URL: https://lesapremium168.com/
Submission: On September 28 via api from JP — Scanned from JP

Summary

This website contacted 15 IPs in 4 countries across 10 domains to perform 120 HTTP transactions. The main IP is 2606:4700:4400::ac40:9402, located in United States and belongs to CLOUDFLARENET, US. The main domain is lesapremium168.com.
TLS certificate: Issued by WE1 on September 28th 2024. Valid for: 3 months.
This is the only time lesapremium168.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:440... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 142.250.207.4 15169 (GOOGLE)
2 2600:9000:26a... 16509 (AMAZON-02)
1 18.65.207.24 16509 (AMAZON-02)
1 142.251.42.131 15169 (GOOGLE)
52 172.64.148.2 13335 (CLOUDFLAR...)
40 34.120.134.211 396982 (GOOGLE-CL...)
1 3.165.39.42 16509 (AMAZON-02)
1 99.84.55.36 16509 (AMAZON-02)
1 23.210.26.20 20940 (AKAMAI-ASN1)
3 23.50.118.163 20940 (AKAMAI-ASN1)
1 23.50.118.172 20940 (AKAMAI-ASN1)
2 104.16.170.118 13335 (CLOUDFLAR...)
120 15
Apex Domain
Subdomains
Transfer
65 lesapremium168.com
lesapremium168.com
3 MB
40 pailigrgr.com
cms.pailigrgr.com
6 MB
5 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 6020
api.livechatinc.com — Cisco Umbrella Rank: 5752
secure.livechatinc.com — Cisco Umbrella Rank: 7149
34 KB
2 sreanalyze.com
3s.sreanalyze.com — Cisco Umbrella Rank: 632955
469 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 957
script.hotjar.com — Cisco Umbrella Rank: 1386
61 KB
2 anjouangaming.org
05324ad8-4fed-4591-a828-336da19ccdfe.snippet.anjouangaming.org
20 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3537
234 B
1 gstatic.com
www.gstatic.com
216 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
968 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
104 KB
120 10
Domain Requested by
65 lesapremium168.com lesapremium168.com
40 cms.pailigrgr.com lesapremium168.com
3 api.livechatinc.com cdn.livechatinc.com
2 3s.sreanalyze.com lesapremium168.com
2 05324ad8-4fed-4591-a828-336da19ccdfe.snippet.anjouangaming.org lesapremium168.com
1 secure.livechatinc.com cdn.livechatinc.com
1 cdn.livechatinc.com lesapremium168.com
1 vc.hotjar.io lesapremium168.com
1 script.hotjar.com static.hotjar.com
1 www.gstatic.com www.google.com
1 static.hotjar.com lesapremium168.com
1 www.google.com lesapremium168.com
1 www.googletagmanager.com lesapremium168.com
120 13

This site contains links to these domains. Also see Links.

Domain
verification.anjouangaming.org
Subject Issuer Validity Valid
lesapremium168.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.snippet.anjouangaming.org
GlobalSign GCC R6 AlphaSSL CA 2023
2024-07-09 -
2025-08-10
a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
cms.pailigrgr.com
WR3
2024-08-31 -
2024-11-29
3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-02-07 -
2025-03-08
a year crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-10 -
2025-07-10
a year crt.sh
3s.sreanalyze.com
E5
2024-09-18 -
2024-12-17
3 months crt.sh

This page contains 2 frames:

Primary Page: https://lesapremium168.com/
Frame ID: 04E8DF0869C16A34EFE0BACBDA338E28
Requests: 124 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=17898843&group=0&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Frame ID: 9008AEB52FBD4C83238BF65E554C37B4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Les Ambassadeurs Premium

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

120
Requests

100 %
HTTPS

21 %
IPv6

10
Domains

13
Subdomains

15
IPs

4
Countries

9803 kB
Transfer

13976 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

120 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lesapremium168.com/
16 KB
5 KB
Document
General
Full URL
https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82191672c11a2317a35effefe7979fc7ef2d67a3b260871f8cfc5983b2b8084d
Security Headers
Name Value
X-Frame-Options ON

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-method
*
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8ca717748ddbd790-NRT
content-encoding
br
content-type
text/html
date
Sat, 28 Sep 2024 22:15:21 GMT
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-frame-options
ON
speculation
lesapremium168.com/cdn-cgi/
128 B
246 B
Other
General
Full URL
https://lesapremium168.com/cdn-cgi/speculation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://lesapremium168.com
Referer
https://lesapremium168.com/

Response headers

cf-ray
8ca7177659a7d790-NRT
access-control-allow-origin
https://lesapremium168.com
content-length
128
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
loading.gif
lesapremium168.com/img/
26 KB
26 KB
Image
General
Full URL
https://lesapremium168.com/img/loading.gif?v=20240517
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d16f01f929ee90504d5ddbfdb6bb3bb77be80b2bb1b5920fbeef079783a7f461
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ad-6bc6"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:21 GMT
cf-polished
origSize=27590, status=webp_bigger
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
image/gif
last-modified
Tue, 24 Sep 2024 07:13:49 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177659a9d790-NRT
access-control-allow-origin
*
server
cloudflare
rocket-loader.min.js
lesapremium168.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://lesapremium168.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"66f525c6-302c"
x-content-type-options
nosniff
cf-ray
8ca717768a0bd790-NRT
expires
Mon, 30 Sep 2024 22:15:21 GMT
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 09:13:42 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
yunwei.js
lesapremium168.com/saconfig/secure/
649 B
594 B
Script
General
Full URL
https://lesapremium168.com/saconfig/secure/yunwei.js?5758540
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f23d99b4189eeaeb5c3e5ad876a354982dceed96699508a48dfac70195ebb09
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-headers
*
access-control-allow-method
*
cache-control
public, max-age=16070400
content-encoding
br
cf-cache-status
HIT
etag
W/"66f4f9ce-289"
cf-ray
8ca71776da91d790-NRT
expires
Wed, 02 Apr 2025 22:15:21 GMT
access-control-allow-origin
*
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 06:06:06 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
ON
favicon-16x16.png
lesapremium168.com/img/icons/
322 B
471 B
Other
General
Full URL
https://lesapremium168.com/img/icons/favicon-16x16.png?v=20240522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
685ba0e03ed1ffe35c67165d2362415662e9ef77e896e03607fed07f0cf48dad
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
"66f266ad-277"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:21 GMT
cf-polished
origFmt=png, origSize=631
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
image/webp
content-disposition
inline; filename="favicon-16x16.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:49 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca71776eac0d790-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
322
server
cloudflare
3s_web_detect.js
lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/
45 KB
16 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fab401344254db25ce0d3e10494cb8ab70b50306097042e5ee42d5020e5dd0
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-b2ba"
expires
Wed, 02 Apr 2025 22:15:21 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca717775babd790-NRT
access-control-allow-origin
*
server
cloudflare
loading.gif
lesapremium168.com/img/
26 KB
26 KB
Image
General
Full URL
https://lesapremium168.com/img/loading.gif?v=20240621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d16f01f929ee90504d5ddbfdb6bb3bb77be80b2bb1b5920fbeef079783a7f461
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ad-6bc6"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:21 GMT
cf-polished
origSize=27590, status=webp_bigger
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
image/gif
last-modified
Tue, 24 Sep 2024 07:13:49 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca717776baed790-NRT
access-control-allow-origin
*
server
cloudflare
chunk-libs.17395773.css
lesapremium168.com/cdn/34dtfrFM/static/css/
431 KB
85 KB
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/chunk-libs.17395773.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91908b91456970196dd3ad140f92c657f82ea37690647dea5b86f399f311c9de
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-6bdcb"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:21 GMT
cf-polished
origSize=441803
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca717782d27d790-NRT
access-control-allow-origin
*
server
cloudflare
app.8ed21bc6.css
lesapremium168.com/cdn/34dtfrFM/static/css/
281 KB
59 KB
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
626753804212588f6fa420b4dee065cfb0a9a591116561d7dcab4c218c885911
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-464d2"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:21 GMT
cf-polished
origSize=287954
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca717782d2ad790-NRT
access-control-allow-origin
*
server
cloudflare
runtime.8530acaf.js
lesapremium168.com/cdn/34dtfrFM/static/js/
11 KB
4 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a4dc9682123896f5878d6c2a7c4f166ad71dd68438271f4e5f3963296dc3c6
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-headers
*
access-control-allow-method
*
cache-control
public, max-age=16070400
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-2aee"
cf-ray
8ca717782d2cd790-NRT
expires
Wed, 02 Apr 2025 22:15:21 GMT
access-control-allow-origin
*
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
ON
chunk-libs.d2851cb6.js
lesapremium168.com/cdn/34dtfrFM/static/js/
1 MB
422 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-libs.d2851cb6.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b82225856d1cd645e1d48828032b3d322e90e535812c2ed360758d4c448d645
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-headers
*
access-control-allow-method
*
cache-control
public, max-age=16070400
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-14ab75"
cf-ray
8ca717782d2dd790-NRT
expires
Wed, 02 Apr 2025 22:15:21 GMT
access-control-allow-origin
*
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
ON
app.466a09c0.js
lesapremium168.com/cdn/34dtfrFM/static/js/
1 MB
378 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/app.466a09c0.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08864bcb3fd2509bfc61657f4a4562019ede6b50d562355ff45b8ef17d4ee67
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-headers
*
access-control-allow-method
*
cache-control
public, max-age=16070400
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-14fff1"
cf-ray
8ca717782d2fd790-NRT
expires
Wed, 02 Apr 2025 22:15:21 GMT
access-control-allow-origin
*
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
ON
gtm.js
www.googletagmanager.com/
310 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=G-7C3TKV64XE
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc8f4d0f4c842c6b0da41b65aa86377f14bcd17a276edc9d5bd74eb1dca70f6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 28 Sep 2024 22:15:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105512
x-xss-protection
0
server
Google Tag Manager
api.js
www.google.com/recaptcha/
1 KB
968 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f4.1e100.net
Software
ESF /
Resource Hash
8283c17f73e83b8b2b22fc926a02fe45f4fe800cbcc922a9a96bee9d8dfcb91f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 22:15:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sat, 28 Sep 2024 22:15:21 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
anj-seal.js
05324ad8-4fed-4591-a828-336da19ccdfe.snippet.anjouangaming.org/
3 KB
2 KB
Script
General
Full URL
https://05324ad8-4fed-4591-a828-336da19ccdfe.snippet.anjouangaming.org/anj-seal.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a7:6e00:a:4a4b:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a86c6971c494911b13eee3c3716a60798bf3094ead87b9ac0077553a4effaaed
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=300
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"c5e-5BBa+S4sCvxtjxDi+pv7JzNZ40I"
age
185
via
1.1 7785370059b13ac99a7e518a58d7632c.cloudfront.net (CloudFront)
cf-ray
8ca712ef9e98db4f-NRT
x-cache
Hit from cloudfront
x-amz-cf-id
ciIbsOWbOtnnGnu-GsfwSQk00Tdr1M_VDhT32c6Wda_YMOCxBmQ-NQ==
date
Sat, 28 Sep 2024 22:12:16 GMT
content-type
text/javascript; charset=utf-8
x-powered-by
Express
server
cloudflare
x-amz-cf-pop
NRT20-P2
hotjar-3636929.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3636929.js?sv=6
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.207.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-207-24.nrt57.r.cloudfront.net
Software
/
Resource Hash
bd79386f11aacfaa614ebc4450935fd01b30d10c1c97801f31b10358d3ae06d3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/b7aefde95d45dea8961c846a1f7a43b8
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 9d4586c3d96c296deb0177ba3471c4a4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
H6uufsIh-lZXKJo62HGGoy0c8KnaWhjwEgIGcbdUWfPX7-8zfYgiKw==
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
NRT57-P3
recaptcha__ja.js
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/
542 KB
216 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__ja.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
sffe /
Resource Hash
6c3ecc39856ed3dd146a5547490f5bf001beb4ed3ab8bb106082576e64519500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://lesapremium168.com
Referer
https://lesapremium168.com/

