
1 KB
1 google.com
adservice.google.com — Cisco Umbrella Rank: 98
401 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2112
44 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
140 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 28504
49 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
234 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1376
163 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
1 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
149 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
456 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 544
492 B
1 userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 23811
433 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 870
225 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 784
337 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 20357
577 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 28921
380 B
1 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 2043
264 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
265 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1074
344 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
640 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
163 B
1 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 4137
38 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 477
214 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4474
235 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 698
199 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1345
703 B
1 rfihub.com
20828756p.rfihub.com
594 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
250 B
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5693
6 KB
1 sentry.io
o237537.ingest.sentry.io
324 B
182 59
Domain Requested by
47 cdnimages3.gcdn.co leon56.bet
25 mrspeedtime.gcdn.co mrspeedtime.gcdn.co
leon56.bet
16 leon56.bet 1 redirects mrspeedtime.gcdn.co
8 mc.yandex.com 2 redirects mc.yandex.ru
8 c1.adform.net 1 redirects track.adform.net
c1.adform.net
5 x.bidswitch.net leon56.bet
c1.adform.net
5 fonts.googleapis.com client
mrspeedtime.gcdn.co
4 cm.g.doubleclick.net 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
4 secure.adnxs.com 2 redirects c1.rfihub.net
c1.adform.net
3 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
3 dmp.adform.net c1.adform.net
3 a.audrte.com 2 redirects c1.adform.net
3 idsync.rlcdn.com 2 redirects c1.adform.net
3 se.semasio.net 2 redirects c1.adform.net
3 uipglob.semasio.net 3 redirects
3 www.googletagmanager.com leon56.bet
www.googletagmanager.com
2 mc.yandex.ru 1 redirects mrspeedtime.gcdn.co
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 dpm.demdex.net 2 redirects
2 tags.bluekai.com c1.adform.net
2 loadm.exelator.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 server.seadform.net leon56.bet
2 11843672.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 a1.adform.net 1 redirects leon56.bet
2 track.adform.net s2.adform.net
2 leoncas.com mrspeedtime.gcdn.co
2 a.sportradarserving.com 1 redirects leon56.bet
2 tracker.ads.sportradar.com tm.ads.sportradar.com
tracker.ads.sportradar.com
2 track.leonretarget.com www.googletagmanager.com
leon56.bet
1 downloads.intercomcdn.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io leon56.bet
1 adservice.google.com 11843672.fls.doubleclick.net
1 e1.emxdgt.com c1.adform.net
1 eb2.3lift.com c1.adform.net
1 match.contentexchange.me c1.adform.net
1 s.ad.smaato.net c1.adform.net
1 sync.teads.tv c1.adform.net
1 id5-sync.com c1.adform.net
1 match.adsrvr.org c1.adform.net
1 dsp.adfarm1.adition.com 1 redirects
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 simage2.pubmatic.com c1.adform.net
1 beacon.krxd.net c1.adform.net
1 cm.adsafety.net c1.adform.net
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 eu-u.openx.net c1.adform.net
1 sync.crwdcntrl.net c1.adform.net
1 load77.exelator.com c1.adform.net
1 ps.eyeota.net c1.adform.net
1 ib.adnxs.com 1 redirects
1 ads.stickyadstv.com c1.adform.net
1 rtb-csync.smartadserver.com c1.adform.net
1 ih.adscale.de c1.adform.net
1 token.rubiconproject.com c1.adform.net
1 ad.yieldlab.net c1.adform.net
1 ad.360yield.com c1.adform.net
1 pixel.quantserve.com leon56.bet
1 rules.quantcount.com secure.quantserve.com
1 dsp-ap.eskimi.com mrspeedtime.gcdn.co
1 dsp-trk.eskimi.com mrspeedtime.gcdn.co
1 20828756p.rfihub.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 secure.quantserve.com leon56.bet
1 dsp-media.eskimi.com leon56.bet
1 s2.adform.net leon56.bet
1 c1.rfihub.net leon56.bet
1 o237537.ingest.sentry.io mrspeedtime.gcdn.co
1 tm.ads.sportradar.com leon56.bet
182 74

This site contains links to these domains. Also see Links.

Domain
affiliates.lbaffiliates.com
lbaffiliates.com
apostas-prognosticos.com
Subject Issuer Validity Valid
leon56.bet
R3
2023-12-31 -
2024-03-30
3 months crt.sh
*.gcdn.co
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2023-07-07 -
2024-07-09
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
tracker.ads.sportradar.com
R3
2023-12-14 -
2024-03-13
3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-02 -
2024-12-02
a year crt.sh
*.leonretarget.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-18 -
2025-01-18
a year crt.sh
*.rfihub.net
Amazon RSA 2048 M03
2023-10-31 -
2024-11-28
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
*.eskimi.com
GeoTrust TLS RSA CA G1
2023-03-20 -
2024-04-12
a year crt.sh
quantserve.com
R3
2023-12-27 -
2024-03-26
3 months crt.sh
leoncas.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-02 -
2025-01-02
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.seadform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-08
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.360yield.com
Amazon RSA 2048 M01
2023-05-29 -
2024-06-26
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2023-09-17 -
2024-09-17
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.adscale.de
Amazon RSA 2048 M02
2023-07-18 -
2024-08-15
a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
eyeota.net
GoGetSSL RSA DV CA
2023-03-08 -
2024-04-07
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2023-10-08 -
2024-11-06
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-11 -
2024-12-11
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.adsafety.net
R3
2024-01-22 -
2024-04-21
3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.userreport.com
Amazon RSA 2048 M02
2023-11-20 -
2024-12-17
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
teads.tv
R3
2024-01-22 -
2024-04-21
3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03
2023-09-04 -
2024-10-02
a year crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA
2023-05-29 -
2024-06-04
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01
2023-05-03 -
2024-05-31
a year crt.sh
*.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03
2024-01-15 -
2025-02-11
a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02
2023-12-01 -
2024-12-29
a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-12-26 -
2024-06-05
5 months crt.sh
intercom-attachments-9.com
Amazon RSA 2048 M03
2024-01-18 -
2025-02-15
a year crt.sh

This page contains 6 frames:

Primary Page: https://leon56.bet/
Frame ID: 8F3EE0AB4F0861B67382B78024777597
Requests: 136 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252Fleon56.bet%252F%26pf%3D
Frame ID: 90C12A3B94F1191BC6212809995CE16F
Requests: 1 HTTP requests in this frame

Frame: https://11843672.fls.doubleclick.net/activityi;dc_pre=CNqdwK-piIQDFbcHTwgdDzkJDg;src=11843672;type=safev0;cat=safeg000;ord=3083836726965;npa=0;auiddc=1765446309.1706728030;pscdl=noapi;gtm=45fe41t0;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fleon56.bet%2F
Frame ID: 014B326B2C4C0AD1507FC4D8EFA1052A
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Frame ID: CF50FE2AADA3CAE61BFF75D48BE42510
Requests: 40 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.0dc2c5c8.js
Frame ID: C96CBAEDB09892210066B0B2FC2691A9
Requests: 4 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 194F23753E58F8827854A7A98FAFC8BD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Apostas online e Casino | Bónus Leon: Aposta grátis até 200€

Page URL History Show full URLs

  1. http://leon56.bet/ HTTP 302
    https://leon56.bet/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

182
Requests

91 %
HTTPS

24 %
IPv6

59
Domains

74
Subdomains

58
IPs

9
Countries

3617 kB
Transfer

10031 kB
Size

75
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://leon56.bet/ HTTP 302
    https://leon56.bet/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235 HTTP 302
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
Request Chain 103
  • https://20828756p.rfihub.com/ca.html?ver=9&rb=43197&ca=20828756&_o=43197&_t=20828756&pe=https%3A%2F%2Fleon56.bet%2F&pf=&ra=00884612530498563 HTTP 302
  • https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2Fleon56.bet%2F&pf= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252Fleon56.bet%252F%26pf%3D
Request Chain 116
  • https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=993101084328&ADFtpmode=2&loc=https%3A%2F%2Fleon56.bet%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=993101084328&ADFtpmode=2&loc=https%3A%2F%2Fleon56.bet%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 117
  • https://11843672.fls.doubleclick.net/activityi;src=11843672;type=safev0;cat=safeg000;ord=3083836726965;npa=0;auiddc=1765446309.1706728030;pscdl=noapi;gtm=45fe41t0;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fleon56.bet%2F HTTP 302
  • https://11843672.fls.doubleclick.net/activityi;dc_pre=CNqdwK-piIQDFbcHTwgdDzkJDg;src=11843672;type=safev0;cat=safeg000;ord=3083836726965;npa=0;auiddc=1765446309.1706728030;pscdl=noapi;gtm=45fe41t0;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fleon56.bet%2F
Request Chain 136
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8492469179888309127&expiration=1707937629 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8492469179888309127&expiration=1707937629&C=1
Request Chain 137
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8492469179888309127&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8492469179888309127&sInitiator=external HTTP 302
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=8492469179888309127&gdpr=&sInitiator=external HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=3668238134883985166&sInitiator=internal&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MURDRjI4RkY3MzRGMTY4Ng&gdpr= HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEFnUTo0eJHoAJp1yihCDpPc&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEFnUTo0eJHoAJp1yihCDpPc&sInitiator=internal&google_cver=1&gdpr=
Request Chain 139
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8492469179888309127 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8492469179888309127&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 140
  • https://idsync.rlcdn.com/398366.gif?partner_uid=8492469179888309127 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTODQ5MjQ2OTE3OTg4ODMwOTEyNxAAGg0I3bTqrQYSBQjoBxAAQgBKAA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESECublB4a--yxJ_HvS7osfo0&google_cver=1
Request Chain 144
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODQ5MjQ2OTE3OTg4ODMwOTEyNw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGW48Ho1q4O4Jn7GFrPJFR0&google_cver=1&google_ula=1641347,0
Request Chain 149
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=3668238134883985166&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=7353873387659289104
Request Chain 152
  • https://a.audrte.com/a?adform_uid=8492469179888309127 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmNnSW50ZEFnOFlSSHlZR1pwRjhOYkIydw%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 153
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8492469179888309127&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=8492469179888309127&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=83232509902390735744296389776586076218&noredirect=1
Request Chain 154
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8492469179888309127 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217543104778318295883
Request Chain 155
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7330341072021092493
Request Chain 157
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=MhvkibCj1RvfVs5
Request Chain 160
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2795908124 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=VApCMbtGPfNvLYoqFpQnZ.
Request Chain 175
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10265.uJ8ArwaFCMJdrPh8jozcY_1fokkxWRT2S7gJ-v2_RsvA-VZ8KKWBdsc3PSJdmsUb.DwuqyGz1iSmq9Otdq9FANdETZbA%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10265.dzHV387sja81rWqOrYjK3OIEoV8oX1YazV8mUuQ871rhfrT3Nlgc2xR6h41334jT_FkegeXSAZGkmM5f1DxMv0uzSMca8ZbN2vsv4nuti93nQ2aXVxbrhiGh7rG6aJm7Hh5Eq6M4mpq43D8nOeauKmqZgzpXdnaSA9OTg4YND4HzwYggvz0VYJZDdxRRMo-FZ7lAh1rpYWJ6wuOBlTjKFk_2TGMZ6Cuk5ERCM9ITUGk%2C.XtBfBPc7wkQmZ1qkXUxIpM70C-U%2C
Request Chain 180
  • https://mc.yandex.com/watch/71598811?wmode=7&page-url=https%3A%2F%2Fleon56.bet%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A851377741330%3Ahid%3A593177776%3Az%3A60%3Ai%3A20240131200713%3Aet%3A1706728033%3Ac%3A1%3Arn%3A534047047%3Arqn%3A1%3Au%3A1706728033650063245%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C52%2C1%2C49%2C0%2C%2C20%2C1%2C2128%2C2128%2C0%2C381%3Aco%3A0%3Acpf%3A1%3Ans%3A1706728028197%3Agi%3AR0ExLjEuOTMxNTc4NDg3LjE3MDY3MjgwMjk%3D%3Afp%3A263%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706728033%3At%3AApostas%20online%20e%20Casino%20%7C%20B%C3%B3nus%20Leon%3A%20Aposta%20gr%C3%A1tis%20at%C3%A9%20200%E2%82%AC&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2Fleon56.bet%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A851377741330%3Ahid%3A593177776%3Az%3A60%3Ai%3A20240131200713%3Aet%3A1706728033%3Ac%3A1%3Arn%3A534047047%3Arqn%3A1%3Au%3A1706728033650063245%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C52%2C1%2C49%2C0%2C%2C20%2C1%2C2128%2C2128%2C0%2C381%3Aco%3A0%3Acpf%3A1%3Ans%3A1706728028197%3Agi%3AR0ExLjEuOTMxNTc4NDg3LjE3MDY3MjgwMjk%3D%3Afp%3A263%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706728033%3At%3AApostas%20online%20e%20Casino%20%7C%20B%C3%B3nus%20Leon%3A%20Aposta%20gr%C3%A1tis%20at%C3%A9%20200%E2%82%AC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

182 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
leon56.bet/
Redirect Chain
  • http://leon56.bet/
  • https://leon56.bet/
21 KB
9 KB
Document
General
Full URL
https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7932a568e46a8e621c355d67c40dbab4f3e4651425a413a5d44fe4b8b84dcfa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 31 Jan 2024 19:07:08 GMT
expires
0
link
<https://mrspeedtime.gcdn.co/js/vendors.d.m.671d74c9.js>; rel=preload; as=script; crossorigin=anonymous, <https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js>; rel=preload; as=script; crossorigin=anonymous
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Wed, 31 Jan 2024 19:07:08 GMT
Location
https://leon56.bet/
Server
nginx/1.18.0 (Ubuntu)
vendors.d.m.671d74c9.js
mrspeedtime.gcdn.co/js/
97 KB
26 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/vendors.d.m.671d74c9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8587ddabce0b8a8885188878e3c472dac9f2ea3b916e4cb71a7d7fcbb98316e0

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:29+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
26674
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-2f619993c83e75f3532897babc60c3b7-8a3703a83eab1269-01
etag
"65b0d1c9-6832"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.06ca34e4c54c.js
mrspeedtime.gcdn.co/js/
379 KB
73 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1078942660d6324ca7a830be034d83a10345448265b8df4416541617cb9236fb