Response headers

content-encoding
gzip
age
212359
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 11:16:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 11:16:02 GMT
last-modified
Tue, 03 Sep 2024 02:00:38 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221112
x-xss-protection
0
server
sffe
NotoSans-Regular.b98743c6.woff2
lesapremium168.com/cdn/34dtfrFM/static/fonts/
177 KB
177 KB
Font
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/fonts/NotoSans-Regular.b98743c6.woff2
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
790496259bd0834dc5639e6b3f79b1c1935a8f9ae34037f5ff3f2f4f295e9f8c
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://lesapremium168.com
Referer
https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css

Response headers

access-control-allow-method
*
cf-cache-status
HIT
etag
"66f266ac-2c2c4"
age
185
expires
Wed, 02 Apr 2025 22:15:21 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Sep 2024 22:15:21 GMT
content-type
font/woff2
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca71778ea9780b9-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
180932
server
cloudflare
truncated
/
15 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b68932598f2ea9afd2732098bd2f2e9c9d4dd65bf8fe04b336d843db22892853

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
29 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
299d3d868ca100da2712a8c464b8a18e78b2dccaeccb9af1b646d44ef48747c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8d08fba91db7c7e87a753b77c019397583ef8f8c50e02223607e5a8e5ecd5ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf544db025c447300eb6ce1eb9758ca5578fc1ce43fe6b58c6870f839cfdd4f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c3691d6c51230c03d9538914be8ef7d125e44ceb30fc2b5ec4bf720c01b957e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9995da44228402c0786376d1a4ff8ea83649fb77efa7e67f32bf06cdeefe1807

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
chunk-commons.0ce821c1.css
lesapremium168.com/cdn/34dtfrFM/static/css/
45 KB
7 KB
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/chunk-commons.0ce821c1.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56cf45353297cea9df8ca16b676eed9f335232c8282b160b79b71e291ef09d0
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-b51e"
age
186
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origSize=46366
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bbbe680b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-commons.280e43eb.js
lesapremium168.com/cdn/34dtfrFM/static/js/
49 KB
12 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-commons.280e43eb.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f3f8e77f781fbdce8a1ef4e8dcee7c0b066c115b6d9b4986ed9f833974ce8b
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-c5fe"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca7177bbbe780b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-72a25d66.54015f64.js
lesapremium168.com/cdn/34dtfrFM/static/js/
115 KB
29 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-72a25d66.54015f64.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b22813eeb073c8974f034008a49f0ee362746202bd3f7e0c48b3565e343c18
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-1cdd4"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca7177bbbe880b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-07a9beab.b7662616.css
lesapremium168.com/cdn/34dtfrFM/static/css/
21 KB
4 KB
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/chunk-07a9beab.b7662616.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3beaa077f228410021c7394f1566da6953f47dac631f0cb585c8d81c94a1ab18
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-5322"
age
186
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origSize=21282
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bbbe980b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-07a9beab.57e43076.js
lesapremium168.com/cdn/34dtfrFM/static/js/
27 KB
8 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-07a9beab.57e43076.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab46bde48519f61190817a77e73fc90fe94816ffb36f7d6bd7010280d35f2f6
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-6a55"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca7177bbbea80b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-6a64b0ee.7aa143a5.css
lesapremium168.com/cdn/34dtfrFM/static/css/
3 KB
956 B
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/chunk-6a64b0ee.7aa143a5.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cff673315e0af174905a1e58bddf8a2c05e55fec8f96bf59bc76ae016acebcf
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-b47"
age
186
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origSize=2887
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bcbf580b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-6a64b0ee.3d328947.js
lesapremium168.com/cdn/34dtfrFM/static/js/
6 KB
2 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-6a64b0ee.3d328947.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c447bd798f56f394e78a702bddba131a17255e1e2b8082731604a1745599773f
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-1697"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca7177bcbf780b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-1351d827.ace476ac.css
lesapremium168.com/cdn/34dtfrFM/static/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/chunk-1351d827.ace476ac.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47442a5de775c492ceac601812ca87aaedc9900501a7561887dd3a7df6c0b77e
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-d1c"
age
186
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origSize=3356
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bcbfa80b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-1351d827.71705d65.js
lesapremium168.com/cdn/34dtfrFM/static/js/
3 KB
1 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-1351d827.71705d65.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
528c8cf48d0e3a66144a752466caf7745761e8cbdc315aec0a40eefed6ed04bd
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-aff"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca7177bcbfb80b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-08620e15.bd4b3256.css
lesapremium168.com/cdn/34dtfrFM/static/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/chunk-08620e15.bd4b3256.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
309cd6556f717443171c95c561afe51e42c042e72d02e73772ab65ec45fab8a4
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-17fc"
age
186
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origSize=6140
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bdbfc80b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-08620e15.d93c62bb.js
lesapremium168.com/cdn/34dtfrFM/static/js/
4 KB
2 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-08620e15.d93c62bb.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25747aa9a0df934cb61dda2e12130050971c68cc7a6e1c739550f20e72b1bc12
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-1037"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca7177bdbfd80b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-ebb003b6.6354c1ba.css
lesapremium168.com/cdn/34dtfrFM/static/css/
2 KB
780 B
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/chunk-ebb003b6.6354c1ba.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ff409db15fc3308a9ee913fc0d132138b10dd443f086ff9b8b70cb78c8e7ab0
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-80d"
age
186
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bdbfe80b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-ebb003b6.4d44d129.js
lesapremium168.com/cdn/34dtfrFM/static/js/
4 KB
2 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-ebb003b6.4d44d129.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eae1e5cc5190416972f2dbd28d04db8492c16bb75f5875812433ccdccc3d872
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-e67"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca7177bdbff80b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-9d7769be.db4a7115.css
lesapremium168.com/cdn/34dtfrFM/static/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/chunk-9d7769be.db4a7115.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f426a2ce3e126879a7490c32f18fa26ce3f7b8adcf14951ab7e2c8f2f3d3489
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-ec1"
age
186
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origSize=3777
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bdc0080b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-9d7769be.73967af1.js
lesapremium168.com/cdn/34dtfrFM/static/js/
2 KB
968 B
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-9d7769be.73967af1.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a80b2863516a1c2f91d7e2f6a332bb65ea2265ad1a421fd5f72db9dc9932da
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-861"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca7177bdc0180b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-ba0ffeb6.2e81b056.css
lesapremium168.com/cdn/34dtfrFM/static/css/
2 KB
685 B
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/chunk-ba0ffeb6.2e81b056.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e77b7eee0130ea4b49e5ed639996cfbacc78774f7bf69a3712830455a233f6cf
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-96e"
age
186
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bdc0280b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-ba0ffeb6.552ad928.js
lesapremium168.com/cdn/34dtfrFM/static/js/
4 KB
2 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-ba0ffeb6.552ad928.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11700a909a89aeb0150ae6b0f2ad049cff0600a248bd8d2e82f60c1c5cf8826a
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-1100"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca7177bdc0380b9-NRT
access-control-allow-origin
*
server
cloudflare
header-pc-dec.57884c46.webp
lesapremium168.com/cdn/34dtfrFM/static/img/
31 KB
32 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/header-pc-dec.57884c46.webp
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e18591db67d672aba6f4b41d505997ac2e7b48091273a69a5a30676d797d5a9
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css

Response headers

access-control-allow-method
*
cf-cache-status
HIT
etag
"66f266ac-7dae"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bdc0880b9-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
32174
server
cloudflare
flag_en.8c7e9690.png
lesapremium168.com/cdn/34dtfrFM/static/img/
940 B
1 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/flag_en.8c7e9690.png
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac14657bc75fe509c3cf4601455f7ea4a6adf4d9a68810ccecd7e2694416892
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-5a7"
age
186
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=1447
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="flag_en.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bec0d80b9-NRT
access-control-allow-origin
*
server
cloudflare
flag_zh.b880ac7d.png
lesapremium168.com/cdn/34dtfrFM/static/img/
458 B
762 B
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/flag_zh.b880ac7d.png
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7ba98ba74e58d8fdfb573ba13e4e50c86e9593a765cdac84e9f9541d89de644
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
"66f266ac-31b"
age
186
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=795
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="flag_zh.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bec0e80b9-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
458
server
cloudflare
home_bg_dec.50201ffa.jpg
lesapremium168.com/cdn/34dtfrFM/static/img/
116 KB
116 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/home_bg_dec.50201ffa.jpg
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fca727b43e0a7ffc54850492e28400da085c50c45c458d0df58dc7bacb2693c3
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-205f4"
age
186
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origSize=132596
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/jpeg
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177bec0f80b9-NRT
access-control-allow-origin
*
server
cloudflare
NotoSans-Bold.1b92d27f.woff2
lesapremium168.com/cdn/34dtfrFM/static/fonts/
175 KB
175 KB
Font
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/fonts/NotoSans-Bold.1b92d27f.woff2
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b89f59f732e55af5aa7be9545f9c2785dfadc9a20ea30fc4e0f9fa9b70fb11a
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://lesapremium168.com
Referer
https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css

Response headers

access-control-allow-method
*
cf-cache-status
HIT
etag
"66f266ac-2bccc"
age
185
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
font/woff2
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177c3c4e80b9-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
179404
server
cloudflare
jsencrypt.js
lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/
54 KB
17 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/jsencrypt.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edeaad5283ed8f4151b27d7832a6c6ebe99cc49eb0a8d0ebeae99d4190721c91
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ad-d81f"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:49 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca7177bec1880b9-NRT
access-control-allow-origin
*
server
cloudflare
paho-mqtt.js
lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/
120 KB
22 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/paho-mqtt.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6ee3833d52f14d4daccb07629870598212631eed96c3167e8c616f8d10a6e0a
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ad-1de51"
age
186
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:49 GMT
vary
Accept-Encoding
access-control-allow-headers
*
x-frame-options
ON
cache-control
public, max-age=16070400
cf-ray
8ca7177bec1980b9-NRT
access-control-allow-origin
*
server
cloudflare
logo_pc.54b87738.png
lesapremium168.com/cdn/34dtfrFM/static/img/
8 KB
8 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/logo_pc.54b87738.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f60d2f61eae499e62c0a3fa5e54c9a389651eb68059649414b4f92b2308cc7a1
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-3106"
age
185
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=12550
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="logo_pc.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177c2c3d80b9-NRT
access-control-allow-origin
*
server
cloudflare
arrow-white.40786c37.png
lesapremium168.com/cdn/34dtfrFM/static/img/
242 B
548 B
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/arrow-white.40786c37.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b07debb222b93fdeb4b083e14aab9b5d4d0e309ad37936bf12b2d3bde2efe477
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
"66f266ac-1b2"
age
185
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=434
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="arrow-white.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177c2c3f80b9-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
242
server
cloudflare
pc-download-en.c04a0d99.png
lesapremium168.com/cdn/34dtfrFM/static/img/
96 KB
96 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/pc-download-en.c04a0d99.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63acd90239a6073a9fdfa66d54201dbbcb979e79bd79391641143816b7109993
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-36040"
age
185
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=221248
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="pc-download-en.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177c2c4180b9-NRT
access-control-allow-origin
*
server
cloudflare
license.185db188.png
lesapremium168.com/cdn/34dtfrFM/static/img/
21 KB
22 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/license.185db188.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
771b8ba3ba9a3bd1bf6a02812d5a4ac9a61ddbf26086fc6528048570e81c4d5f
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-93cb"
age
185
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=37835
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="license.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177c2c4380b9-NRT
access-control-allow-origin
*
server
cloudflare
18.017de9c9.png
lesapremium168.com/cdn/34dtfrFM/static/img/
3 KB
3 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/18.017de9c9.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a85b57de9bcd21c9bab5936cb9d84bb3aed397e62549f787d524539e12b953
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-21a5"
age
185
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=8613
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="18.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177c2c4580b9-NRT
access-control-allow-origin
*
server
cloudflare
8c1611600ab33d94915a7031fd03c006-lesapremium168.com-38edd313635cdf4db9b1cf86bfd92e2b04c3c1b4a663be23f548cf1c580290be5a43ab12deacc6d6b8fd13c6ffa5677e-c2VhbC5wbmc%3D
05324ad8-4fed-4591-a828-336da19ccdfe.snippet.anjouangaming.org/sealassets/
18 KB
18 KB
Image
General
Full URL
https://05324ad8-4fed-4591-a828-336da19ccdfe.snippet.anjouangaming.org/sealassets/8c1611600ab33d94915a7031fd03c006-lesapremium168.com-38edd313635cdf4db9b1cf86bfd92e2b04c3c1b4a663be23f548cf1c580290be5a43ab12deacc6d6b8fd13c6ffa5677e-c2VhbC5wbmc%3D?status=valid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a7:6e00:a:4a4b:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1e9fd3a32db5d42700823a8fe518dbee9acde90a0de24d5fd6661b89e1f6fce6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=1200
cf-cache-status
DYNAMIC
etag
W/"471c-t8NRZo8/bYWu0yVr5+S8xrXV7Fg"
age
185
via
1.1 7785370059b13ac99a7e518a58d7632c.cloudfront.net (CloudFront)
cf-ray
8ca712f69a3b2095-NRT
x-cache
Hit from cloudfront
content-length
18204
x-amz-cf-id
w523UgUlnJYcLKNEqz6UrwqgL2bm1bfe2qntDDKMv7fJCe6b4zvUUA==
date
Sat, 28 Sep 2024 22:12:17 GMT
content-type
image/png
x-powered-by
Express
server
cloudflare
x-amz-cf-pop
NRT20-P2
queryActivityConstants
lesapremium168.com/_api_/throne-api/activity/
74 B
309 B
XHR
General
Full URL
https://lesapremium168.com/_api_/throne-api/activity/queryActivityConstants
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f80f442f42f8fc05c9be254a0a8e9edc474373e4d3b97d92ce8e6b145c0f235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

ts
1727561722261
qid
29b6d23ac202a97d14fd5b02f59db2fb
authorization
Basic a3JhdG9zLWNsaWVudDoxMjM0NTY=
sign
a8ee6c8201d7e666e56b762bc83ecc9a
Referer
https://lesapremium168.com/
tz
+0900
v
v1.0.0
lg
en-US
mcode
7a5fbeac19
aid
28eb6b8946454484a7ccbc0bf43fc273
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
dm
lesapremium168.com
Content-Type
application/json