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-31T09:11:51+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
74330
last-modified
Mon, 29 Jan 2024 14:24:10 GMT
server
nginx
traceparent
00-790af7c826849c3e340164e925c42251-2bd3d5eb41442651-01
etag
"65b7b50a-1225a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/
5 KB
689 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a8d842dbcf583e49fc9c648d54f6fa3721dabb382b0c4afb8cb5132993a9adb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 19:03:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 19:07:08 GMT
css2
fonts.googleapis.com/
5 KB
970 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 18:13:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 19:07:08 GMT
time
leon56.bet/api-2/
13 B
327 B
Fetch
General
Full URL
https://leon56.bet/api-2/time
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3b99508cf90c21238259d723fcec9ae3ca413fbc9d403d6882139536c9f94c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-browser
chrome
x-app-version
6.80.4
x-app-os
windows
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform
web
x-app-env
prod
Referer
https://leon56.bet/
x-app-modernity
modern
x-requested-uri
/
x-app-skin
default
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
api-1
leon56.bet/
256 KB
56 KB
Fetch
General
Full URL
https://leon56.bet/api-1
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
73f414b418540a01d3a6dbaf3bc5aa900d0a4ecd2b5c2e641274022616817aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-browser
chrome
x-app-version
6.80.4
x-app-os
windows
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://leon56.bet/
x-app-modernity
modern
x-requested-uri
/
x-app-skin
default
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
nl-NL
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
webpack.d.m.bfd331fe.js
mrspeedtime.gcdn.co/js/
154 KB
16 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/webpack.d.m.bfd331fe.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e7fbc87809643ca41ca11b60874a37cde525f14a705124717aca87c5df0bd29f

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:29+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
16327
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-4837db1baf25c33ac253d5a3a730c18b-34992bd9b7d23f62-01
etag
"65b0d1c9-3fc7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendor-vue-router.d.m.5446ebc4.js
mrspeedtime.gcdn.co/js/
23 KB
8 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-vendor-vue-router.d.m.5446ebc4.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
268612056dcd8d75e80b9a72040ef4ac2542b3531bb26bdf5f0b036168c2e5fb

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:29+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
8222
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-1606595ff94534f9f56e7968289ad3dd-6374566d03597a35-01
etag
"65b0d1c9-201e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendor-vue3-observe-visibility.d.m.c3349d79.js
mrspeedtime.gcdn.co/js/
32 KB
11 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-vendor-vue3-observe-visibility.d.m.c3349d79.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c3f5c70e8fcf98eb96aef139420e81980098774cacf73638ba869ccf29aed908

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:29+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
10835
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-26c508740d82f87b9ee009d554c73d95-08c39b1484b63144-01
etag
"65b0d1c9-2a53"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendor-vue.d.m.ee0186ee.js
mrspeedtime.gcdn.co/js/
132 KB
44 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-vendor-vue.d.m.ee0186ee.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
773427138fb983dd4aed2031fa643a1e27f311c5596b63c184a555652040c73d

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:29+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
45248
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-ca59f5c8ad863e68fe2ad0ed2845a1c3-66cb1fa2336f651b-01
etag
"65b0d1c9-b0c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendor-sentry.d.m.2fb49236.js
mrspeedtime.gcdn.co/js/
117 KB
32 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-vendor-sentry.d.m.2fb49236.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0e6957f9ceb3eb5e1e1f52ed4b8ef1b61bd18b4e4592505cef744039623e39f6

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:29+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
32387
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-1f319ca046a8fa78fa47bd180722e74a-f1687eac02913b33-01
etag
"65b0d1c9-7e83"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-route-modules-core.d.m.3d9e5c47.js
mrspeedtime.gcdn.co/js/
71 KB
14 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-route-modules-core.d.m.3d9e5c47.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b556f0d6710a129708f7544b71ca2a4f386850d98af8faa99602f5a5248a89a3

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-31T09:11:51+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
14140
last-modified
Mon, 29 Jan 2024 14:24:10 GMT
server
nginx
traceparent
00-fe6b3d9cd91e81de06a2e44096696f37-31680c6e0f991c12-01
etag
"65b7b50a-373c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-profile.d.m.48477525.js
mrspeedtime.gcdn.co/js/
26 KB
7 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-module-profile.d.m.48477525.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2519877cd89f9d2c36f296b4161300cec0b0ed52550bd462d9dab18e7fb03ab1

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-31T09:11:51+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
6616
last-modified
Mon, 29 Jan 2024 14:24:10 GMT
server
nginx
traceparent
00-80909001c51ce05fa7fa3be229fbb7b1-71a9b56b03204184-01
etag
"65b7b50a-19d8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-core.d.m.8d03559f.js
mrspeedtime.gcdn.co/js/
140 KB
31 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-module-core.d.m.8d03559f.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a3806300044c4d8c2da5208c7c4f6affa84960457fe34f75f62bbc193151ae61

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-31T09:11:51+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
31880
last-modified
Mon, 29 Jan 2024 14:24:10 GMT
server
nginx
traceparent
00-ccc6e0425b1c316e16eef9468bb657ab-a9eac152f2ac5753-01
etag
"65b7b50a-7c88"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-referral-program.d.m.5140fd96.js
mrspeedtime.gcdn.co/js/
30 KB
6 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-module-referral-program.d.m.5140fd96.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1575820b156d7b236631796fa643b02f1da96f537defb8c33a39467b8aae1816

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-31T09:11:51+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
6015
last-modified
Mon, 29 Jan 2024 14:24:10 GMT
server
nginx
traceparent
00-69561ecb6e36565f046be0bca66ce7ce-0b5512d7cfddbad1-01
etag
"65b7b50a-177f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-errors.d.m.f699ca22.js
mrspeedtime.gcdn.co/js/
17 KB
4 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-module-errors.d.m.f699ca22.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0221ab7257e009949d597ab49d1c20417abf521c41d2830bb5805f66f72052e3

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:29+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
4080
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-1aa9d3334e916a8ad1b7f1705d2c14ce-65f48ddd0499b869-01
etag
"65b0d1c9-ff0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-dialogs.d.m.d55d6741.js
mrspeedtime.gcdn.co/js/
32 KB
7 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-module-dialogs.d.m.d55d6741.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
02eb20e6baafefaa73d1c54753c69e1ae9a3c793acd9fa5a893568889560579a

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-31T09:11:51+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
7168
last-modified
Mon, 29 Jan 2024 14:24:10 GMT
server
nginx
traceparent
00-80d5795ca7875c7822e0d91b4e39428f-aeba0928aad34160-01
etag
"65b7b50a-1c00"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-customer-notifications.d.m.721d8687.js
mrspeedtime.gcdn.co/js/
18 KB
4 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-module-customer-notifications.d.m.721d8687.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
cc927609fd065750a82c703c0d05f63a632175b5509edba228a1893a3406e0d1

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:29+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
4037
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-352b4aa6e74e0464d42a67e334674908-76436a0fed38e1b6-01
etag
"65b0d1c9-fc5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-app.d.m.4f892b8b.js
mrspeedtime.gcdn.co/js/
2 MB
401 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-app.d.m.4f892b8b.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9689e2e3d2a73e95a6ffe1d9a91c1c1489c7191a84b5e1197150b077a5c96a57

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-31T09:11:51+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
409693
last-modified
Mon, 29 Jan 2024 14:24:10 GMT
server
nginx
traceparent
00-0bd7a97b1d2dbf7148a6fffbc071f113-4f0a9bebb35da97a-01
etag
"65b7b50a-6405d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-vendors.d.m.396fbf21.js
mrspeedtime.gcdn.co/js/
380 KB
101 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1f65b118d555986478fb827d1d71fcc89dcc7a271252df7db2b79aa9476eef0c

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:29+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
103183
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-ef3653fe414657f7bc0176507561792d-55bc354c39d631f8-01
etag
"65b0d1c9-1930f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/
19 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap&family=Mulish:wght@400;700;900&display=swap
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-module-core.d.m.8d03559f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8540306a707e9169f22542b923f711daac148b08742acd582d5cb11a43363a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 19:00:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 19:07:08 GMT
api-1
leon56.bet/
165 B
466 B
Fetch
General
Full URL
https://leon56.bet/api-1
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4a97350b51e6b3c0e2cf2629d37e101aab20ca27665dae3bc570a0bab814feb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-browser
chrome
x-app-version
6.80.4
x-app-os
windows
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json
x-app-platform
web
x-app-env
prod
Referer
https://leon56.bet/
x-app-modernity
modern
x-requested-uri
/
x-app-skin
default
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
nl-NL
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
gtm.js
www.googletagmanager.com/
218 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d8ca571f30ea0ab41b8e44e76878cf3e8a9149e948e9ef75406dbcab9edcaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69741
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 18:19:23 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jan 2024 19:07:08 GMT
tag-manager.js
tm.ads.sportradar.com/dist/
370 KB
35 KB
Script
General
Full URL
https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c35d7693a27259b4f2b3cbf122cbf3511ebd9858b4e9a50878d0326baeb32fa4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
x-n
S
content-length
36091
apigw-requestid
Sa0OljpBjoEEPdw=
/
o237537.ingest.sentry.io/api/4505635596926976/envelope/
2 B
324 B
Fetch
General
Full URL
https://o237537.ingest.sentry.io/api/4505635596926976/envelope/?sentry_key=8f5255a92d37f60e365c68fd6703cbc0&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.80.1
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://leon56.bet/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Jan 2024 19:07:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
headline-matches
leon56.bet/api-2/betline/
60 KB
7 KB
Fetch
General
Full URL
https://leon56.bet/api-2/betline/headline-matches?ctag=pt-PT&flags=reg,urlv2,mm2,rrc&merged=true
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d96cd3d4bb4d292da511351f0c5dadb7662ed36a43d3b40e2f9054f5cd4fcdd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
X-APP-THEME
DARK
x-app-browser
chrome
x-app-version
6.80.4
x-app-os
windows
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform
web
x-app-env
prod
Referer
https://leon56.bet/
x-app-language
pt_PT
x-app-modernity
modern
x-requested-uri
/
x-app-skin
default
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
async-route-modules-sportline.d.m.c44da293.js
mrspeedtime.gcdn.co/js/
444 KB
60 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-route-modules-sportline.d.m.c44da293.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3feb48577e3085ad8a5b1e399f77e2fc1275e1f45c11de8e92f2d684d9bba39d

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-31T09:19:34+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
61724
last-modified
Mon, 29 Jan 2024 14:24:10 GMT
server
nginx
traceparent
00-d674f5051f41a294114171b52b15e960-fbaf7a3651a8d5a3-01
etag
"65b7b50a-f11c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
api-1
leon56.bet/
60 KB
8 KB
Fetch
General
Full URL
https://leon56.bet/api-1
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d18703d057bb73b6870ec414d1dbf44e86e38b3813ae41485897c0b23f38b2f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
DARK
x-app-browser
chrome
accept-language
nl-NL,nl;q=0.9
x-app-platform
web
x-app-env
prod
x-requested-uri
/
x-app-skin
default
x-app-version
6.80.4
x-app-os
windows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json
Referer
https://leon56.bet/
x-app-language
pt_PT
x-app-modernity
modern
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
nl-NL
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
sprite.378fdd12.svg
leon56.bet/img/
427 KB
148 KB
Other
General
Full URL
https://leon56.bet/img/sprite.378fdd12.svg
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendor-vue.d.m.ee0186ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
53bffb3fc98e1c04470d1dc558af73077762110b1ca60d7093f245d102c1b439

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 14:24:10 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65b7b50a-6aadc"
content-type
image/svg+xml
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-route-views-banners.d.m.281b60e1.js
mrspeedtime.gcdn.co/js/
26 KB
6 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-route-views-banners.d.m.281b60e1.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d4ea58c2a69e05111369a946a2b2d1c69597923586c7e7a81a5ca38975087940

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:31+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
6376
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-e8a1bdcae6606231b988469afea585dc-6189ba5dc2735ffb-01
etag
"65b0d1c9-18e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
async-module-slip.d.m.071e625b.js
mrspeedtime.gcdn.co/js/
164 KB
29 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-module-slip.d.m.071e625b.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6d6c5e637d7dfcc8144bcc33b4ccd7a6e3bc3ac839a088ae5b57106ff8e9709c

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:08 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:31+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
29247
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-6e449aaf7ec7ffaeaace5fc37a73bd6c-89512c3b0fbe96d9-01
etag
"65b0d1c9-723f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
headline-matches
leon56.bet/api-2/betline/
60 KB
7 KB
Fetch
General
Full URL
https://leon56.bet/api-2/betline/headline-matches?ctag=pt-PT&flags=reg,urlv2,mm2,rrc&merged=true
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d96cd3d4bb4d292da511351f0c5dadb7662ed36a43d3b40e2f9054f5cd4fcdd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
X-APP-THEME
DARK
x-app-browser
chrome
x-app-version
6.80.4
x-app-os
windows
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform
web
x-app-env
prod
Referer
https://leon56.bet/
x-app-language
pt_PT
x-app-modernity
modern
x-requested-uri
/
x-app-skin
default
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
headline-matches
leon56.bet/api-2/betline/
60 KB
7 KB
Fetch
General
Full URL
https://leon56.bet/api-2/betline/headline-matches?ctag=pt-PT&flags=reg,urlv2,mm2,rrc&merged=true
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d96cd3d4bb4d292da511351f0c5dadb7662ed36a43d3b40e2f9054f5cd4fcdd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
X-APP-THEME
DARK
x-app-browser
chrome
x-app-version
6.80.4
x-app-os
windows
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform
web
x-app-env
prod
Referer
https://leon56.bet/
x-app-language
pt_PT
x-app-modernity
modern
x-requested-uri
/
x-app-skin
default
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
logo.79938eaf.svg
mrspeedtime.gcdn.co/img/
1 KB
889 B
Image
General
Full URL
https://mrspeedtime.gcdn.co/img/logo.79938eaf.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
bb0581de4c73e0dc2cc1522b7876e8d5a5f2415e2bfb648e480d6dfb812bb00f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
br
x-cached-since
2024-01-15T11:18:31+00:00
x-id-fe
fr5-hw-edge-gc38
content-length
561
last-modified
Fri, 12 Jan 2024 14:19:36 GMT
server
nginx
traceparent
00-54a5a5bada125c3f044f8dd0b658ccff-a81627e2c8e0f772-01
etag
"65a14a78-231"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
sports
leon56.bet/api-2/betline/
139 KB
18 KB
Fetch
General
Full URL
https://leon56.bet/api-2/betline/sports?ctag=pt-PT&flags=urlv2
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4341ef2c4ebba9f521850226b89735fd6b12e1f8bed6a97412f920887fd59e00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
X-APP-THEME
DARK
x-app-browser
chrome
x-app-version
6.80.4
x-app-os
windows
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform
web
x-app-env
prod
Referer
https://leon56.bet/
x-app-language
pt_PT
x-app-modernity
modern
x-requested-uri
/
x-app-skin
default
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/webp
api-1
leon56.bet/
14 KB
5 KB
Fetch
General
Full URL
https://leon56.bet/api-1
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8b5894221ba776c811f6afb47380f616da32b8d7c992542dfedefc3d40187e84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
DARK
x-app-browser
chrome
accept-language
nl-NL,nl;q=0.9
x-app-platform
web
x-app-env
prod
x-requested-uri
/
x-app-skin
default
x-app-version
6.80.4
x-app-os
windows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json
Referer
https://leon56.bet/
x-app-language
pt_PT
x-app-modernity
modern
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
nl-NL
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
color-live-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/
622 B
753 B
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-live-1.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c3862cc2028935c5a5f21f873fe7efdc309a56a5776f5a55453c25e94c804b77

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Thu, 25 Mar 2021 21:01:52 GMT
server
nginx
traceparent
00-3634528e9d03b403029046f566ba1e38-9bf24715efb947ee-01
etag
"605cfa40-26e"
x-cached-since
2023-06-01T09:32:13+00:00
content-type
image/svg+xml
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
622
expires
Thu, 31 Dec 2037 23:55:55 GMT
color-cherry-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/
2 KB
2 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-cherry-1.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f7c787a6c2d25303927c9c7a8c60a941044203e259f96a120f8559aac119b7da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Fri, 19 Mar 2021 17:11:17 GMT
server
nginx
traceparent
00-2f135df4fe52f7a2ac301413e8f2bbc2-e83ff71ba522a425-01
etag
"6054db35-903"
x-cached-since
2023-06-01T09:32:13+00:00
content-type
image/svg+xml
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
2307
expires
Thu, 31 Dec 2037 23:55:55 GMT
color-roulette-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/
5 KB
5 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-roulette-1.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
988e9effd6680b71fa8355efb7f41e55baf7fa096fff438cc8838ad0186043a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Fri, 19 Mar 2021 17:11:17 GMT
server
nginx
traceparent
00-c200ea38b8a55452e789154698fbc9dc-040d7528b5d9037e-01
etag
"6054db35-12f5"
x-cached-since
2023-06-01T09:32:13+00:00
content-type
image/svg+xml
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
4853
expires
Thu, 31 Dec 2037 23:55:55 GMT
color-betgames-2.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/
3 KB
3 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-betgames-2.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fe26a1772d4c6a0a07b933f71d9cf7a02bf9a0e6866ba9e820b7590a957c7676

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Fri, 04 Mar 2022 12:05:53 GMT
server
nginx
traceparent
00-f9d10337a4acb1b9f38dd518ab7ee4a5-2a278206837a8e2b-01
etag
"622200a1-ab4"
x-cached-since
2023-06-01T09:32:14+00:00
content-type
image/svg+xml
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
2740
expires
Thu, 31 Dec 2037 23:55:55 GMT
color-tv-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/
700 B
809 B
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-tv-1.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7e67ee52b9a022aa7601e1a818cfa91bd7bd9dd4d4e677e24891033ed87b9b61

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Fri, 19 Mar 2021 17:11:17 GMT
server
nginx
traceparent
00-919c550fbfdea5ce724d964aa6fbb11f-8b552cb9b0ea6594-01
etag
"6054db35-2bc"
x-cached-since
2023-06-01T09:32:14+00:00
content-type
image/svg+xml
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
700
expires
Thu, 31 Dec 2037 23:55:55 GMT
color-esport.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/
3 KB
3 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-esport.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3dda9b271d14659c452372e5ea0ffeff160b98f06a8f71a1636513fcc9dee439

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Fri, 19 Mar 2021 17:11:17 GMT
server
nginx
traceparent
00-947eb6cd56605504a88205cf40aa1494-af86227a831c156c-01
etag
"6054db35-c49"
x-cached-since
2023-06-01T09:32:14+00:00
content-type
image/svg+xml
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
3145
expires
Thu, 31 Dec 2037 23:55:55 GMT
color-fastgames-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/
1 KB
1 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-fastgames-1.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fa3b577a638cbb33b1bc0324a32c3f032f945586d316b994e73b766d6e776b66

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Thu, 03 Mar 2022 12:10:23 GMT
server
nginx
traceparent
00-4b2dc19b0e59b5567f83475510228481-a422af9837eae7fc-01
etag
"6220b02f-55b"
x-cached-since
2023-06-01T09:32:14+00:00
content-type
image/svg+xml
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
1371
expires
Thu, 31 Dec 2037 23:55:55 GMT
color-promos.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/
2 KB
2 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-promos.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
78271c224efe35393eead263436870aa77b3f67c0ee8abd649edfff455c5dfec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Wed, 03 Aug 2022 11:27:28 GMT
server
nginx
traceparent
00-b7e314df41f462bd4cf49bc7c05fdcca-bee4dd6630ad41f4-01
etag
"62ea5ba0-699"
x-cached-since
2023-06-01T09:32:14+00:00
content-type
image/svg+xml
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
1689
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24_t_3036-5.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
21 KB
21 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_3036-5.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e26fd656ef994c9b426d04d1c686e699b91a0e2d396667e886688a74c16a4498

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Fri, 10 Nov 2023 14:21:17 GMT
server
nginx
traceparent
00-9ecc5646a335b2a5442b0721a814d531-ec6688f4c466e872-01
etag
"654e3c5d-553f"
x-cached-since
2024-01-31T08:47:34+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
21823
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:4500.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
11 KB
11 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:4500.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
faa28d664ff8d077dc0d26e5c3d5af09004f4d1e0cb4f4697e9067b2e5d17b2f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:23:13 GMT
server
nginx
traceparent
00-c2b0d7fd6c5bdc6e1a98ba9f3b4d3f61-fe5e2ddf50a83de3-01
etag
"63722521-2cd8"
x-cached-since
2024-01-31T08:47:34+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
11480
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:2999-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
19 KB
19 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:2999-1.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ba3508c735a5f71935708c30d0f84388433b6aaa267178959e28a650176243ae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:23:01 GMT
server
nginx
traceparent
00-dd362ef7b23ac6a7dfa4e2465b534e28-34d511f395d53f86-01
etag
"63722515-4bf3"
x-cached-since
2024-01-30T21:41:45+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
19443
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:3025.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
11 KB
11 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:3025.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
873db2426499d62d2bb673f5f9bdf24183ccfe35ddbef8c03d3f27e027b2e36b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:23:19 GMT
server
nginx
traceparent
00-ec816509d58d252fd2b736db3935e364-579e6df7b181d304-01
etag
"63722527-2b9f"
x-cached-since
2024-01-30T21:41:45+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
11167
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:3026.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
13 KB
13 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:3026.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0d8d1320612526672636a70897996dbf4570fdb5f97216c038fd39af1d65aa02

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:23:05 GMT
server
nginx
traceparent
00-1bbce0c0bc92dcc38565ae79bd59d948-77d0d37b68e6d61d-01
etag
"63722519-349c"
content-type
image/png
cache-control
max-age=315360000, public
cache
MISS
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
13468
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:25777.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
26 KB
27 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:25777.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e2aa34b0d5b8bc2a9080c3048f83847717539eee187d5e85fff9fb88a3e9e9a2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:23:16 GMT
server
nginx
traceparent
00-d0805dbcea454b7c06a1d1e81057c001-43504dfd53c2dad4-01
etag
"63722524-697a"
content-type
image/png
cache-control
max-age=315360000, public
cache
MISS
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
27002
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:49531.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
44 KB
44 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:49531.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1ae57200ed7647d63409f8e916ff6f92adc907dac19e95992acfb8b9614ebb70

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:23:21 GMT
server
nginx
traceparent
00-bd4015d3bbf19c682cd838c13ef6fb0f-d8ff75618f178edd-01
etag
"63722529-afd1"
content-type
image/png
cache-control
max-age=315360000, public
cache
MISS
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
45009
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:3001-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
16 KB
16 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:3001-1.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6227fe0ea473018a99b01d1d97e7c83dc7b5ff7dc91c37b107c20747fe74fcff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:23:10 GMT
server
nginx
traceparent
00-a3cd54b6c64a016760541228146a0870-f89657ea0599a3c4-01
etag
"6372251e-3f41"
content-type
image/png
cache-control
max-age=315360000, public
cache
MISS
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
16193
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:2817-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
12 KB
12 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:2817-1.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
921329187f251f77c4eeaf04ff2f3189cff526837179ccad6b898304fe14e52e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:15:49 GMT
server
nginx
traceparent
00-9311090b2ad1b77889dcc65375eb650c-610a2c77b782a4a2-01
etag
"63722365-3045"
x-cached-since
2024-01-29T08:56:57+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
12357
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:2820-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
14 KB
14 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:2820-1.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
bbcb0ab0de80017508e91dbb9f5aac07fff7cfdd08107431745ca4c1300a3b4f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:15:41 GMT
server
nginx
traceparent
00-54a9d14d7c2aa75685e25d5efac11b91-6f2df8834adbf736-01
etag
"6372235d-3817"
x-cached-since
2024-01-25T09:41:15+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
14359
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:2859-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
20 KB
20 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:2859-1.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e20447342f43ca37bd409ecfb4a33e10ffd836473d9f47503f8d4064451552dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:15:57 GMT
server
nginx
traceparent
00-fd43e44943433123788be29198d89c0e-867f6928f89f742c-01
etag
"6372236d-4ee9"
x-cached-since
2024-01-27T22:35:33+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
20201
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:2829-2.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
22 KB
22 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:2829-2.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9a1b10dacb76fa5da43b5c27b466898ba8819e463107544540ecce30737fa68d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:15:45 GMT
server
nginx
traceparent
00-c5fb96cc9235a93d56af9911c8c3d186-a51c1a6528e6c89b-01
etag
"63722361-56ff"
x-cached-since
2024-01-30T23:08:03+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
22271
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24_t_1044709.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
13 KB
13 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_1044709.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
421c7984d466ea05b91aeee743419e25db65a76745b709df91586e270e33d2c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Sat, 18 Nov 2023 01:22:28 GMT
server
nginx
traceparent
00-4097db8c03c6f367e76988edf0089c86-309b90f8449fd352-01
etag
"655811d4-338e"
x-cached-since
2024-01-31T17:36:02+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
13198
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:81835.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
4 KB
4 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:81835.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6aeb7e8242a0d311bfd1e660ce1b89ac13925843dccc09ce0d953576f6611c6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:24:07 GMT
server
nginx
traceparent
00-688577955666ca6b0f17bd3c6f7c99fa-a413a96f47a7ed7b-01
etag
"63722557-106d"
x-cached-since
2024-01-31T14:04:05+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
4205
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:3011.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
27 KB
28 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:3011.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0c2ca1a53e399b83d5677debffe60bb1dae176a2c6078b55ca6177fe4966bb7c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:23:18 GMT
server
nginx
traceparent
00-222bd1bce27f4912dcac7bcf6880cf69-3b296283e1d9fff3-01
etag
"63722526-6d62"
x-cached-since
2024-01-31T14:04:05+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
28002
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:120856.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
38 KB
38 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:120856.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
15a5c4d999cb51c80b08cddf55770715a9a4057bc03fe898ab487a5ae894ba0b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:53:56 GMT
server
nginx
traceparent
00-d422d072d8aa7e375690d941c162426d-eca12bab902e6710-01
etag
"63722c54-9607"
x-cached-since
2024-01-29T09:30:04+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
38407
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24_t_6-3.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
15 KB
15 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_6-3.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a7498a752a83b2656232405d7dc180f4318ae9e312f208817cbe4aa46e19c03d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Sat, 19 Aug 2023 07:22:47 GMT
server
nginx
traceparent
00-87d6c65c51da61e8a4091bd47b6185e1-b7bb9859de0aa18a-01
etag
"64e06dc7-3ba4"
x-cached-since
2024-01-29T09:30:04+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
15268
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:3-2.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
9 KB
9 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:3-2.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5dfbe72e3f5e1b51bf3db69ebfde87a7afa9a65c2097b835cc9952d67df4cd5c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:03:12 GMT
server
nginx
traceparent
00-0f909712d971804acc13879efa359312-0e7bc34c2b9da5a8-01
etag
"63722070-2275"
x-cached-since
2024-01-30T20:28:48+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
8821
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:36380.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
25 KB
25 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:36380.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
536b7323cfad29438fce0e82cc89b314ce27d65845515c1d49179d9b74c3185d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:13:49 GMT
server
nginx
traceparent
00-9ff2b450ca163d08a4e75dc59913b921-abc2a18ff91319f9-01
etag
"637222ed-63f0"
x-cached-since
2024-01-30T20:28:48+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
25584
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:286367.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
5 KB
5 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:286367.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8c30b1965061ff20e0416e077d304ab5e179f86350351df01cb94fc287fcf520

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:48:34 GMT
server
nginx
traceparent
00-df99884cb1e2e4fea48b1ddd644a0fcc-b8a0ea056776a4fb-01
etag
"63722b12-1544"
x-cached-since
2024-01-31T12:31:30+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
5444
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:203681.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
15 KB
15 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:203681.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
36ef46e15ad8804913decafc9b7513874320871a57165032a2c0c77bc23e86a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:24:46 GMT
server
nginx
traceparent
00-892f76f3932cd2fb755102baf8b609c0-6777d5871c07f276-01
etag
"6372257e-3c98"
x-cached-since
2024-01-31T12:31:30+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
15512
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:136042-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
17 KB
17 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:136042-1.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9c84d910fbf793d057f4c08e0ee5585c26888fa2fcccbbaf41f577f06055370d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:48:51 GMT
server
nginx
traceparent
00-d7c8dbb1d28694601830a99f1775b220-55a74f2d6d55ee64-01
etag
"63722b23-4303"
x-cached-since
2024-01-31T14:04:05+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
17155
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:5615-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
8 KB
8 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:5615-1.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
60387f1d1d27fa56bad8c46893ce69da8ddac373e32f48da6fbd803f49c758f6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:36:12 GMT
server
nginx
traceparent
00-77c76c35c1065da8fde61bbfa79b30a2-403c3ce8be26e40f-01
etag
"6372282c-1e59"
x-cached-since
2024-01-31T14:49:17+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
7769
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:228616.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
486 KB
486 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:228616.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
929885ea7adacffd121c0c69cc5a220a1772059c5a562d69d5fb55534136b1df