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
0
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/json;charset=UTF-8
access-control-allow-headers
*
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
referrer-policy
no-referrer
cf-ray
8ca7177c2c4780b9-NRT
access-control-allow-origin
*
x-xss-protection
1 ; mode=block
server
cloudflare
json_version_list.json
cms.pailigrgr.com/live/json/
797 B
835 B
XHR
General
Full URL
https://cms.pailigrgr.com/live/json/json_version_list.json?v=1727561722495
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c419627841f2b8d4e325ec7c1a00d998e6e9221d447b21235f465f35cbc583a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=G963+g==, md5=iZBlHvdSlroJ2xPwlV0daQ==
etag
"8990651ef75296ba09db13f0955d1d69"
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
265
date
Sat, 28 Sep 2024 22:15:22 GMT
last-modified
Fri, 27 Sep 2024 09:56:29 GMT
vary
Accept-Encoding
content-type
application/json
x-guploader-uploadid
AD-8ljt4AC9pYpvS_ASJdeOL2ogFsPg24L3sUKIzNBD96005Jk1C5nEjT6qnYry9dnB6L_l_OXk
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727430989634806
content-length
265
server
UploadServer
checkIp
lesapremium168.com/_api_/api/v1/common/
147 B
334 B
XHR
General
Full URL
https://lesapremium168.com/_api_/api/v1/common/checkIp
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb2f795ef18f2c7c15961cc11180d8d2a5e44292f1d9f5b658ec9f15415d3a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

ts
1727561722497
qid
0cc09972004a797fbbd223de334be5c5
authorization
Basic a3JhdG9zLWNsaWVudDoxMjM0NTY=
sign
9877e448a794282a78a0470f55c2cbfb
Referer
https://lesapremium168.com/
tz
+0900
v
v1.0.0
lg
en-US
mcode
7a5fbeac19
aid
28eb6b8946454484a7ccbc0bf43fc273
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
dm
lesapremium168.com
Content-Type
application/json
fnp
6470e458f71f7266433d8d963db9445e

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
0
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/json
access-control-allow-headers
*
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
referrer-policy
no-referrer
cf-ray
8ca7177d9cd980b9-NRT
access-control-allow-origin
*
x-xss-protection
1 ; mode=block
server
cloudflare
config
lesapremium168.com/_api_/api/v1/common/
24 KB
5 KB
XHR
General
Full URL
https://lesapremium168.com/_api_/api/v1/common/config
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
204e98145aaf6a53dad477e21a28bf779ec8fa8d16992d500364c335a1519356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

ts
1727561722497
qid
ed8880de1a1bf11d0063552031f1ad72
authorization
Basic a3JhdG9zLWNsaWVudDoxMjM0NTY=
sign
a0778f15b0d32db01394e52bf545d92b
Referer
https://lesapremium168.com/
tz
+0900
v
v1.0.0
lg
en-US
mcode
7a5fbeac19
aid
28eb6b8946454484a7ccbc0bf43fc273
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
dm
lesapremium168.com
Content-Type
application/json
fnp
6470e458f71f7266433d8d963db9445e

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/json
access-control-allow-headers
*
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
referrer-policy
no-referrer
cf-ray
8ca7177d9cda80b9-NRT
access-control-allow-origin
*
x-xss-protection
1 ; mode=block
server
cloudflare
queryActivityConstants
lesapremium168.com/_api_/throne-api/activity/
74 B
328 B
XHR
General
Full URL
https://lesapremium168.com/_api_/throne-api/activity/queryActivityConstants
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f80f442f42f8fc05c9be254a0a8e9edc474373e4d3b97d92ce8e6b145c0f235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

ts
1727561722503
qid
295c948fed164a539a45f67ecba04724
authorization
Basic a3JhdG9zLWNsaWVudDoxMjM0NTY=
sign
c394991cc59f9a4f3cc09442929e1f9f
Referer
https://lesapremium168.com/
tz
+0900
v
v1.0.0
lg
en-US
mcode
7a5fbeac19
aid
28eb6b8946454484a7ccbc0bf43fc273
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
dm
lesapremium168.com
Content-Type
application/json
fnp
6470e458f71f7266433d8d963db9445e

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/json;charset=UTF-8
access-control-allow-headers
*
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
referrer-policy
no-referrer
cf-ray
8ca7177dacdf80b9-NRT
access-control-allow-origin
*
x-xss-protection
1 ; mode=block
server
cloudflare
modules.0721e7cf944cf9d78a0b.js
script.hotjar.com/
224 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3636929.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.39.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-39-42.nrt12.r.cloudfront.net
Software
/
Resource Hash
b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"ac12d2f9dbf41b678b7eb52a4d3e70f3"
age
809594
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
5yzToIhMWNv4K9i919TFdIv3ERz0bSWuve8BC7vtfOiUpz2S08MDAg==
date
Thu, 19 Sep 2024 13:22:08 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 19 Sep 2024 13:21:34 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 08e02d8752214435881611cd88b0012a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56508
x-amz-cf-pop
NRT12-P5
pg_en.9a78f37c.png
lesapremium168.com/cdn/34dtfrFM/static/img/
398 KB
399 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/pg_en.9a78f37c.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b1321690f79eccb044d0059e52fa15761aeb9052f2ffae2700861c0ae50c03
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-7c79e"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=509854
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="pg_en.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177ddcf380b9-NRT
access-control-allow-origin
*
server
cloudflare
jili_en.203771ba.png
lesapremium168.com/cdn/34dtfrFM/static/img/
167 KB
167 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/jili_en.203771ba.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd27d260b81e02070819209337ee58a15f4ba4a6fb54f2d207c4892d51fcabbd
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-35b64"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=220004
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="jili_en.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177ddcf580b9-NRT
access-control-allow-origin
*
server
cloudflare
rt_en.f5b9426d.png
lesapremium168.com/cdn/34dtfrFM/static/img/
193 KB
194 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/rt_en.f5b9426d.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85e798cf223abe3faee2358c894ead4ad66d4d5a7a81e600eaef9e4993328f9e
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-41460"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=267360
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="rt_en.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177ddcf680b9-NRT
access-control-allow-origin
*
server
cloudflare
empty@3x.ab9c1aef.png
lesapremium168.com/cdn/34dtfrFM/static/img/
3 KB
4 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/empty@3x.ab9c1aef.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e54e811fb469e41717194a87d37c562c0380c67147ec849593bf9315f6ee2092
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-1f85"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=8069
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="empty@3x.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177e1d1780b9-NRT
access-control-allow-origin
*
server
cloudflare
get_ranking_bet_record
lesapremium168.com/_api_/api/v1/game/order/
4 KB
807 B
XHR
General
Full URL
https://lesapremium168.com/_api_/api/v1/game/order/get_ranking_bet_record
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b3da1ab1ca12e205824b73e56ddaf154a63de6cab9890e005c7e6a5f6d03ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

ts
1727561722580
qid
f82c09fac28d8f9e32a3da8a5833c9ca
authorization
Basic a3JhdG9zLWNsaWVudDoxMjM0NTY=
sign
d97dbf1959e1a0e7d68184d5a951549a
Referer
https://lesapremium168.com/
tz
+0900
v
v1.0.0
lg
en-US
mcode
7a5fbeac19
aid
28eb6b8946454484a7ccbc0bf43fc273
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
dm
lesapremium168.com
Content-Type
application/json
fnp
6470e458f71f7266433d8d963db9445e