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Tue, 15 Nov 2022 10:43:33 GMT
server
nginx
traceparent
00-d135c4554c49458aa6fa42399a392c02-8b0559b765f25a9c-01
etag
"63736d55-7973d"
x-cached-since
2024-01-31T14:49:17+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
497469
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:25134-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
10 KB
10 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:25134-1.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9233c36a8cd15798608d00680cf49014a5fa025f1af823a3f17b03f305094400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:12:03 GMT
server
nginx
traceparent
00-f1da2c9e601da6c1baac41c91a53a934-3e18657ba15bf64b-01
etag
"63722283-2936"
content-type
image/png
cache-control
max-age=315360000, public
cache
MISS
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
10550
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:3532.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
25 KB
26 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:3532.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b7ef8f2e5750496cdcd4348ea2de7378a8e5c0d868d2ee79ee7875a8a0a8b65b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:27:16 GMT
server
nginx
traceparent
00-27b324992cc647e3df921e460eb735e6-469e80e557ebe8c9-01
etag
"63722614-6599"
content-type
image/png
cache-control
max-age=315360000, public
cache
MISS
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
26009
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:3539.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
158 KB
158 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:3539.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
02b21e3af4a183a5c8685684956228ce8d8020e1e6fe518b76f4cf20255199f7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:26:59 GMT
server
nginx
traceparent
00-9d7b63059a4f96e1288d00a746220dcd-9cae5c4dbe9e3129-01
etag
"63722603-2766a"
x-cached-since
2024-01-31T14:04:05+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
161386
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:3556-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
6 KB
6 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:3556-1.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
92896ae34590fc2005735b7c1e9bfbffa85ce42e697ed7778789d5fad473d70a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:33:58 GMT
server
nginx
traceparent
00-5d41e33970b1a916a7c67b5984e36a88-ba70083f7bb765a4-01
etag
"637227a6-1620"
x-cached-since
2024-01-31T14:04:05+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
5664
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:25430.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
19 KB
19 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:25430.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
41e7f399d43cb4a9a7aa8ca6d93e0a3929a6b92bb723a3625a87dbfa28d1bf58

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 12:23:27 GMT
server
nginx
traceparent
00-fdf8f5f0dd3a99c047e12591d21a5a6e-2a3a593aba8d2594-01
etag
"6372333f-4a7c"
content-type
image/png
cache-control
max-age=315360000, public
cache
MISS
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
19068
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:23705.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
6 KB
7 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:23705.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
61a4d5d3f809f7a50d998649f92cf2af07d5a76649053e056255438e91ed54fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 14 Nov 2022 11:02:27 GMT
server
nginx
traceparent
00-63435f68ea16da8d0fc769192c6dd737-8f15a01d4960d4be-01
etag
"63722043-19e1"
x-cached-since
2024-01-31T14:49:18+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
6625
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:38858.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
4 KB
4 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:38858.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f84ab34acb32b3f9aae3704fe618ae95d9bf519b6fc09a297a37014465d8a124

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Fri, 25 Nov 2022 14:45:48 GMT
server
nginx
traceparent
00-033dfd880d15bc880cd2e3c46bfac8ac-32786f98c21c38f1-01
etag
"6380d51c-e10"
x-cached-since
2024-01-31T14:49:18+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
3600
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24:t:43359.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
10 KB
10 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:43359.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c71413a10196f2a53c02b21b9ee04b020768f5ad9380f7796389512b075f49d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 28 Nov 2022 04:42:57 GMT
server
nginx
traceparent
00-1f9f4e36d961d42638b386600f0f631f-7ea181d8fcb0c147-01
etag
"63843c51-296d"
x-cached-since
2024-01-31T14:49:18+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
10605
expires
Thu, 31 Dec 2037 23:55:55 GMT
scores24_t_52452.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/
13 KB
13 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_52452.png
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
723bb1085b580594f9fdf60f021c4c50f971427fdac9b410103eff10e6bc670a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 20 Nov 2023 19:22:59 GMT
server
nginx
traceparent
00-76ca147d41a6f3e2ba48d18e1844c0bd-b52385565e2672c2-01
etag
"655bb213-3557"
x-cached-since
2024-01-31T14:49:18+00:00
content-type
image/png
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
13655
expires
Thu, 31 Dec 2037 23:55:55 GMT
mascot.489c5ee3.svg
mrspeedtime.gcdn.co/img/
6 KB
3 KB
Image
General
Full URL
https://mrspeedtime.gcdn.co/img/mascot.489c5ee3.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5f60ba2783fe1359d0ea58a96615b3e85756a33b0ea7d9cc5d20845128980a8c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
br
x-cached-since
2023-12-11T09:06:31+00:00
x-id-fe
fr5-hw-edge-gc38
content-length
2500
last-modified
Sun, 10 Dec 2023 14:15:10 GMT
server
nginx
traceparent
00-e1f59e8ffbb0682e24784ec930315459-b07c5d1bc9b31daa-01
etag
"6575c7ee-9c4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/
255 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ac23e09efd7dc358c10fd73d7d355c5b2c0934584a60b837a99afcc2de9b3a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88835
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jan 2024 19:07:09 GMT
js
track.leonretarget.com/pixel/
477 B
802 B
Script
General
Full URL
https://track.leonretarget.com/pixel/js?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.195.87 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
b2cb126cc335d3af70094c5627edc02a541ceb27d3c6c51906dd80589795df8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 19:07:09 GMT
Server
nginx/1.20.0
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
477
Expires
Sat, 01 Jan 2000 00:00:00 GMT
tc.min.js
c1.rfihub.net/js/
19 KB
6 KB
Script
General
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:d800:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 18:54:45 GMT
content-encoding
gzip
via
1.1 39ed76664123c3090231ff0882467152.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2024 18:54:35 GMT
server
Jetty(9.4.51.v20230217)
x-amz-cf-pop
MUC50-C1
age
744
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
gmg9Ls8RvnsY6eAKVgnSiKQMRfNcFWnY4XAAcekLDplel4czhGop5w==
expires
Wed, 31 Jan 2024 19:54:45 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/
81 KB
31 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 09:56:34 GMT
server
nginx
x-amz-request-id
tx00000ea239e22e83b616b-00646c8ee1-3295d06f-default
etag
W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
gtr.min.js
dsp-media.eskimi.com/assets/js/e/
6 KB
3 KB
Script
General
Full URL
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
6e17b0821e9b7e789c616bac4ef7ea40f46b4b93a79b9746e836efee0e057d10
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 09:30:20 GMT
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1080
cdn-cachedat
01/11/2024 09:30:20
cdn-pullzone
692289
last-modified
Thu, 11 Jan 2024 08:57:57 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"659fad95-1963"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
3f7bee04f6d35f2869061e8e5351a565
cdn-requestcountrycode
NL
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
quant.js
secure.quantserve.com/
23 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 07 Feb 2024 19:07:09 GMT
api-1
leon56.bet/
37 KB
5 KB
Fetch
General
Full URL
https://leon56.bet/api-1
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bc8b15ddfc34a6723ccbdcf7259fafed05899fe69390556429530bb17e35b986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
DARK
x-app-browser
chrome
accept-language
nl-NL,nl;q=0.9
x-app-platform
web
x-app-env
prod
x-requested-uri
/
x-app-skin
default
x-app-version
6.80.4
x-app-os
windows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json
Referer
https://leon56.bet/
x-app-language
pt_PT
x-app-modernity
modern
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
nl-NL
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
api-1
leon56.bet/
1 KB
701 B
Fetch
General
Full URL
https://leon56.bet/api-1
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bfc1416b8f40943094b75c48bbd27506112bfe5dc15da699fef5e5737934c141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
DARK
x-app-browser
chrome
accept-language
nl-NL,nl;q=0.9
x-app-platform
web
x-app-env
prod
x-requested-uri
/
x-app-skin
default
x-app-version
6.80.4
x-app-os
windows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json
Referer
https://leon56.bet/
x-app-language
pt_PT
x-app-modernity
modern
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
nl-NL
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
color-margin-0.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/
4 KB
5 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-margin-0.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9500d42196478f9d0c4bd68ba9fc8d248bb4bc5b711532ca57f950bf5e311a1c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 21 Mar 2022 11:53:22 GMT
server
nginx
traceparent
00-7dc2523c4e378ffdbfd92b80b8ac298b-99489ee08a219a11-01
etag
"62386732-11dd"
x-cached-since
2023-06-01T09:31:17+00:00
content-type
image/svg+xml
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
4573
expires
Thu, 31 Dec 2037 23:55:55 GMT
tracker.js
tracker.ads.sportradar.com/dist/
27 KB
7 KB
Script
General
Full URL
https://tracker.ads.sportradar.com/dist/tracker.js
Requested by
Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 08:33:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
etag
"235331a0761142ae4fd345cdf7c7f9ed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
2ZkTgKOK3PXbgKULn9WZJPH6ZtMK7Vaofk6lhvuFlDBA4oM2sFmerA==
content-length
6405
pixel
a.sportradarserving.com/ul_cb/
Redirect Chain
  • https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
1 KB
2 KB
Script
General
Full URL
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
HTTP/1.1
Server
52.28.196.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-196-42.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1760bc8f7c37e3588fbfc82ee9f3dde4deb00a1ed709aba075efd3eaddc1ea2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 19:07:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1527
Content-Type
text/javascript; charset=UTF-8

Redirect headers

Location
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
Date
Wed, 31 Jan 2024 19:07:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
destination
www.googletagmanager.com/gtag/
183 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-11843672&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
944f7c83f9b602ff682ca41332c5dc9dd2a0438ad7e255a001ec227526fc14f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68139
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 18:19:23 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jan 2024 19:07:09 GMT
collect
region1.google-analytics.com/g/
0
250 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je41t0v871047016z8890860847&_p=1706728028804&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=931578487.1706728029&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706728029&sct=1&seg=0&dl=https%3A%2F%2Fleon56.bet%2F&dt=Apostas%20online%20e%20Casino%20%7C%20B%C3%B3nus%20Leon%3A%20Aposta%20gr%C3%A1tis%20at%C3%A9%20200%E2%82%AC&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=1076
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://leon56.bet
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/
5 KB
689 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a8d842dbcf583e49fc9c648d54f6fa3721dabb382b0c4afb8cb5132993a9adb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 19:04:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 19:07:09 GMT
css2
fonts.googleapis.com/
5 KB
657 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 18:54:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 19:07:09 GMT
bg-1448x3-1122@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/
10 KB
10 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/bg-1448x3-1122@x2.webp
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c5bfb621aa3e573fc4868a135a9facc4c67c894db8bbffb8c030cb7fe7a0a692

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 22 Jan 2024 13:46:45 GMT
server
nginx
traceparent
00-8e08f0df07504e74ab0d70fd6aa19f1c-510f865e0358b010-01
etag
"65ae71c5-28e2"
x-cached-since
2024-01-27T22:35:35+00:00
content-type
image/webp
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
10466
expires
Thu, 31 Dec 2037 23:55:55 GMT
Frame-15x3111-111@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/
59 KB
59 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/Frame-15x3111-111@x2.webp
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c7a5c397c1265b3e6772f0755430f941b5b706c38e947eb434d6b113cba73088

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Mon, 22 Jan 2024 13:56:01 GMT
server
nginx
traceparent
00-13df22b3308b1d3d05c0064e60704368-ae66f25568336acc-01
etag
"65ae73f1-ec4c"
x-cached-since
2024-01-27T22:35:35+00:00
content-type
image/webp
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
60492
expires
Thu, 31 Dec 2037 23:55:55 GMT
2460x696-22@x2-1.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/
121 KB
121 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/2460x696-22@x2-1.webp
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
26492732e0be65fe2bef085e0d3144c6e43a33815a1026271745c0b630b5f903

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Wed, 17 Jan 2024 15:59:14 GMT
server
nginx
traceparent
00-49c5a55c43e45921513c502cee62fefa-3d6cb322c37b9f58-01
etag
"65a7f952-1e23e"
x-cached-since
2024-01-31T12:27:51+00:00
content-type
image/webp
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
123454
expires
Thu, 31 Dec 2037 23:55:55 GMT
2460x696-281@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/
161 KB
161 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/2460x696-281@x2.webp
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
67e22631beb6e0799e45823da83a4d56591b0595c0284c39df0ef269608f0269

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Thu, 18 Jan 2024 13:40:15 GMT
server
nginx
traceparent
00-679b71cef4e0db6c488f502b226c2544-58cebab5b2a76b84-01
etag
"65a92a3f-2838e"
content-type
image/webp
cache-control
max-age=315360000, public
cache
MISS
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
164750
expires
Thu, 31 Dec 2037 23:55:55 GMT
2460x696-83@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/
113 KB
113 KB
Image
General
Full URL
https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/2460x696-83@x2.webp
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8907b46851812438e2e41b5b4b8d12c9ef48dd0264aba97fdc0a6d5b493a66d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
last-modified
Tue, 16 Jan 2024 14:02:00 GMT
server
nginx
traceparent
00-43635565102a71031db8427b1aa63aec-42a889d18eb0608d-01
etag
"65a68c58-1c412"
x-cached-since
2024-01-31T14:49:18+00:00
content-type
image/webp
cache-control
max-age=315360000, public
cache
HIT
x-id-fe
fr5-hw-edge-gc38
accept-ranges
bytes
content-length
115730
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
leoncas.com/rest/auth/saved-passwords/
34 B
571 B
Fetch
General
Full URL
https://leoncas.com/rest/auth/saved-passwords/
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.169.10.207 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e19237af2d984f7b772577bee8f16b86c42e21212c0f9cb0fb17762cc2de04e4

Request headers

x-app-layout
desktop
Referer
https://leon56.bet/
x-app-os
windows
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform
web

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
https://leon56.bet
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, x-app-layout, x-app-browser, x-app-version, x-app-os, x-requested-uri, x-app-skin, x-app-rendering, x-app-platform, x-app-env, x-app-modernity, user-agent, cookie
expires
0
/
leoncas.com/rest/auth/saved-passwords/ Frame
0
0
Preflight
General
Full URL
https://leoncas.com/rest/auth/saved-passwords/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.169.10.207 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-app-layout,x-app-os,x-app-platform
Access-Control-Request-Method
GET
Origin
https://leon56.bet
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, x-app-layout, x-app-browser, x-app-version, x-app-os, x-requested-uri, x-app-skin, x-app-rendering, x-app-platform, x-app-env, x-app-modernity, user-agent, cookie
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://leon56.bet
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 31 Jan 2024 19:07:09 GMT
expires
0
pragma
no-cache
server
nginx
bounce
secure.adnxs.com/ Frame 90C1
Redirect Chain
  • https://20828756p.rfihub.com/ca.html?ver=9&rb=43197&ca=20828756&_o=43197&_t=20828756&pe=https%3A%2F%2Fleon56.bet%2F&pf=&ra=00884612530498563
  • https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2Fleon56.bet%2F&pf=
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252Fleon56.bet%252F%26pf%3D
43 B
1 KB
Document
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252Fleon56.bet%252F%26pf%3D
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://leon56.bet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
069a4d5e-17c3-4dc1-aa21-65cbf28a891d
cache-control
no-store, no-cache, private
content-length
43
content-type
image/gif
date
Wed, 31 Jan 2024 19:07:09 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
31.204.153.193; 31.204.153.193; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
bd3751f5-3631-46c8-bafd-c05a138bf45c
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 19:07:09 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252Fleon56.bet%252F%26pf%3D
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
31.204.153.193; 31.204.153.193; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
cssession
dsp-trk.eskimi.com/tracking/
2 B
166 B
XHR
General
Full URL
https://dsp-trk.eskimi.com/tracking/cssession?tst&id=28935&url=https%3A%2F%2Fleon56.bet%2F&t=1706728029304
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://leon56.bet
date
Wed, 31 Jan 2024 19:07:08 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/plain; charset=UTF-8
gtr
dsp-ap.eskimi.com/v2/
116 B
572 B
XHR
General
Full URL
https://dsp-ap.eskimi.com/v2/gtr?id=28935&url=https%3A%2F%2Fleon56.bet%2F&t=1706728029304
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.201.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b2ff9509943b1285736cb250bfd58dbee50219de7394063cee1c5241b34dfcd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://leon56.bet
date
Wed, 31 Jan 2024 19:07:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
pt.8ec9d7ec.svg
mrspeedtime.gcdn.co/img/
12 KB
5 KB
Image
General
Full URL
https://mrspeedtime.gcdn.co/img/pt.8ec9d7ec.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
56ace48801308f4ff602494a54762d3dd0811e1bac95a3ed49b6854c4d657797

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
br
x-cached-since
2023-09-12T07:26:35+00:00
x-id-fe
fr5-hw-edge-gc38
content-length
4456
last-modified
Fri, 08 Sep 2023 12:48:39 GMT
server
nginx
traceparent
00-9231fe86aa24d310bbc5300467c1e654-08c9392fd6d37844-01
etag
"64fb1827-1168"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
sunSw.ed0b29cf.svg
mrspeedtime.gcdn.co/img/
447 B
434 B
Image
General
Full URL
https://mrspeedtime.gcdn.co/img/sunSw.ed0b29cf.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
775042c1fe9439c9066a6d08cb873a8be580b1f68bc1d0cec530291043fe3bd5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
br
x-cached-since
2023-12-14T12:54:44+00:00
x-id-fe
fr5-hw-edge-gc38
content-length
274
last-modified
Wed, 13 Dec 2023 16:45:46 GMT
server
nginx
traceparent
00-4b33aab012c3708b4501a5aefc76f861-4cc2de259fd56bd6-01
etag
"6579dfba-112"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
moonSw.42d77c61.svg
mrspeedtime.gcdn.co/img/
382 B
358 B
Image
General
Full URL
https://mrspeedtime.gcdn.co/img/moonSw.42d77c61.svg
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c020aa5e9eb7aac89747e8a51508d90351d160dfe83e4b0a21dbbb0f05be0f9c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc38
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
br
x-cached-since
2023-12-14T12:54:44+00:00
x-id-fe
fr5-hw-edge-gc38
content-length
241
last-modified
Wed, 13 Dec 2023 16:45:46 GMT
server
nginx
traceparent
00-051c7f76dbd50e0292e2f5519053d828-887a01180f92834b-01
etag
"6579dfba-f1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap&family=Mulish:wght@400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:44:46 GMT
x-content-type-options
nosniff
age
80543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 20:44:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap&family=Mulish:wght@400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:50:12 GMT
x-content-type-options
nosniff
age
87417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:50:12 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap&family=Mulish:wght@400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 16:39:21 GMT
x-content-type-options
nosniff
age
440868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 16:39:21 GMT
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap&family=Mulish:wght@400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:08:51 GMT
x-content-type-options
nosniff
age
205098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21140
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 10:08:51 GMT
rules-p-C_a3_CVaT9dWt.js
rules.quantcount.com/
222 B
703 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-C_a3_CVaT9dWt.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:f200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a789b44412d2879eaf23bdec3da4f565594749435f436640a8f9bb35477fd10

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 18:28:51 GMT
via
1.1 fc6dca2df1221c0bec817610bc20e504.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
2398
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
222
last-modified
Wed, 02 Aug 2023 13:00:19 GMT
server
AmazonS3
etag
"834f5ada9a90a08951234afdc6ad228e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Setjb2SXvFrYo5xX_a-Lq1xpreVutBhRvWunAzf1Y_dgRTXiFuMbEg==
sp-3.8.0.js
tracker.ads.sportradar.com/dist//
73 KB
24 KB
Script
General
Full URL
https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by
Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 08:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
etag
"143272dddc33395008a84a86ac9c2e96"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
AbmXkrkB_411dv7lJUiE3zwicttWNNn9hnDlvdBwv4ygO3Jd1-eqkg==
content-length
24162
/
track.adform.net/Serving/TrackPoint/
632 B
1 KB
Script
General
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=3024289&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=702846824966&ADFtpmode=2&loc=https%3A%2F%2Fleon56.bet%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5ea04293950145d6609c04ecd2ba7c81eb5677a09ba6128bd1ca4b3d0c1b1694
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
437
expires
-1
/
a1.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=993101084328&ADFtpmode=2&loc=https%3A%2F%2Fleon56.bet%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
  • https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=993101084328&ADFtpmode=2&loc=https%3A%2F%2Fleon56.bet%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
846 B
1 KB
Script
General
Full URL
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=993101084328&ADFtpmode=2&loc=https%3A%2F%2Fleon56.bet%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0cd88bf1651c172f09f38edef11dff2827f96a76cb21f900954b226b5201cf65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
688
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=993101084328&ADFtpmode=2&loc=https%3A%2F%2Fleon56.bet%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
activityi;dc_pre=CNqdwK-piIQDFbcHTwgdDzkJDg;src=11843672;type=safev0;cat=safeg000;ord=3083836726965;npa=0;auiddc=1765446309.1706728030;pscdl=noapi;gtm=45fe41t0;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;u...
11843672.fls.doubleclick.net/ Frame 014B
Redirect Chain
  • https://11843672.fls.doubleclick.net/activityi;src=11843672;type=safev0;cat=safeg000;ord=3083836726965;npa=0;auiddc=1765446309.1706728030;pscdl=noapi;gtm=45fe41t0;gcd=11l1l1l1l1;dma_cps=sypham;dma=...
  • https://11843672.fls.doubleclick.net/activityi;dc_pre=CNqdwK-piIQDFbcHTwgdDzkJDg;src=11843672;type=safev0;cat=safeg000;ord=3083836726965;npa=0;auiddc=1765446309.1706728030;pscdl=noapi;gtm=45fe41t0;...
499 B
596 B
Document
General
Full URL
https://11843672.fls.doubleclick.net/activityi;dc_pre=CNqdwK-piIQDFbcHTwgdDzkJDg;src=11843672;type=safev0;cat=safeg000;ord=3083836726965;npa=0;auiddc=1765446309.1706728030;pscdl=noapi;gtm=45fe41t0;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fleon56.bet%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11843672&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
7264da55123b2bfd32964ebad35f5c0c1c6ef907141a0e935d591f7b6b682421
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leon56.bet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
292
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 19:07:09 GMT
expires
Wed, 31 Jan 2024 19:07:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 19:07:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11843672.fls.doubleclick.net/activityi;dc_pre=CNqdwK-piIQDFbcHTwgdDzkJDg;src=11843672;type=safev0;cat=safeg000;ord=3083836726965;npa=0;auiddc=1765446309.1706728030;pscdl=noapi;gtm=45fe41t0;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fleon56.bet%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
track.leonretarget.com/
0
292 B
Image
General
Full URL
https://track.leonretarget.com/pixel?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined&site=leon56.bet&ln=en-US
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.195.87 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 19:07:09 GMT
Server
nginx/1.20.0
Access-Control-Allow-Origin
*
Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel;r=1493537837;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2Fleon56.bet%2F;uht=2;fpan=1;fpa=P0-2136534541-1706728029491;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;...
pixel.quantserve.com/
35 B
509 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1493537837;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2Fleon56.bet%2F;uht=2;fpan=1;fpa=P0-2136534541-1706728029491;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=leon56.bet;dst=1;et=1706728029597;tzo=-60;ogl=image.https%3A%2F%2Fleonbets3%252Egcdn%252Eco%2FHRJLWPLB%2Fimages%2Fog%2Fleon%252Epng;ses=8f73872c-cd31-49b3-9ece-870d8a3d17c3;mdl=
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["_fp.event.PageView"],"pcode":["p-C_a3_CVaT9dWt"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
track.adform.net/Serving/TrackPoint/
846 B
1 KB
Script
General
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3024289&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=702846824966&ADFtpmode=2&loc=https%3A%2F%2Fleon56.bet%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=6775683421121403950
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
728bc61745b7d148ea2311d457daaee2f8908de685088ed1e0b8a8cd88bf23cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
691
expires
-1
pixels
c1.adform.net/imatch/ Frame CF50
4 KB
2 KB
Document
General
Full URL
https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Requested by
Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3024289&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=702846824966&ADFtpmode=2&loc=https%3A%2F%2Fleon56.bet%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=6775683421121403950
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
404524a2d24c055d8c0e98cb7d5d9c5e3cf8b52a559303f2942cb55c4e8716f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://leon56.bet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 19:07:09 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
server.seadform.net/serving/cookie/sync/
35 B
467 B
Image
General
Full URL
https://server.seadform.net/serving/cookie/sync/?uid=8492469179888309127&stamp=KDkbJ6pZVvEDvP-67D9Y4w2
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
sync
x.bidswitch.net/
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ab67b39a-e8f2-463d-ba39-347943802a2b&cb=e1c8ef88-3b01-4657-a74e-949970071c9a
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 19:07:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
x.bidswitch.net/
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ab67b39a-e8f2-463d-ba39-347943802a2b&cb=c03b4714-aa33-477e-8c3c-fbf18806cae0
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 19:07:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
x.bidswitch.net/
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ab67b39a-e8f2-463d-ba39-347943802a2b&cb=6ec48926-0cda-4e79-ae4e-fe3da9647b33
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 19:07:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
syncd
x.bidswitch.net/
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/syncd?dsp_id=409&user_id=ab67b39a-e8f2-463d-ba39-347943802a2b&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 19:07:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
server.seadform.net/serving/cookie/sync/
35 B
466 B
Image
General
Full URL
https://server.seadform.net/serving/cookie/sync/?uid=7353873387659289104&stamp=gTKrTyer6_MDvP-67D9Y4w2
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
plf
c1.adform.net/imatch/ Frame CF50
0
384 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ Frame CF50
43 B
199 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=8492469179888309127&Expiration=1707937629
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.129.62.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-62-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 19:07:09 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame CF50
0
235 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 19:07:09 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Tue, 30 Jan 2024 19:07:09 GMT
token
token.rubiconproject.com/ Frame CF50
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.80 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
deb9f124eecce7a554c70ca983265c95
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpui
ih.adscale.de/adscale-ih/ Frame CF50
0
38 B
Image
General
Full URL
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8492469179888309127&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.81.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-81-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame CF50
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=8492469179888309127&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.73 Lille, France, ASN16276 (OVH, FR),
Reverse DNS
ip73.ip-5-196-111.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:08 GMT
transfer-encoding
chunked
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame CF50
43 B
640 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::172 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 19:07:09 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706728029850096-395
sync
x.bidswitch.net/ Frame CF50
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 19:07:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rum
dsum-sec.casalemedia.com/ Frame CF50
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8492469179888309127&expiration=1707937629
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8492469179888309127&expiration=1707937629&C=1
43 B
352 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8492469179888309127&expiration=1707937629&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Server
2606:4700:4400::ac40:9765 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OK7DyZvdmKDZnUM38dbLMScV4v9QzEL8d4DlV%2BjEYJPpxc%2FmSUiNzd3qPhsTFfSSeUOYygWKSpfishQ%2F%2BWksycOMonN06n3LP4uibUfIpMotpCVlUZI5WrH4lbuejTTcqYB9EF4e5ZcdIyU7GhizOVJ9IcYUKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84e43c6aa8a9b950-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Gm%2F37ql2ns2CCiXMwluo5gkCg1WCnFHZB73Uapw0tjmyYxpn0gVlL20z7Wh7drzEsjAqTx5ohJ64mQBWCqFYlc5HhdVARd5HMT9ShUwqSAlefYqWC4JdIT3x0l%2B67fWR%2FvamY2ah1bzTl08Fsf3YRZuEo8eKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=111&external_user_id=8492469179888309127&expiration=1707937629&C=1
cache-control
no-cache
cf-ray
84e43c6a5819b950-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
12092831
se.semasio.net/sync/1/ Frame CF50
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8492469179888309127&sInitiator=external
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8492469179888309127&sInitiator=external
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=8492469179888309127&gdpr=&sInitiator=external
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=3668238134883985166&sInitiator=internal&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MURDRjI4RkY3MzRGMTY4Ng&gdpr=
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEFnUTo0eJHoAJp1yihCDpPc&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEFnUTo0eJHoAJp1yihCDpPc&sInitiator=internal&google_cver=1&gdpr=
0
415 B
Image
General
Full URL
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEFnUTo0eJHoAJp1yihCDpPc&sInitiator=internal&google_cver=1&gdpr=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
HTTP/1.1
Server
77.243.51.122 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:08 GMT
uip-status
Ok
frontend-id
04
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEFnUTo0eJHoAJp1yihCDpPc&sInitiator=internal&google_cver=1&gdpr=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
match
ps.eyeota.net/ Frame CF50
0
344 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=8492469179888309127&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 19:07:09 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel.gif
load77.exelator.com/ Frame CF50
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8492469179888309127
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8492469179888309127&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
462 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 31 Jan 2024 19:07:10 GMT
x-age-lb
678899
x-amz-request-id
tx00000490ac5aaa044b44d-0065909fa8-5134150-nyc
x-77-cache
HIT
x-accel-date
1706049131
content-length
43
x-77-nzt
A8O1rw43Nzf/81sKACUTwjE3Nzexz9PUZg+uJwA
x-accel-expires
@1707085931
x-77-age
678899
x-cache-lb
HIT
last-modified
Sat, 30 Dec 2023 22:32:08 GMT
server
CDN77-Turbo
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray
908339307f86509b5e9aba65af466004
content-type
image/gif
x-rgw-object-type
Normal
accept-ranges
bytes