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
0
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/json
access-control-allow-headers
*
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
referrer-policy
no-referrer
cf-ray
8ca7177e2d2580b9-NRT
access-control-allow-origin
*
x-xss-protection
1 ; mode=block
server
cloudflare
arrowDown@2x.52279416.png
lesapremium168.com/cdn/34dtfrFM/static/img/
202 B
505 B
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/arrowDown@2x.52279416.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
564b10cd218bb10af00687b8d1f9ec1132e39c670febd564760dad525a56c92d
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
"66f266ac-136"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=310
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="arrowDown@2x.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177e3d3a80b9-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
202
server
cloudflare
chunk-2637c560.9e8538ef.css
lesapremium168.com/cdn/34dtfrFM/static/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/chunk-2637c560.9e8538ef.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
004b7a2404c7049abfe7aa438d13aad2c71bcd4eb2002316ea0914c3b8b8bd34
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-16bd"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177ecd8080b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-2637c560.07e2cae1.js
lesapremium168.com/cdn/34dtfrFM/static/js/
5 KB
2 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-2637c560.07e2cae1.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aa5ad618990af81616ed92eb87491bded9b38867d1bd8457a4d5d8980eb4af1
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-headers
*
access-control-allow-method
*
cache-control
public, max-age=16070400
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-1473"
cf-ray
8ca7177ecd8180b9-NRT
expires
Wed, 02 Apr 2025 22:15:22 GMT
access-control-allow-origin
*
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
ON
3636929
vc.hotjar.io/sessions/
0
234 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/3636929?s=0.25&r=0.07453268552677805
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.55.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-55-36.nrt20.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

via
1.1 c7fd3d9b402c0fcc95f12f5f805763c6.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
u1vsXGZPJnxvI7Uee56QjgQvTU4MWzCEEus7rUToRkS6LwyxOjPJRw==
date
Sat, 28 Sep 2024 22:15:22 GMT
x-amz-cf-pop
NRT20-C3
usd.2e6f05c8.png
lesapremium168.com/cdn/34dtfrFM/static/img/
722 B
1015 B
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/usd.2e6f05c8.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48146cad4b4e2362440c4df5798b1b089ddd20e49b97690b3095fa584dbe447d
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-6d5"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=1749
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="usd.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177f6de480b9-NRT
access-control-allow-origin
*
server
cloudflare
query_list
lesapremium168.com/_api_/api/v1/wallet/cache_rate/
3 KB
927 B
XHR
General
Full URL
https://lesapremium168.com/_api_/api/v1/wallet/cache_rate/query_list
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76707f744478868fdc29c495705515644faec716301439683574f77417f4214a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

ts
1727561722795
qid
a7c6b1e36ffdb17ed1df418fbd0af07f
authorization
Basic a3JhdG9zLWNsaWVudDoxMjM0NTY=
sign
1109331918044f02feae846f50ab824c
Referer
https://lesapremium168.com/
tz
+0900
v
v1.0.0
lg
en-US
mcode
7a5fbeac19
aid
28eb6b8946454484a7ccbc0bf43fc273
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
dm
lesapremium168.com
Content-Type
application/json
fnp
6470e458f71f7266433d8d963db9445e

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/json
access-control-allow-headers
*
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
referrer-policy
no-referrer
cf-ray
8ca7177f7dfb80b9-NRT
access-control-allow-origin
*
x-xss-protection
1 ; mode=block
server
cloudflare
banner_list.json
cms.pailigrgr.com/live/json/
13 KB
2 KB
XHR
General
Full URL
https://cms.pailigrgr.com/live/json/banner_list.json?v=48
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2332a44d9dc0e2d7d62a2fcb95b9091c0254118032f74ebabfa8b927f678d63d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=fLNSbg==, md5=uO9re1xIcDhrqNcaxK3AkQ==
etag
"b8ef6b7b5c4870386ba8d71ac4adc091"
age
142
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1438
date
Sat, 28 Sep 2024 22:13:00 GMT
last-modified
Tue, 20 Aug 2024 06:00:33 GMT
content-type
application/json
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljuwxBygiC7jk3Y1Ro6z8qob66EyzuqxdloIuzz7HQBsrk9enUozTNxMDmZOqI72LzlvAt3UN_hKNA
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1724133632993092
content-length
1438
server
UploadServer
game_list.json
cms.pailigrgr.com/live/json/
173 KB
19 KB
XHR
General
Full URL
https://cms.pailigrgr.com/live/json/game_list.json?v=179
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
29f28d951cf33cc12f1c64a00bc07f0e3225c968d5149799e49aa8aa17836704

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=iUhbsQ==, md5=LveMHa20MGbAlOk5Sd9RaQ==
etag
"2ef78c1dadb43066c094e93949df5169"
age
142
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
19073
date
Sat, 28 Sep 2024 22:13:00 GMT
last-modified
Fri, 27 Sep 2024 09:56:29 GMT
content-type
application/json
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljtB7qBL0pDXiH0JrudfyqcgBxHo1Cpzln2-StI0ITLIERMBMSo_kBruTzx--sPH4AyZUE0BtkVbMQ
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727430989294415
content-length
19073
server
UploadServer
global_list.json
cms.pailigrgr.com/live/json/
370 B
529 B
XHR
General
Full URL
https://cms.pailigrgr.com/live/json/global_list.json?v=7
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fb9e98fb42c03e4ec70fd733427be7ba982282895f124308f14258847789c6bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=+AAUcg==, md5=XRRkGkWsS9hLf/ODtmS05g==
etag
"5d14641a45ac4bd84b7ff383b664b4e6"
age
142
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
283
date
Sat, 28 Sep 2024 22:13:00 GMT
last-modified
Wed, 19 Jun 2024 10:30:04 GMT
content-type
application/json
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljsNhMeUAui7SR0HfWzVjaj8lSZcJOn3ul02h52hTEPDuec2SEfyYa7vz9d9chMYczLdzommGmT6oA
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1718793003997173
content-length
283
server
UploadServer
campaign_list.json
cms.pailigrgr.com/live/json/
304 KB
10 KB
XHR
General
Full URL
https://cms.pailigrgr.com/live/json/campaign_list.json?v=49
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
913fcb46da8850410a834c7a44ccc1ab0001c16dc241a7f7538206fdd5bbde24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=wyYQFQ==, md5=QvaiCcerK82urtP+XYdhFg==
etag
"42f6a209c7ab2bcdaeaed3fe5d876116"
age
142
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
10481
date
Sat, 28 Sep 2024 22:13:00 GMT
last-modified
Thu, 15 Aug 2024 09:09:07 GMT
content-type
application/json
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljuz2dQeYXN7J_ZpsAWi1oOYPREe2tB5owtp-jXE2gZEnvn4iTrMJPZWUlQEroU37wNDu-k
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1723712947633067
content-length
10481
server
UploadServer
arrow-left.cca25425.png
lesapremium168.com/cdn/34dtfrFM/static/img/
558 B
860 B
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/arrow-left.cca25425.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88980682e9534f743f04b133db29f874619ef79ebacb0f01faead998ec7a197
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
"66f266ac-3b9"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=953
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="arrow-left.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177f9e3180b9-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
558
server
cloudflare
arrow-right.5f16705c.png
lesapremium168.com/cdn/34dtfrFM/static/img/
558 B
860 B
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/arrow-right.5f16705c.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90de7073119c151f0dc35f442902a0c5458c939e4e2125b4285f8709069715f
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
"66f266ac-3ab"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=939
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="arrow-right.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177f9e3380b9-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
558
server
cloudflare
PC-%E9%A6%96%E9%A1%B5banner1-%E8%8B%B1%E6%96%87_UHfb240725052203.png
cms.pailigrgr.com/live/image/
788 KB
788 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/PC-%E9%A6%96%E9%A1%B5banner1-%E8%8B%B1%E6%96%87_UHfb240725052203.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
90ed2f045147753af6fce1f5b19992283b2516c04d3298cc85f40cab284608d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=846xtQ==, md5=mqJ+8S97S0nsN7YZg4sD+g==
etag
"9aa27ef12f7b4b49ec37b619838b03fa"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
806424
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 25 Jul 2024 05:22:04 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljvT8UTS0zxSZrhJQmQyKhkneYynvSZkio4X8gN0W2RUKaG1_eNtvSSfaLAAcg1eqW3IvtzXmzRtCg
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1721884924238221
content-length
806424
server
UploadServer
PC-%E9%A6%96%E9%A1%B5banner3-%E8%8B%B1%E6%96%87_n0I4240725052216.png
cms.pailigrgr.com/live/image/
1008 KB
1008 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/PC-%E9%A6%96%E9%A1%B5banner3-%E8%8B%B1%E6%96%87_n0I4240725052216.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7b7c990e7988046786072880c130722fee4a2ca874f18ca022ebf90b963ee39e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=6B+A9g==, md5=nJhAGhoTmxaJJkZlAnSSFg==
etag
"9c98401a1a139b168926466502749216"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1032103
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 25 Jul 2024 05:22:17 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljsea2jb7lZq9MVwoU4T2TM183aVIIOtZKmZH74lSeJmz3ulMHRlj5KQPkWyqJSlwEjg31s
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1721884937354489
content-length
1032103
server
UploadServer
PC-%E9%A6%96%E9%A1%B5banner-%E8%8B%B1%E6%96%87_N42h240814023110.png
cms.pailigrgr.com/live/image/%E7%BD%91%E9%A1%B5banner/
761 KB
761 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E7%BD%91%E9%A1%B5banner/PC-%E9%A6%96%E9%A1%B5banner-%E8%8B%B1%E6%96%87_N42h240814023110.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
15921225b61392412553a0f1663aae2958dabc7bfe7e1297d1c1614fad3fe8ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=XXa7zg==, md5=Aqc02n70B4K3TQ7lyRfmdg==
etag
"02a734da7ef40782b74d0ee5c917e676"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
779526
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 14 Aug 2024 02:31:10 GMT
content-type
image/png
x-guploader-uploadid
AD-8lju5QRhobrXHMPteo9W9C9zyQI7P8J1RV8LCOokYZL6mTQzXU2yrYRrehVN9sXcxy8OgLaaccgXlWQ
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1723602670845421
content-length
779526
server
UploadServer
chunk-3732b2ce.50795f25.css
lesapremium168.com/cdn/34dtfrFM/static/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/css/chunk-3732b2ce.50795f25.css
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
267a2b124848849f015977611b526011c9a2509cbaf7345404cdbfeeaaf775d8
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
content-encoding
br
cf-bgj
minify
etag
W/"66f266ac-ce4"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origSize=3300
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca7177f9e3780b9-NRT
access-control-allow-origin
*
server
cloudflare
chunk-3732b2ce.0a872e3e.js
lesapremium168.com/cdn/34dtfrFM/static/js/
5 KB
2 KB
Script
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/js/chunk-3732b2ce.0a872e3e.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/js/runtime.8530acaf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0441fb75ffec5f261a562660c307ef45b083a82109da0f790f8970bd239f566
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-headers
*
access-control-allow-method
*
cache-control
public, max-age=16070400
content-encoding
br
cf-cache-status
HIT
etag
W/"66f266ac-14d9"
cf-ray
8ca7177fae3c80b9-NRT
expires
Wed, 02 Apr 2025 22:15:22 GMT
access-control-allow-origin
*
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
ON
geolocation
lesapremium168.com/_api_/api/v1/common/
656 B
546 B
XHR
General
Full URL
https://lesapremium168.com/_api_/api/v1/common/geolocation
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4feee85465c2665bad590d4fb5dc38d72f5b4e65c808c748a97517abe6f806b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