Redirect headers

date
Wed, 31 Jan 2024 19:07:15 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
362358.gif
idsync.rlcdn.com/ Frame CF50
Redirect Chain
  • https://idsync.rlcdn.com/398366.gif?partner_uid=8492469179888309127
  • https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTODQ5MjQ2OTE3OTg4ODMwOTEyNxAAGg0I3bTqrQYSBQjoBxAAQgBKAA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESECublB4a--yxJ_HvS7osfo0&google_cver=1
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECublB4a--yxJ_HvS7osfo0&google_cver=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:10 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECublB4a--yxJ_HvS7osfo0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8492469179888309127/gdpr=/ Frame CF50
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8492469179888309127/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.162.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-162-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.27
content-length
49
expires
0
29729
tags.bluekai.com/site/ Frame CF50
62 B
218 B
Image
General
Full URL
https://tags.bluekai.com/site/29729?id=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 31 Jan 2024 19:07:10 GMT
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame CF50
43 B
264 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame CF50
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
HTTP/1.1
Server
52.218.1.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 19:07:11 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
GZ3ZKR24WVZAZRF2
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
fcf8M8s1HH5aS33NRVTbgku+r7JyHqrRe/8FoQaBVO6AOZh16vLZLk58q7+LG7lcSgmWtp9mTLk=

Redirect headers

X-Error-Reason
Missing UserId
Date
Wed, 31 Jan 2024 19:07:09 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
137
/
cm.adsafety.net/ Frame CF50
43 B
577 B
Image
General
Full URL
https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.135.9.134 , Germany, ASN48314 (IP-PROJECTS, DE),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 19:07:10 GMT
Last-Modified
Wed, 31 Jan 2024 19:07:10 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame CF50
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.179.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-179-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
beacon-n013-dub-prod.krxd.net
date
Wed, 31 Jan 2024 19:07:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1706728030
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
plf
c1.adform.net/imatch/ Frame CF50
0
384 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
/
c1.adform.net/serving/cookie/match/ Frame CF50
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODQ5MjQ2OTE3OTg4ODMwOTEyNw
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGW48Ho1q4O4Jn7GFrPJFR0&google_cver=1&google_ula=1641347,0
35 B
600 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGW48Ho1q4O4Jn7GFrPJFR0&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGW48Ho1q4O4Jn7GFrPJFR0&google_cver=1&google_ula=1641347,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
secure.adnxs.com/ Frame CF50
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://c1.adform.net/serving/cookie/match?party=3&id=3668238134883985166&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=7353873387659289104
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/setuid?entity=91&code=7353873387659289104
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
an-x-request-uuid
f756b96d-2f6b-47ba-bb7e-05cb1c0021c8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
31.204.153.193; 31.204.153.193; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://secure.adnxs.com/setuid?entity=91&code=7353873387659289104
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame CF50
0
225 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 19:07:10 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
pdw-adf.userreport.com/ Frame CF50
43 B
433 B
Image
General
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-70.muc50.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 19:07:10 GMT
Via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
gyThZgC5XIvO7YHOLbHRtlDm4sX6eEDsO1-N0tHTIXrazTHtRJT4FA==
p
a.audrte.com/ Frame CF50
Redirect Chain
  • https://a.audrte.com/a?adform_uid=8492469179888309127
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmNnSW50ZEFnOFlSSHlZR1pwRjhOYkIydw%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
HTTP/1.1
Server
54.78.141.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-141-128.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 19:07:10 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 31 Jan 2024 19:07:10 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame CF50
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8492469179888309127&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=8492469179888309127&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=83232509902390735744296389776586076218&noredirect=1
35 B
591 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=83232509902390735744296389776586076218&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

dcs
dcs-prod-irl1-2-v054-0ead1cbb3.edge-irl1.demdex.com 3 ms
pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
fS6TirBiRdE=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://c1.adform.net/serving/cookie/match?party=1007&cid=83232509902390735744296389776586076218&noredirect=1
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame CF50
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8492469179888309127
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217543104778318295883
35 B
600 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217543104778318295883
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217543104778318295883
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame CF50
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7330341072021092493
35 B
591 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7330341072021092493
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7330341072021092493
Date
Wed, 31 Jan 2024 19:07:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame CF50
62 B
429 B
Image
General
Full URL
https://tags.bluekai.com/site/33302?id=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 31 Jan 2024 19:07:10 GMT
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame CF50
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=MhvkibCj1RvfVs5
35 B
600 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=MhvkibCj1RvfVs5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 19:07:10 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-05d5f34508019eaec@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=MhvkibCj1RvfVs5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame CF50
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:10 GMT
server
Kestrel
content-length
70
content-type
image/gif
0.gif
id5-sync.com/s/10/ Frame CF50
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/10/0.gif?puid=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 31 Jan 2024 19:07:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
dmp.adform.net/serving/cookie/match/ Frame CF50
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2795908124
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=VApCMbtGPfNvLYoqFpQnZ.
35 B
600 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=VApCMbtGPfNvLYoqFpQnZ.
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:09 GMT
via
1.1 google
last-modified
Wed, 31 Jan 2024 19:07:10 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=VApCMbtGPfNvLYoqFpQnZ.
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame CF50
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=119&uid=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 19:07:10 GMT
pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
/
s.ad.smaato.net/c/ Frame CF50
0
234 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:d400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:10 GMT
cache-control
no-cache, must-revalidate
via
1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
x-amz-cf-id
DvtT-HDyn73e29D1CZf-v2AouanhBYecDwW1bkPhPb2vsc3dMOri1w==
x-cache
Miss from cloudfront
8492469179888309127
match.contentexchange.me/adform/ Frame CF50
0
49 B
Image
General
Full URL
https://match.contentexchange.me/adform/8492469179888309127?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:10 GMT
content-length
0
server
nginx/1.16.1
xuid
eb2.3lift.com/ Frame CF50
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=8492469179888309127&dongle=AD20
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
put
e1.emxdgt.com/ Frame CF50
0
44 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d52&uid=8492469179888309127
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.15.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-15-64.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:10 GMT
server
awselb/2.0
plf
c1.adform.net/imatch/ Frame CF50
0
384 B
Image
General
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://c1.adform.net/imatch/pixels?bt=0&uid=8492469179888309127&agencyId=8296&advertiserId=2156645&src=tp&rnd=329916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
dc_pre=CNqdwK-piIQDFbcHTwgdDzkJDg;src=11843672;type=safev0;cat=safeg000;ord=3083836726965;npa=0;auiddc=*;pscdl=noapi;gtm=45fe41t0;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;ua...
adservice.google.com/ddm/fls/z/ Frame 014B
42 B
401 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNqdwK-piIQDFbcHTwgdDzkJDg;src=11843672;type=safev0;cat=safeg000;ord=3083836726965;npa=0;auiddc=*;pscdl=noapi;gtm=45fe41t0;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fleon56.bet%2F
Requested by
Host: 11843672.fls.doubleclick.net
URL: https://11843672.fls.doubleclick.net/activityi;dc_pre=CNqdwK-piIQDFbcHTwgdDzkJDg;src=11843672;type=safev0;cat=safeg000;ord=3083836726965;npa=0;auiddc=1765446309.1706728030;pscdl=noapi;gtm=45fe41t0;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fleon56.bet%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://11843672.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async-vendor-firebase.d.m.9fe7e249.js
mrspeedtime.gcdn.co/js/
44 KB
12 KB
Script
General
Full URL
https://mrspeedtime.gcdn.co/js/async-vendor-firebase.d.m.9fe7e249.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.06ca34e4c54c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a1407436d4f9b3e22bbe978717c11e9bee7dbee0ce32ea53bbb1720344927ab7

Request headers

Referer
https://leon56.bet/
Origin
https://leon56.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc29
date
Wed, 31 Jan 2024 19:07:11 GMT
content-encoding
br
x-cached-since
2024-01-24T09:26:34+00:00
x-id-fe
fr5-hw-edge-gc29
content-length
12281
last-modified
Wed, 24 Jan 2024 09:00:57 GMT
server
nginx
traceparent
00-c417cbf377b9848b713a98d5fe4a54fd-72f7942be4a462ac-01
etag
"65b0d1c9-2ff9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
undefined
widget.intercom.io/widget/
7 KB
3 KB
Script
General
Full URL
https://widget.intercom.io/widget/undefined
Requested by
Host: leon56.bet
URL: https://leon56.bet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-14.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88c494326d91c9a0a8c478560d66928951f0c73dc7c941c5b29b96d561075977

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
qOItGgdCMpJ1dXpMuW38vtgrsV_Dzkjw
content-encoding
gzip
via
1.1 6f5ba49c3df973a476d63dbb743d9b22.cloudfront.net (CloudFront)
date
Wed, 31 Jan 2024 19:02:46 GMT
x-amz-cf-pop
MUC50-C1
age
279
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2705
last-modified
Wed, 31 Jan 2024 17:41:57 GMT
server
AmazonS3
etag
"3d45a7d617631650142b6bd22a2b1673"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
NOW1RYT0GjbOKnGqPZVmD2N1xCIWYFOc4opjSPncealeYT-gj7AKOQ==
api-1
leon56.bet/
195 B
493 B
Fetch
General
Full URL
https://leon56.bet/api-1
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a0b737b68caf2e60ad921460b6c72ecce89a1012edc19f28668defe63a6f0556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
x-app-theme
DARK
x-app-browser
chrome
accept-language
nl-NL,nl;q=0.9
x-app-platform
web
x-app-env
prod
x-requested-uri
/
x-app-skin
default
x-app-version
6.80.4
x-app-os
windows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json
Referer
https://leon56.bet/
x-app-language
pt_PT
x-app-modernity
modern
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
content-language
nl-NL
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0
frame-modern.0dc2c5c8.js
js.intercomcdn.com/ Frame C96C
516 KB
143 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.0dc2c5c8.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-70.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19d3cdd8981a0192d146a19c58f1a810a82eae3a05016946895bd21b6de51cdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:42:01 GMT
content-encoding
gzip
via
1.1 72818776d4abe4e5a732c084dae83f1a.cloudfront.net (CloudFront)
x-amz-version-id
JqV.x5NS0dmwme0RIus.PImPIz7MBTmX
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-C1
age
5112
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145564
last-modified
Wed, 31 Jan 2024 17:38:59 GMT
server
AmazonS3
etag
"e7e41bfd2a48128b749b8726ca47f867"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
FNCYCDBhHwzDXUSYOlIBzqihRmCsLWJhgNeMiCH2duyy1teSUXZV-g==
vendor-modern.af6641c5.js
js.intercomcdn.com/ Frame C96C
408 KB
126 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.af6641c5.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-70.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6376e264ac24e50f7ac1866a86e23a3c0134ce82d6b059aefee2177b211effa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
2mqKHzHQPsWZkLmRB3V9BWH6KI7YTQqi
content-encoding
gzip
via
1.1 72818776d4abe4e5a732c084dae83f1a.cloudfront.net (CloudFront)
date
Wed, 31 Jan 2024 19:04:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-C1
age
175
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
128603
last-modified
Wed, 31 Jan 2024 13:01:15 GMT
server
AmazonS3
etag
"ceb2be930e6354b8c59b3cf04a3f088b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
ARtgV-1p6506ZePKBtHuHUShvrknD4J46GZgD7KQdi8AgKjRPoIN5Q==
ping
api-iam.intercom.io/messenger/web/ Frame C96C
5 KB
3 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.0dc2c5c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.211.62.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-62-72.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4ac204ab217dc94c4be73868480155565f221819e521b3b26f6b87f061d21163
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 19:07:13 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-02153bee0fab8bfbb
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0001o8ais9s3vun6rp20
x-runtime
0.273442
server
nginx
etag
W/"4ac204ab217dc94c4be7386848015556"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://leon56.bet
x-intercom-version
b1bc60ca1eed936ef681ba095a1a233e5997eb25
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
tag.js
mc.yandex.ru/metrika/
204 KB
71 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-app.d.m.4f892b8b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9c641fd8ad8fc0517d4ee8d937866e2542fe7e0b07761c710a5c9a423b269dd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 31 Jan 2024 11:10:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65ba2a9a-11840"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71744
expires
Wed, 31 Jan 2024 20:07:12 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10265.uJ8ArwaFCMJdrPh8jozcY_1fokkxWRT2S7gJ-v2_RsvA-VZ8KKWBdsc3PSJdmsUb.DwuqyGz1iSmq9Otdq9FANdETZbA%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10265.dzHV387sja81rWqOrYjK3OIEoV8oX1YazV8mUuQ871rhfrT3Nlgc2xR6h41334jT_FkegeXSAZGkmM5f1DxMv0uzSMca8ZbN2vsv4nuti93nQ2aXVxbrhiGh7rG6aJm7Hh5Eq6M4mp...
43 B
673 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10265.dzHV387sja81rWqOrYjK3OIEoV8oX1YazV8mUuQ871rhfrT3Nlgc2xR6h41334jT_FkegeXSAZGkmM5f1DxMv0uzSMca8ZbN2vsv4nuti93nQ2aXVxbrhiGh7rG6aJm7Hh5Eq6M4mpq43D8nOeauKmqZgzpXdnaSA9OTg4YND4HzwYggvz0VYJZDdxRRMo-FZ7lAh1rpYWJ6wuOBlTjKFk_2TGMZ6Cuk5ERCM9ITUGk%2C.XtBfBPc7wkQmZ1qkXUxIpM70C-U%2C
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:13 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10265.dzHV387sja81rWqOrYjK3OIEoV8oX1YazV8mUuQ871rhfrT3Nlgc2xR6h41334jT_FkegeXSAZGkmM5f1DxMv0uzSMca8ZbN2vsv4nuti93nQ2aXVxbrhiGh7rG6aJm7Hh5Eq6M4mpq43D8nOeauKmqZgzpXdnaSA9OTg4YND4HzwYggvz0VYJZDdxRRMo-FZ7lAh1rpYWJ6wuOBlTjKFk_2TGMZ6Cuk5ERCM9ITUGk%2C.XtBfBPc7wkQmZ1qkXUxIpM70C-U%2C
date
Wed, 31 Jan 2024 19:07:13 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
497 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:13 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 31 Jan 2024 11:10:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65ba2a9a-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 31 Jan 2024 20:07:13 GMT
vendors~locale-pt-json-modern.e6c79349.js
js.intercomcdn.com/ Frame C96C
32 KB
9 KB
Script
General
Full URL
https://js.intercomcdn.com/vendors~locale-pt-json-modern.e6c79349.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.0dc2c5c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-70.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30513ceff04c6d0bf8373cf1d803411dbc3ddfadc93f6a3fce2375bd2ae29bfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
Ck9TC2EaRg7yINSGYZPAjs0eoubFK5DH
content-encoding
gzip
via
1.1 72818776d4abe4e5a732c084dae83f1a.cloudfront.net (CloudFront)
date
Wed, 31 Jan 2024 17:42:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-C1
age
5131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9006
last-modified
Fri, 26 Jan 2024 17:34:33 GMT
server
AmazonS3
etag
"44a47dd9d1a1651531683eef8f9f7ea4"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
4cRsJd_ac0wnKJpvZNCaXxlrkcAa6gkji-_va5ClvbpTEJkT9d80cA==
114dcf446f058a01bd3dd81e24e7b02d.png
downloads.intercomcdn.com/i/o/428145/9a41bc05dc8028cfff193a94/
555 B
1 KB
Image
General
Full URL
https://downloads.intercomcdn.com/i/o/428145/9a41bc05dc8028cfff193a94/114dcf446f058a01bd3dd81e24e7b02d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.143.135 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
076dea4023ede2ff9d9844dd837c09632552efd0b5bf00dd2be6e75cf71d5898
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 19:07:13 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-02153bee0fab8bfbb
content-security-policy
default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
status
200 OK
content-transfer-encoding
binary
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="114dcf446f058a01bd3dd81e24e7b02d.png"; filename*=UTF-8''114dcf446f058a01bd3dd81e24e7b02d.png
x-xss-protection
1; mode=block
x-request-id
001eqs8lkrmevhc79fsg
x-runtime
0.077085
last-modified
Thu, 20 Jul 2023 12:13:33 GMT
server
nginx
x-request-queueing
0
vary
Accept-Encoding
x-frame-options
deny
content-type
image/png
x-intercom-version
b1bc60ca1eed936ef681ba095a1a233e5997eb25
cache-control
max-age=86400, private
metrika_match.html
mc.yandex.com/metrika/ Frame 194F
2 KB
1 KB
Document
General
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://leon56.bet/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
869
content-type
text/html
date
Wed, 31 Jan 2024 19:07:13 GMT
etag
"65ba2a9a-365"
expires
Wed, 31 Jan 2024 20:07:13 GMT
last-modified
Wed, 31 Jan 2024 11:10:18 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/71598811/
Redirect Chain
  • https://mc.yandex.com/watch/71598811?wmode=7&page-url=https%3A%2F%2Fleon56.bet%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...
  • https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2Fleon56.bet%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
440 B
523 B
Fetch
General
Full URL
https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2Fleon56.bet%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A851377741330%3Ahid%3A593177776%3Az%3A60%3Ai%3A20240131200713%3Aet%3A1706728033%3Ac%3A1%3Arn%3A534047047%3Arqn%3A1%3Au%3A1706728033650063245%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C52%2C1%2C49%2C0%2C%2C20%2C1%2C2128%2C2128%2C0%2C381%3Aco%3A0%3Acpf%3A1%3Ans%3A1706728028197%3Agi%3AR0ExLjEuOTMxNTc4NDg3LjE3MDY3MjgwMjk%3D%3Afp%3A263%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706728033%3At%3AApostas%20online%20e%20Casino%20%7C%20B%C3%B3nus%20Leon%3A%20Aposta%20gr%C3%A1tis%20at%C3%A9%20200%E2%82%AC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
c9632ec67b91d7219d80c87e870bb9ddc232fdba2143ed1fffbfd0a41453ba53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 31-Jan-2024 19:07:13 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://leon56.bet
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
440
x-xss-protection
1; mode=block
expires
Wed, 31-Jan-2024 19:07:13 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:13 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 31-Jan-2024 19:07:13 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/71598811/1?wmode=7&page-url=https%3A%2F%2Fleon56.bet%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A851377741330%3Ahid%3A593177776%3Az%3A60%3Ai%3A20240131200713%3Aet%3A1706728033%3Ac%3A1%3Arn%3A534047047%3Arqn%3A1%3Au%3A1706728033650063245%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C36%2C52%2C1%2C49%2C0%2C%2C20%2C1%2C2128%2C2128%2C0%2C381%3Aco%3A0%3Acpf%3A1%3Ans%3A1706728028197%3Agi%3AR0ExLjEuOTMxNTc4NDg3LjE3MDY3MjgwMjk%3D%3Afp%3A263%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706728033%3At%3AApostas%20online%20e%20Casino%20%7C%20B%C3%B3nus%20Leon%3A%20Aposta%20gr%C3%A1tis%20at%C3%A9%20200%E2%82%AC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
https://leon56.bet
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 31-Jan-2024 19:07:13 GMT
1
mc.yandex.com/watch/71598811/
43 B
74 B
Ping
General
Full URL
https://mc.yandex.com/watch/71598811/1?page-url=goal%3A%2F%2Fleon56.bet%2FzABTestNewUsers&page-ref=https%3A%2F%2Fleon56.bet%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1706728033_c975f72d6c9acca974c6c95422337e9f35616d2ef0532ecde46f0be5707acfe1&browser-info=ar%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A1%3Als%3A851377741330%3Ahid%3A593177776%3Az%3A60%3Ai%3A20240131200713%3Aet%3A1706728034%3Ac%3A1%3Arn%3A704420766%3Arqn%3A2%3Au%3A1706728033650063245%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1706728028197%3Agi%3AR0ExLjEuOTMxNTc4NDg3LjE3MDY3MjgwMjk%3D%3Ahsa%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706728034%3At%3AApostas%20online%20e%20Casino%20%7C%20B%C3%B3nus%20Leon%3A%20Aposta%20gr%C3%A1tis%20at%C3%A9%20200%E2%82%AC&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)lt(28900)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22ab_test_light_mode%22%3A%7B%22dark%22%3A%7B%22visit%22%3A%22dark%22%7D%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:13 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 31-Jan-2024 19:07:13 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://leon56.bet
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 31-Jan-2024 19:07:13 GMT
1
mc.yandex.com/watch/71598811/
43 B
86 B
Ping
General
Full URL
https://mc.yandex.com/watch/71598811/1?page-url=goal%3A%2F%2Fleon56.bet%2FzInit&page-ref=https%3A%2F%2Fleon56.bet%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1706728033_c975f72d6c9acca974c6c95422337e9f35616d2ef0532ecde46f0be5707acfe1&browser-info=ar%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A1%3Als%3A851377741330%3Ahid%3A593177776%3Az%3A60%3Ai%3A20240131200713%3Aet%3A1706728034%3Ac%3A1%3Arn%3A563933089%3Arqn%3A3%3Au%3A1706728033650063245%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1706728028197%3Agi%3AR0ExLjEuOTMxNTc4NDg3LjE3MDY3MjgwMjk%3D%3Ahsa%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706728034%3At%3AApostas%20online%20e%20Casino%20%7C%20B%C3%B3nus%20Leon%3A%20Aposta%20gr%C3%A1tis%20at%C3%A9%20200%E2%82%AC&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(3)lt(28900)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22type%22%3A%7B%22web%22%3A%22desktop%22%7D%2C%22webVersion%22%3A%226.80.4%22%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://leon56.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:13 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 31-Jan-2024 19:07:13 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://leon56.bet
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 31-Jan-2024 19:07:13 GMT
changes
leon56.bet/api-2/betline/headline-matches/
60 KB
7 KB
Fetch
General
Full URL
https://leon56.bet/api-2/betline/headline-matches/changes?ctag=pt-PT&allVtag=9c2cd386-31e1-4ce9-a140-28e9b63a9300&flags=reg,urlv2,mm2,rrc
Requested by
Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.d.m.396fbf21.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.92.210.197 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
44f2833c644b47ae23780f12c848950aeec33c44bfe83174afdc54ee47634188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-app-layout
desktop
X-APP-THEME
DARK
x-app-browser
chrome
x-app-version
6.80.4
x-app-os
windows
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform
web
x-app-env
prod
Referer
https://leon56.bet/
x-app-language
pt_PT
x-app-modernity
modern
x-requested-uri
/
x-app-skin
default
x-app-rendering
csr

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 19:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
0
expires
0

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 string| __webpack_public_path__ object| initConfig object| webpackChunk_frontend_web boolean| __VUE__ object| dataLayer object| srtmCommands object| x object| y function| gtag object| mainApp object| __SENTRY__ object| google_tag_manager object| google_tag_data function| _rfi object| _adftrack function| esk function| ___esk object| _qevents object| _srt_namespace function| _srt_argus function| _ads_popstate_listener object| _ads function| onYouTubeIframeAPIReady object| gaGlobal function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP function| _b64dec function| quantserve function| __qc object| ezt object| _qoptions object| GlobalSnowplowNamespace function| snowplowApi object| Adform object| KJUR object| adf function| Intercom function| __intercomAssignLocation function| __intercomReloadLocation object| Ya object| __sentry_instrumentation_handlers__

75 Cookies

Domain/Path Name / Value
leon56.bet/ Name: ABTestSeed
Value: 52
leon56.bet/ Name: qtag_rfrr
Value: null-null
leon56.bet/ Name: ipfrom
Value: 31.204.153.193
leon56.bet/ Name: x-app-language
Value: pt_PT
leon56.bet/ Name: firstTheme
Value: DARK
.leon56.bet/ Name: _ga
Value: GA1.1.931578487.1706728029
.leon56.bet/ Name: _ga_JZZNGY93CC
Value: GS1.1.1706728029.1.0.1706728029.0.0.0
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: 6c4677bd-1b7e-4670-80bd-3dca64e87999
.eskimi.com/ Name: __eP
Value: 1
leoncas.com/ Name: Control
Value: OK
.leon56.bet/ Name: _gcl_au
Value: 1.1.1765446309.1706728030
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjYzMjQEkQZCfIa6_u5JSSGhxompIeaOALSQZDQlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjYzMjQEkQZCfIa6_u5JSSGhxompIeaOALSQZDQlAAAA
.adnxs.com/ Name: XANDR_PANID
Value: Rvxx5bwQ7q-rqErPm-4XF9QMtTrZVvrTi41jA8rJnt4ZfYnXN-8bpJk9vq0eNFiyKJq04RkqMPcXZNUmZIZhxkl_LkR22PW4-Qm1ZNSLgxU.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 3668238134883985166
.quantserve.com/ Name: mc
Value: 65ba9a5d-98ac4-9c4e5-edbfc
.leon56.bet/ Name: __qca
Value: P0-2136534541-1706728029491
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
leon56.bet/ Name: adformfrpid
Value: 6775683421121403950
.sportradarserving.com/ Name: zuuid
Value: ab67b39a-e8f2-463d-ba39-347943802a2b
.sportradarserving.com/ Name: c
Value: 1706728029
.sportradarserving.com/ Name: zuuid_lu
Value: 1706728029
.leon56.bet/ Name: _sp_srt_ses.e3f0
Value: *
.leon56.bet/ Name: _sp_srt_id.e3f0
Value: 86fa5b6a-3157-46c5-8a16-3d7c46444465.1706728030.1.1706728030..5bb31973-3fc8-4ccb-8226-f5aa58f16e85....0
.adform.net/ Name: CM
Value: 1|1
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1706728029
.sportradarserving.com/ Name: bss
Value: !bidswitch,475985229
.sportradarserving.com/ Name: cm4
Value: !bidswitch,476057229
.adform.net/ Name: uid
Value: 7353873387659289104
.adform.net/ Name: CM14
Value: 1706814429_1706728029_1706728029_1_Hu7u4e4e4R7u4e4REREeEREREA
.seadform.net/ Name: uid
Value: 7353873387659289104
.adnxs.com/ Name: anj
Value: dTM7k!M4/YD>6NRF']wIg2GVRoi#Vd!]tbPl1M66+q([OUf#%-[Rm2k3gFmFAwPSK+F.yOlymS=2]qq4!*0qZ(SUc*!1HLq:k[Qm
.casalemedia.com/ Name: CMID
Value: ZbqaXVLgR4FBqkyvf.X8uAAA
.casalemedia.com/ Name: CMPS
Value: 1137
.casalemedia.com/ Name: CMPRO
Value: 1137
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.semasio.net/ Name: SEUNCY
Value: 1DCF28FF734F1686
.eyeota.net/ Name: SERVERID
Value: 16523~DM
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 8492469179888309127
.ads.stickyadstv.com/ Name: UID
Value: 8b9a273756bb6fdd99255cada63d5c2e
.exelator.com/ Name: EE
Value: "d37edf627855de31ab47fb59c7d04e5b"
.rlcdn.com/ Name: pxrc
Value: CN206q0GEgUI6AcQABIGCLrqARAA
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHF2Dw1Jc3MyNzC1DQl1dgwMcnEPC3J1DLZPMXAJNU0aXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6Ij%252BfxUUpaQyLSopPBR%252FbUAYAx68q%252Bg%253D%253D"
cm.adsafety.net/ Name: cache0
Value: ZHgzeXg5czBXcVgwYWhGa1JrL05sQT09
.krxd.net/ Name: _kuid_
Value: QEbLUW--
.doubleclick.net/ Name: IDE
Value: AHWqTUnCggpx2MtoypcwW0p1BC-rpOxAEmK2TtrsQF05aOQp9v2miJJvWzTSJ5djECs
.rlcdn.com/ Name: rlas3
Value: zPjwutNfcyFtgui83pQORMeqyYLRBN5Xyx7fDkL1KZ0=
.demdex.net/ Name: demdex
Value: 83232509902390735744296389776586076218
.agkn.com/ Name: ab
Value: 0001%3AT8%2By9KUihlg3f%2Fu0bmcYQg9foxVDErGI
.adfarm1.adition.com/ Name: UserID1
Value: 7330341072021092493
.dpm.demdex.net/ Name: dpm
Value: 83232509902390735744296389776586076218
.audrte.com/ Name: arcki2
Value: fcgIntdAg8YRHyYGZpF8NbB2w!20220908!1706728030147!ip#31.204.153.193
.audrte.com/ Name: arcki2_adform
Value: 8492469179888309127!20220908!1706728030147
.w55c.net/ Name: wfivefivec
Value: MhvkibCj1RvfVs5
.w55c.net/ Name: matchadform
Value: 5
.weborama.fr/ Name: AFFICHE_W
Value: Gwq2FvFLXvwb48
.audrte.com/ Name: arcki2_ddp2
Value: fcgIntdAg8YRHyYGZpF8NbB2w!20220908!1706728030216
.bluekai.com/ Name: bku
Value: aG/99abSrZP8HMxf
.bluekai.com/ Name: bkpa
Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEQ6mE/6BMAhBpATmeQp1eAh1Mze9Jb7YaW=
.yandex.ru/ Name: i
Value: 6em7IePT9pA31D/Xym5cZbKWwY+FNDIflAGi6B8YZXaRz8qmUzgSUJ4nBudEZ4g2WQaVxONepsGkMB52l4ATavPEnsw=
.yandex.ru/ Name: yandexuid
Value: 1280053861706728032
.leon56.bet/ Name: _ym_uid
Value: 1706728033650063245
.leon56.bet/ Name: _ym_d
Value: 1706728033
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3485227151fake
.leon56.bet/ Name: intercom-id-cnjqphyx
Value: 00d6f116-0519-4783-9029-baa1b55417b6
.leon56.bet/ Name: intercom-session-cnjqphyx
Value:
.leon56.bet/ Name: intercom-device-id-cnjqphyx
Value: 129b0a0b-c612-4be2-a2b7-58a86dbc6bd3
.yandex.com/ Name: i
Value: fxYfyW8nXU9LPDUjPe7D/os7QhtZ8QiNOuVgTAQmLSfe0z5ySGjTI0Sr7LRe4qcLJvz8W8os/a+OeE7BbG6eHes1h8c=
.yandex.com/ Name: yandexuid
Value: 7089971861706728033
.leon56.bet/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1627979534fake