ts
1727561722843
qid
724efa254c8c7063e901e03719f0ed5a
authorization
Basic a3JhdG9zLWNsaWVudDoxMjM0NTY=
sign
aacfd92b75fdfe916ecc5c9d346a4bfd
Referer
https://lesapremium168.com/
tz
+0900
v
v1.0.0
lg
en-US
mcode
7a5fbeac19
aid
28eb6b8946454484a7ccbc0bf43fc273
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
dm
lesapremium168.com
Content-Type
application/json
fnp
6470e458f71f7266433d8d963db9445e

Response headers

access-control-allow-method
*
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
0
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
application/json
access-control-allow-headers
*
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
referrer-policy
no-referrer
cf-ray
8ca7177fde5680b9-NRT
access-control-allow-origin
*
x-xss-protection
1 ; mode=block
server
cloudflare
sprites.91fbb670.png
lesapremium168.com/cdn/34dtfrFM/static/img/
188 KB
189 KB
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/sprites.91fbb670.png
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c92cf06afe5b61bbdb2e496afe448b8f8f74c899ed09885c43c5c321eb42fc
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
W/"66f266ac-5974a"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:22 GMT
cf-polished
origFmt=png, origSize=366410
date
Sat, 28 Sep 2024 22:15:22 GMT
content-type
image/webp
content-disposition
inline; filename="sprites.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca717803e8a80b9-NRT
access-control-allow-origin
*
server
cloudflare
NotoSans-ExtraLight.a91336e3.woff2
lesapremium168.com/cdn/34dtfrFM/static/fonts/
182 KB
182 KB
Font
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/fonts/NotoSans-ExtraLight.a91336e3.woff2
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e34501bdd39c5ffe62faf78b71b62d7b8ed83d9e123f8dc4fc7d7df8d400d8f
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://lesapremium168.com
Referer
https://lesapremium168.com/cdn/34dtfrFM/static/css/app.8ed21bc6.css

Response headers

access-control-allow-method
*
cf-cache-status
HIT
etag
"66f266ac-2d75c"
expires
Wed, 02 Apr 2025 22:15:23 GMT
date
Sat, 28 Sep 2024 22:15:23 GMT
content-type
font/woff2
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
vary
Accept-Encoding
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca717805e9980b9-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
186204
server
cloudflare
arrow@2x.73c779f1.png
lesapremium168.com/cdn/34dtfrFM/static/img/
366 B
667 B
Image
General
Full URL
https://lesapremium168.com/cdn/34dtfrFM/static/img/arrow@2x.73c779f1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.2 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ce5179524e84b690668f4572089eeb694bc88430a709bc6b216e7559bdb29c1
Security Headers
Name Value
X-Frame-Options ON

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

access-control-allow-method
*
cf-bgj
imgq:100,h2pri
etag
"66f266ac-21c"
cf-cache-status
HIT
expires
Wed, 02 Apr 2025 22:15:23 GMT
cf-polished
origFmt=png, origSize=540
date
Sat, 28 Sep 2024 22:15:23 GMT
content-type
image/webp
content-disposition
inline; filename="arrow@2x.webp"
vary
Accept
last-modified
Tue, 24 Sep 2024 07:13:48 GMT
x-frame-options
ON
access-control-allow-headers
*
cache-control
public, max-age=16070400
cf-ray
8ca717809eba80b9-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
366
server
cloudflare
%E7%8E%B0%E5%9C%BA%E7%99%BE%E5%AE%B6%E4%B9%90-EN_gd8F240926020231.png
cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/
187 KB
187 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/%E7%8E%B0%E5%9C%BA%E7%99%BE%E5%AE%B6%E4%B9%90-EN_gd8F240926020231.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
13e5440bd50a4ed4de972eae25cc8cc496a03235615760e64403314fbb952639

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=7eO6Ww==, md5=JiE2xHDa+75dk/DURWX7PQ==
etag
"262136c470dafbbe5d93f0d44565fb3d"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
191249
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 26 Sep 2024 02:02:32 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljt71zM7fMzKYsX4-XjCD32NFgdbGzpf1pPpEkw8hHzIePs49r1a7ecFwf1apHTIiFrbS4E
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727316152110170
content-length
191249
server
UploadServer
bac1-EN_kmTf240926021658.png
cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/
112 KB
112 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/bac1-EN_kmTf240926021658.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
99ff8a50db601687fb3e84c9cc1a07984736147e8061f84eddef721bdeb13a09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=8ioOkA==, md5=n434tlD6h5F17sPf8X0M/w==
etag
"9f8df8b650fa879175eec3dff17d0cff"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
115129
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 26 Sep 2024 02:16:58 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljsDjpVXCEtYch4OjDaArOQcIv28mpQ0Pz1a-HEuAcgG2SdvtcgVyP8TfTmG3bUKTDLjUsw
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727317018945536
content-length
115129
server
UploadServer
bac2-EN_CvVK240926021911.png
cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/
103 KB
103 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/bac2-EN_CvVK240926021911.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a99b9bcf5b5e756181509f6fd77bfdddd7510383a335b49757a9182351d06d1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=W7xBnw==, md5=xWjzBLN4bfwpCdS6VGBYlw==
etag
"c568f304b3786dfc2909d4ba54605897"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
105891
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 26 Sep 2024 02:19:11 GMT
content-type
image/png
x-guploader-uploadid
AD-8lju1M8ILY1hLs7GgceyzmpLYgFSAhoLjh-VpXGRRsyCTmuDLMUMQkxfQu0VDrUH7JMzobj0
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727317151962838
content-length
105891
server
UploadServer
bac3-EN_EjK0240926021911.png
cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/
96 KB
96 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/bac3-EN_EjK0240926021911.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e00d39f5076f79a39185ad2134ea172ca88c258868e9b5cabf3cd792ef7efc33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=E+BfNw==, md5=URJGwWaG7LuCRboWS4WDaQ==
etag
"511246c16686ecbb8245ba164b858369"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
97955
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 26 Sep 2024 02:19:11 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljvqM0WSMRDQYch5HjRHE6NwSA3YZOWujD-d7FQA196Ai-5HHIXQLaUnxNtgL40dC_nipjE
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727317151867399
content-length
97955
server
UploadServer
bac5-EN_YsK9240926021917.png
cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/
86 KB
86 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/bac5-EN_YsK9240926021917.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3c9f269153d3c53ac69f8cbdb449fd8922eac1d4cfa7df7767289edc1aeda2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=EyMznw==, md5=djbhh3psYyDvvtV+Fakk7w==
etag
"7636e1877a6c6320efbed57e15a924ef"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
88456
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 26 Sep 2024 02:19:17 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljud0I2dWvrk-Z7gUoYhmXPzXJw6huDb6rjTOk_E15cagpog103MUhUzne7_oqHx0OkGTqU
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727317157937242
content-length
88456
server
UploadServer
%E8%BD%AE%E7%9B%98-EN_ZDFJ240924071707.png
cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/
91 KB
91 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/%E8%BD%AE%E7%9B%98-EN_ZDFJ240924071707.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d86ac4481de4b7f73b0ab3215b0c9da37255016d13ce5a94af7457c91e015882

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=vVvR3A==, md5=0aGEcJVt5hk7WWsGE/cNZA==
etag
"d1a18470956de6193b596b0613f70d64"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
93273
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Tue, 24 Sep 2024 07:17:07 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljuhFCxg9sHgqynf4AGWj25STasV8C7bl-9rTuip3Oug4lh2ITBgCk8KaPntfDWwK-jYjVA0L8NTTg
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727162227268767
content-length
93273
server
UploadServer
%E8%BD%AE%E7%9B%981-EN_K3rv240924071656.png
cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/
96 KB
96 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E5%88%A9%E5%8D%87%E7%8E%B0%E5%9C%BA/%E8%BD%AE%E7%9B%981-EN_K3rv240924071656.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b13573ddbec81a6619420169edca0727ed3ab5ae825f493b8662b426f3d622a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=oxK2vg==, md5=aDCpfIhnLekfYjsLrYlRYg==
etag
"6830a97c88672de91f623b0bad895162"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
97854
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Tue, 24 Sep 2024 07:16:56 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljvO38RVWlArJ24FqQYagMHTMPWAYip1T3qdvuz-kQL7XtlVV7z4GKgzD9jlNDireJ-BEkpOOA-QUQ
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1727162216941281
content-length
97854
server
UploadServer
PC-SPORTSBOOK1_BpPb240525101416.png
cms.pailigrgr.com/live/image/%E4%BD%93%E8%82%B2%E5%B0%81%E9%9D%A2%E5%9B%BE/
192 KB
192 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E4%BD%93%E8%82%B2%E5%B0%81%E9%9D%A2%E5%9B%BE/PC-SPORTSBOOK1_BpPb240525101416.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b9820c3237d56c52bb776dd6ec22fb09647f72e11b59fc23636bc621ab4920ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=T7Ib1g==, md5=JLXSCzZi0bqZFWkfNi9mXg==
etag
"24b5d20b3662d1ba9915691f362f665e"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
196246
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Sat, 25 May 2024 10:14:17 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljsJTabX5K-ZFidZmANzum7s2IjJ1wFiUgpf-pPCc3B-uSwQPQ0Kn3JecdGQm5V9g6SafzsBrf7Snw
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1716632057039909
content-length
196246
server
UploadServer
PC-%E6%B2%99%E5%B7%B4%E4%BD%93%E8%82%B2%E5%A4%87%E4%BB%BD_azBq240621092856.png
cms.pailigrgr.com/live/image/%E4%BD%93%E8%82%B2%E5%B0%81%E9%9D%A2%E5%9B%BE/%E6%9C%80%E6%96%B0/
92 KB
93 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E4%BD%93%E8%82%B2%E5%B0%81%E9%9D%A2%E5%9B%BE/%E6%9C%80%E6%96%B0/PC-%E6%B2%99%E5%B7%B4%E4%BD%93%E8%82%B2%E5%A4%87%E4%BB%BD_azBq240621092856.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
99b4d03e1201e7fbf5e6d03edd8cfb706de26c6ed01450fdabcbb20dde2dc741

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=kDqATA==, md5=1gysEu6jv2DQl9vpF9GBUA==
etag
"d60cac12eea3bf60d097dbe917d18150"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
94677
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Fri, 21 Jun 2024 09:28:56 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljvdPD0mSxR8JcLUmc7ouGnES_fdgYYeGllVhJY6aj00iVT9guQDqjuLGJBUgUkjyP0Dw5oDrTlWKg
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1718962136630560
content-length
94677
server
UploadServer
PC-DB%20%E4%BD%93%E8%82%B2%E5%A4%87%E4%BB%BD_T14w240621092856.png
cms.pailigrgr.com/live/image/%E4%BD%93%E8%82%B2%E5%B0%81%E9%9D%A2%E5%9B%BE/%E6%9C%80%E6%96%B0/
90 KB
90 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E4%BD%93%E8%82%B2%E5%B0%81%E9%9D%A2%E5%9B%BE/%E6%9C%80%E6%96%B0/PC-DB%20%E4%BD%93%E8%82%B2%E5%A4%87%E4%BB%BD_T14w240621092856.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7da4452e62761e1bfdb7cc7f1ae7053a79ff73542d543919ad899720911ed399

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=2G/jOQ==, md5=lMFMCUxxfW3TZmZfpv1SIQ==
etag
"94c14c094c717d6dd366665fa6fd5221"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
92065
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Fri, 21 Jun 2024 09:28:56 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljti07a8ydIeMa-4bSCD4jxDcEy1pHVwy-iWJvKsVJk_pxDsZHAwlLx4hC_w3b564nQBKtc
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1718962136691937
content-length
92065
server
UploadServer
Win%20Win%20Fish%20Prawn_6igv240607083437.png
cms.pailigrgr.com/live/image/%E6%B8%B8%E6%88%8F%E5%A4%A7%E5%9B%BE/
214 KB
214 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E6%B8%B8%E6%88%8F%E5%A4%A7%E5%9B%BE/Win%20Win%20Fish%20Prawn_6igv240607083437.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4e0d64eab5d8615201eeaa0b4b4cf27719bb1393c8a6fbcd8b2181efe6c14235

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=dDpcgQ==, md5=c5T8IrMIZCJC72nzC2eBpQ==
etag
"7394fc22b308642242ef69f30b6781a5"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
219477
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Fri, 07 Jun 2024 08:34:38 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljsLTOrLmBrwaltU3rxNnhACKP-o0247EA9UMPbp2-Avx8pScuWDnIqNI0eaXU9hxB9e1i0
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717749277985934
content-length
219477
server
UploadServer
dragon-hatch2_CspF240605101812.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
125 KB
125 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/dragon-hatch2_CspF240605101812.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
26ce5d18b8dc4ed76b0f4967f29d38b78b4b8962888a6f08a1be61625996d94e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=j4GyRg==, md5=+/5b6XI+9b2vyHAaAQYjuQ==
etag
"fbfe5be9723ef5bdafc8701a010623b9"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
128102
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 05 Jun 2024 10:18:13 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljvOzmxQ7ye_NPCn_-_hkKnjWS9qvS3apnZlQqQiO0994Auv3TiD2ZUDXdXnRYXtEoPysFY
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717582693032260
content-length
128102
server
UploadServer
mahjong-ways-2_bD8G240605101846.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
117 KB
117 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/mahjong-ways-2_bD8G240605101846.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
da038f03b900821828abc6fe0c44e4605752e4e129bfc2144477953532839199