1 Console Messages

Source Level URL
Text
network error URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8492469179888309127/gdpr=/gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11843672.fls.doubleclick.net
20828756p.rfihub.com
a.audrte.com
a.sportradarserving.com
a1.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
adservice.google.com
api-iam.intercom.io
api.adrtx.net
beacon.krxd.net
c1.adform.net
c1.rfihub.net
cdnimages3.gcdn.co
cm.adsafety.net
cm.g.doubleclick.net
dmp.adform.net
downloads.intercomcdn.com
dpm.demdex.net
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js.intercomcdn.com
leon56.bet
leoncas.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
mc.yandex.com
mc.yandex.ru
mrspeedtime.gcdn.co
o237537.ingest.sentry.io
pdw-adf.userreport.com
pixel.quantserve.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
secure.quantserve.com
server.seadform.net
simage2.pubmatic.com
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
tm.ads.sportradar.com
token.rubiconproject.com
track.adform.net
track.leonretarget.com
tracker.ads.sportradar.com
uipglob.semasio.net
widget.intercom.io
www.googletagmanager.com
x.bidswitch.net
108.129.62.164
109.169.10.207
13.248.245.213
141.95.33.120
142.250.186.34
142.250.74.198
15.197.143.135
164.92.210.197
18.197.132.245
18.66.192.70
185.64.191.210
185.89.210.153
193.0.160.130
193.135.9.134
2001:4860:4802:32::36
213.19.162.80
23.213.165.82
23.35.237.56
2400:52e0:1e00::1082:1
2600:9000:20c3:d800:1:76cf:fe80:93a1
2600:9000:20c3:f200:6:44e3:f8c0:93a1
2600:9000:237d:d400:1b:5138:8a40:93a1
2606:4700:4400::ac40:9765
2607:ae80:192:1::172
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:82a::200a
2a02:26f0:ab00::214:8e43
2a02:6b8::1:119
2a02:6ea0:c700::10
2a03:90c0:41:2801::62
3.211.62.72
3.248.27.140
34.120.139.69
34.120.195.249
34.98.64.218
35.156.15.64
35.157.81.225
35.186.201.99
35.190.24.218
35.214.149.91
35.244.174.68
37.157.4.28
37.157.4.29
37.157.5.73
37.157.6.243
46.19.11.36
5.196.111.73
52.210.162.23
52.212.179.124
52.214.179.171
52.218.1.43
52.223.40.198
52.28.196.42
52.57.150.20
52.57.64.28
54.78.141.128
54.78.254.47
72.246.169.24
77.243.51.122
85.114.159.93
88.214.195.87
99.84.88.14
99.84.88.70
0221ab7257e009949d597ab49d1c20417abf521c41d2830bb5805f66f72052e3
02b21e3af4a183a5c8685684956228ce8d8020e1e6fe518b76f4cf20255199f7
02eb20e6baafefaa73d1c54753c69e1ae9a3c793acd9fa5a893568889560579a
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb
076dea4023ede2ff9d9844dd837c09632552efd0b5bf00dd2be6e75cf71d5898
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c2ca1a53e399b83d5677debffe60bb1dae176a2c6078b55ca6177fe4966bb7c
0cd88bf1651c172f09f38edef11dff2827f96a76cb21f900954b226b5201cf65
0d8d1320612526672636a70897996dbf4570fdb5f97216c038fd39af1d65aa02
0e6957f9ceb3eb5e1e1f52ed4b8ef1b61bd18b4e4592505cef744039623e39f6
1078942660d6324ca7a830be034d83a10345448265b8df4416541617cb9236fb
1575820b156d7b236631796fa643b02f1da96f537defb8c33a39467b8aae1816
15a5c4d999cb51c80b08cddf55770715a9a4057bc03fe898ab487a5ae894ba0b
1760bc8f7c37e3588fbfc82ee9f3dde4deb00a1ed709aba075efd3eaddc1ea2e
19d3cdd8981a0192d146a19c58f1a810a82eae3a05016946895bd21b6de51cdc
1ac23e09efd7dc358c10fd73d7d355c5b2c0934584a60b837a99afcc2de9b3a6
1ae57200ed7647d63409f8e916ff6f92adc907dac19e95992acfb8b9614ebb70
1f65b118d555986478fb827d1d71fcc89dcc7a271252df7db2b79aa9476eef0c
2519877cd89f9d2c36f296b4161300cec0b0ed52550bd462d9dab18e7fb03ab1
26492732e0be65fe2bef085e0d3144c6e43a33815a1026271745c0b630b5f903
268612056dcd8d75e80b9a72040ef4ac2542b3531bb26bdf5f0b036168c2e5fb
2a789b44412d2879eaf23bdec3da4f565594749435f436640a8f9bb35477fd10
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d8ca571f30ea0ab41b8e44e76878cf3e8a9149e948e9ef75406dbcab9edcaed
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30513ceff04c6d0bf8373cf1d803411dbc3ddfadc93f6a3fce2375bd2ae29bfc
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36ef46e15ad8804913decafc9b7513874320871a57165032a2c0c77bc23e86a1
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
3b99508cf90c21238259d723fcec9ae3ca413fbc9d403d6882139536c9f94c9c
3dda9b271d14659c452372e5ea0ffeff160b98f06a8f71a1636513fcc9dee439
3feb48577e3085ad8a5b1e399f77e2fc1275e1f45c11de8e92f2d684d9bba39d
404524a2d24c055d8c0e98cb7d5d9c5e3cf8b52a559303f2942cb55c4e8716f2
41e7f399d43cb4a9a7aa8ca6d93e0a3929a6b92bb723a3625a87dbfa28d1bf58
421c7984d466ea05b91aeee743419e25db65a76745b709df91586e270e33d2c1
4341ef2c4ebba9f521850226b89735fd6b12e1f8bed6a97412f920887fd59e00
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f2833c644b47ae23780f12c848950aeec33c44bfe83174afdc54ee47634188
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4a97350b51e6b3c0e2cf2629d37e101aab20ca27665dae3bc570a0bab814feb3
4ac204ab217dc94c4be73868480155565f221819e521b3b26f6b87f061d21163
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
536b7323cfad29438fce0e82cc89b314ce27d65845515c1d49179d9b74c3185d
53bffb3fc98e1c04470d1dc558af73077762110b1ca60d7093f245d102c1b439
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56ace48801308f4ff602494a54762d3dd0811e1bac95a3ed49b6854c4d657797
5dfbe72e3f5e1b51bf3db69ebfde87a7afa9a65c2097b835cc9952d67df4cd5c
5ea04293950145d6609c04ecd2ba7c81eb5677a09ba6128bd1ca4b3d0c1b1694
5f60ba2783fe1359d0ea58a96615b3e85756a33b0ea7d9cc5d20845128980a8c
60387f1d1d27fa56bad8c46893ce69da8ddac373e32f48da6fbd803f49c758f6
61a4d5d3f809f7a50d998649f92cf2af07d5a76649053e056255438e91ed54fa
6227fe0ea473018a99b01d1d97e7c83dc7b5ff7dc91c37b107c20747fe74fcff
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
6376e264ac24e50f7ac1866a86e23a3c0134ce82d6b059aefee2177b211effa9
67e22631beb6e0799e45823da83a4d56591b0595c0284c39df0ef269608f0269
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d6c5e637d7dfcc8144bcc33b4ccd7a6e3bc3ac839a088ae5b57106ff8e9709c
6e17b0821e9b7e789c616bac4ef7ea40f46b4b93a79b9746e836efee0e057d10
723bb1085b580594f9fdf60f021c4c50f971427fdac9b410103eff10e6bc670a
7264da55123b2bfd32964ebad35f5c0c1c6ef907141a0e935d591f7b6b682421
728bc61745b7d148ea2311d457daaee2f8908de685088ed1e0b8a8cd88bf23cc
73f414b418540a01d3a6dbaf3bc5aa900d0a4ecd2b5c2e641274022616817aaf
773427138fb983dd4aed2031fa643a1e27f311c5596b63c184a555652040c73d
775042c1fe9439c9066a6d08cb873a8be580b1f68bc1d0cec530291043fe3bd5
78271c224efe35393eead263436870aa77b3f67c0ee8abd649edfff455c5dfec
7932a568e46a8e621c355d67c40dbab4f3e4651425a413a5d44fe4b8b84dcfa3
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7e67ee52b9a022aa7601e1a818cfa91bd7bd9dd4d4e677e24891033ed87b9b61
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8587ddabce0b8a8885188878e3c472dac9f2ea3b916e4cb71a7d7fcbb98316e0
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
873db2426499d62d2bb673f5f9bdf24183ccfe35ddbef8c03d3f27e027b2e36b
88c494326d91c9a0a8c478560d66928951f0c73dc7c941c5b29b96d561075977
8907b46851812438e2e41b5b4b8d12c9ef48dd0264aba97fdc0a6d5b493a66d9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b5894221ba776c811f6afb47380f616da32b8d7c992542dfedefc3d40187e84
8c30b1965061ff20e0416e077d304ab5e179f86350351df01cb94fc287fcf520
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
921329187f251f77c4eeaf04ff2f3189cff526837179ccad6b898304fe14e52e
9233c36a8cd15798608d00680cf49014a5fa025f1af823a3f17b03f305094400
92896ae34590fc2005735b7c1e9bfbffa85ce42e697ed7778789d5fad473d70a
929885ea7adacffd121c0c69cc5a220a1772059c5a562d69d5fb55534136b1df
944f7c83f9b602ff682ca41332c5dc9dd2a0438ad7e255a001ec227526fc14f1
9500d42196478f9d0c4bd68ba9fc8d248bb4bc5b711532ca57f950bf5e311a1c
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
9689e2e3d2a73e95a6ffe1d9a91c1c1489c7191a84b5e1197150b077a5c96a57
988e9effd6680b71fa8355efb7f41e55baf7fa096fff438cc8838ad0186043a1
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9a1b10dacb76fa5da43b5c27b466898ba8819e463107544540ecce30737fa68d
9a8d842dbcf583e49fc9c648d54f6fa3721dabb382b0c4afb8cb5132993a9adb
9c641fd8ad8fc0517d4ee8d937866e2542fe7e0b07761c710a5c9a423b269dd9
9c84d910fbf793d057f4c08e0ee5585c26888fa2fcccbbaf41f577f06055370d
9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b737b68caf2e60ad921460b6c72ecce89a1012edc19f28668defe63a6f0556
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1407436d4f9b3e22bbe978717c11e9bee7dbee0ce32ea53bbb1720344927ab7
a3806300044c4d8c2da5208c7c4f6affa84960457fe34f75f62bbc193151ae61
a7498a752a83b2656232405d7dc180f4318ae9e312f208817cbe4aa46e19c03d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb126cc335d3af70094c5627edc02a541ceb27d3c6c51906dd80589795df8a
b2ff9509943b1285736cb250bfd58dbee50219de7394063cee1c5241b34dfcd7
b556f0d6710a129708f7544b71ca2a4f386850d98af8faa99602f5a5248a89a3
b7ef8f2e5750496cdcd4348ea2de7378a8e5c0d868d2ee79ee7875a8a0a8b65b
ba3508c735a5f71935708c30d0f84388433b6aaa267178959e28a650176243ae
bb0581de4c73e0dc2cc1522b7876e8d5a5f2415e2bfb648e480d6dfb812bb00f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbcb0ab0de80017508e91dbb9f5aac07fff7cfdd08107431745ca4c1300a3b4f
bc8b15ddfc34a6723ccbdcf7259fafed05899fe69390556429530bb17e35b986
bfc1416b8f40943094b75c48bbd27506112bfe5dc15da699fef5e5737934c141
c020aa5e9eb7aac89747e8a51508d90351d160dfe83e4b0a21dbbb0f05be0f9c
c35d7693a27259b4f2b3cbf122cbf3511ebd9858b4e9a50878d0326baeb32fa4
c3862cc2028935c5a5f21f873fe7efdc309a56a5776f5a55453c25e94c804b77
c3f5c70e8fcf98eb96aef139420e81980098774cacf73638ba869ccf29aed908
c5bfb621aa3e573fc4868a135a9facc4c67c894db8bbffb8c030cb7fe7a0a692
c71413a10196f2a53c02b21b9ee04b020768f5ad9380f7796389512b075f49d2
c7a5c397c1265b3e6772f0755430f941b5b706c38e947eb434d6b113cba73088
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9632ec67b91d7219d80c87e870bb9ddc232fdba2143ed1fffbfd0a41453ba53
cc927609fd065750a82c703c0d05f63a632175b5509edba228a1893a3406e0d1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18703d057bb73b6870ec414d1dbf44e86e38b3813ae41485897c0b23f38b2f9
d4ea58c2a69e05111369a946a2b2d1c69597923586c7e7a81a5ca38975087940
d96cd3d4bb4d292da511351f0c5dadb7662ed36a43d3b40e2f9054f5cd4fcdd8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e19237af2d984f7b772577bee8f16b86c42e21212c0f9cb0fb17762cc2de04e4
e20447342f43ca37bd409ecfb4a33e10ffd836473d9f47503f8d4064451552dc
e26fd656ef994c9b426d04d1c686e699b91a0e2d396667e886688a74c16a4498
e2aa34b0d5b8bc2a9080c3048f83847717539eee187d5e85fff9fb88a3e9e9a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fbc87809643ca41ca11b60874a37cde525f14a705124717aca87c5df0bd29f
e8540306a707e9169f22542b923f711daac148b08742acd582d5cb11a43363a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6aeb7e8242a0d311bfd1e660ce1b89ac13925843dccc09ce0d953576f6611c6
f7c787a6c2d25303927c9c7a8c60a941044203e259f96a120f8559aac119b7da
f84ab34acb32b3f9aae3704fe618ae95d9bf519b6fc09a297a37014465d8a124
fa3b577a638cbb33b1bc0324a32c3f032f945586d316b994e73b766d6e776b66
faa28d664ff8d077dc0d26e5c3d5af09004f4d1e0cb4f4697e9067b2e5d17b2f
fe26a1772d4c6a0a07b933f71d9cf7a02bf9a0e6866ba9e820b7590a957c7676