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=Sl4FSQ==, md5=neQPgShhpioi/8oBIfrJdA==
etag
"9de40f812861a62a22ffca0121fac974"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
119726
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 05 Jun 2024 10:18:46 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljs-9JXOCgyNY3WZPcOjiaaqoXY73gjcbFFuBBa96fI7-AyRzJGZnKxPngPiwst3iOnmRjI
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717582726934977
content-length
119726
server
UploadServer
JetX_g47Q240814092238.png
cms.pailigrgr.com/live/image/SMARTSOFT/
84 KB
84 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/SMARTSOFT/JetX_g47Q240814092238.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
20264ec24e72a798f8882f70a8b3c720394e832bb16d79bb2c776956f0b72b51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=Hkwl+w==, md5=7hIIWYTY5l9e2RCG8exJkQ==
etag
"ee12085984d8e65f5ed91086f1ec4991"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
86045
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 14 Aug 2024 09:22:39 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljupdjRuuiCtHhEqyWXgdbgHACDCSOSbjuTBaZQ8CwuE4H_xI4z1NW2YwThOYMC_XDVRSIA
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1723627359132498
content-length
86045
server
UploadServer
Mahjong%20Ways%202_EbnA240605101902.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
123 KB
124 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/Mahjong%20Ways%202_EbnA240605101902.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
105375010a0e9577e4ed1ec9ab685164e2bdd106eae16f8248a43d05cc8f05f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=Y/GjSw==, md5=tS80if0YNbuEHnrhBCTK6Q==
etag
"b52f3489fd1835bb841e7ae10424cae9"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
126457
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 05 Jun 2024 10:19:02 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljtXXwPcrB1mTiz37ihqw_UuaY8d6sD-uZ7YTOLRq5WkCV79hXOhq4xAipTzNYjJv701eU0
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717582742168188
content-length
126457
server
UploadServer
legend-of-perseus_SDia240605101846.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
111 KB
111 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/legend-of-perseus_SDia240605101846.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fa1d630beba0466c0746b825d7e18a9b97402be16d68ce58f64811d1ee87cf38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=6Xazfg==, md5=VudZ3Sig/Gy/cu46Hsy/BQ==
etag
"56e759dd28a0fc6cbf72ee3a1eccbf05"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
113375
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 05 Jun 2024 10:18:46 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljsL_cRVibY-uE39wi1uZ9fsGmzEZG0oT7qlBeVxHhXi-gA5J3fP467S72LwX39S633JVjP7VIuaww
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717582726213979
content-length
113375
server
UploadServer
Bounty_Raid_2_en_MRIk240605102318.png
cms.pailigrgr.com/live/image/AART%E6%9C%80%E6%96%B0/
119 KB
119 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AART%E6%9C%80%E6%96%B0/Bounty_Raid_2_en_MRIk240605102318.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fd628922e24ef065ccbe2dac28848bed7e4e0eb4a5b3d1599d91a0b8d1a60f30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=hlQA5A==, md5=Z/v2v0MCj5G9WgeJBoq5pw==
etag
"67fbf6bf43028f91bd5a0789068ab9a7"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
122022
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 05 Jun 2024 10:23:18 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljud0HjqVGjU-b4UOvkAxzMrppAwjiyoLwKkPNMa_idmWrJwM3HTlnoZhOwZdz-BVZB_AH8
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717582998842979
content-length
122022
server
UploadServer
Prosperity%20Lion_7FIQ240605101851.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
117 KB
117 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/Prosperity%20Lion_7FIQ240605101851.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8f0b17bdc34e457e76e7faae984c8f60a1aeb0e709aaf7f876ddd1cf0f7f0430

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=xGRLHw==, md5=OXfSZwqeLqXFuhX6UP1SXw==
etag
"3977d2670a9e2ea5c5ba15fa50fd525f"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
119817
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 05 Jun 2024 10:18:51 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljspw2yCTyJWOd0630_6MA4maFeyR_Uz8vgGfHCS8qgbFot3JbcvWKQoyNFxRVnOt9HngPM
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717582731833904
content-length
119817
server
UploadServer
medusa-I-2_40kY240605101843.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
108 KB
108 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/medusa-I-2_40kY240605101843.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7f16cbeb2aa869acb05e1e44be52b62f2c52ea536de9a309411ab276bad60fc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=H51/vw==, md5=/B9ZO40VwpHTLhxiE0ep8g==
etag
"fc1f593b8d15c291d32e1c621347a9f2"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
110516
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 05 Jun 2024 10:18:43 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljsyHlhHpcq3RnL01tplvfgD3GjWmtEtgrTsZUxrSk-DISTa5lSSRmyaw28GyuLzzH6WoI4g5BQOxQ
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717582723966153
content-length
110516
server
UploadServer
emperor%E2%80%98s_favour_POT9240605101813.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
115 KB
115 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/emperor%E2%80%98s_favour_POT9240605101813.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6be839a123ead9d64dacd1dc9b5b17b1843c216cd460d961d285399780a0074d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=F0XWlA==, md5=ookJq4PCYxxZ9z6/MjarPQ==
etag
"a28909ab83c2631c59f73ebf3236ab3d"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
117456
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 05 Jun 2024 10:18:13 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljsRdpU67T83lfF2yL3QT5plJWuER2qMIRK770RYv8MLdrp59Pxuk4qpjvrW79sxfON3Of0
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717582693411843
content-length
117456
server
UploadServer
JILI%20CAISHEN_MZdK240606083101.png
cms.pailigrgr.com/live/image/AA%E5%90%89%E5%88%A9%E6%9C%80%E6%96%B0/
113 KB
113 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%E5%90%89%E5%88%A9%E6%9C%80%E6%96%B0/JILI%20CAISHEN_MZdK240606083101.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bd532cfc1e542649199b7af0432bf19aa0ca54f03ecd8cc896165d0f20f898b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=T/sYCQ==, md5=lWIhnLdSuGBXkDgATj+QUQ==
etag
"9562219cb752b860579038004e3f9051"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
115535
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 06 Jun 2024 08:31:01 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljvtIPtvmNdTYZOALTbUsapG3VQSkoWVjKp3aQF0V0W-JK8TeuG3jbMsIQNyBtpBr8jyLnU
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717662661354700
content-length
115535
server
UploadServer
fortune%20monkey_iZM7240607083437.png
cms.pailigrgr.com/live/image/%E6%B8%B8%E6%88%8F%E5%A4%A7%E5%9B%BE/
200 KB
200 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/%E6%B8%B8%E6%88%8F%E5%A4%A7%E5%9B%BE/fortune%20monkey_iZM7240607083437.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fe3d4938d8823f76e7583d6fe6c9e91a44eeb569efc3234d6e2d6b8ef9ae1020

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=u2ufXQ==, md5=G7yRU/9EL2vPIxoL1ZNhMA==
etag
"1bbc9153ff442f6bcf231a0bd5936130"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
204461
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Fri, 07 Jun 2024 08:34:38 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljvXcHQoEn2t8S2T9PaFFig8Q5nDjQLTzMaiIUutf5gqBH1-Nhg0qLFtepn6rQqZAFKyb53kk26NxQ
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717749277985891
content-length
204461
server
UploadServer
Yakuza_Honor_OiVB240911065145.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
114 KB
114 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/Yakuza_Honor_OiVB240911065145.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
33a2cf985feec8388ecf1be2ac2172426e9876374b01a5f8da23d884c6aa13e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=0C9b9A==, md5=Xm0aKlV6kcotpoFZyRMJgg==
etag
"5e6d1a2a557a91ca2da68159c9130982"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
116972
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 11 Sep 2024 06:51:46 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljs3tlLlSbwo8rqZxLISLmtJHYFz6uUxkPiB8KB-SrHWcANnU7QtT38LSa5WXUh8qPzaNQmVZC9O6w
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1726037505980420
content-length
116972
server
UploadServer
Zombie_Outbreak_F3QA240911065156.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
106 KB
106 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/Zombie_Outbreak_F3QA240911065156.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2c58c680de862e51f718b66eb6fc2dda6ac1c5733f86c51cf1e66d633d2353a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=OxnDvA==, md5=YxoROFxVVPcSUoi3g1R/Ig==
etag
"631a11385c5554f7125288b783547f22"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
108729
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 11 Sep 2024 06:51:56 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljs4__iMnGK34yvhCS3PR0ChK-g1LMZX6kqSWm1e_hbw2sLqXa63E4mZ962xpnpPDYptevAl4NfzsA
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1726037516301906
content-length
108729
server
UploadServer
Chicky_Run_RCeG240911065128.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
121 KB
121 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/Chicky_Run_RCeG240911065128.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
562aa4e2ef4c3cd17dd065e95a7a1b2ffaeed397ce73cc5510a6963c01ef1e37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=1ICxcg==, md5=2iqcnyW9KztYIa38CsVXPQ==
etag
"da2a9c9f25bd2b3b5821adfc0ac5573d"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
123547
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 11 Sep 2024 06:51:28 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljvpxKxA20U4A_7GnUdSVFBGADfuTVRaNVJUd7fLHT1emo9y4kJu_2atIWRcDAsZFX6oGuU
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1726037488666354
content-length
123547
server
UploadServer
Shark_Bounty_pm7u240911065043.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
113 KB
113 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/Shark_Bounty_pm7u240911065043.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d95dc4b1594a613209678449c0d26409d4391d8e3f680e2ae7a4b791c07b7bfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=fYGVPA==, md5=IOd4XXsbCk5m7FYjIwLf5g==
etag
"20e7785d7b1b0a4e66ec56232302dfe6"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
116090
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 11 Sep 2024 06:50:44 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljv2jDzi5ZoMM-1RZuwEiL6iKewwFzS52hw880SIcmKPpB7aegt8T2Q2ggl4l_-L6Df6X3c
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1726037444146571
content-length
116090
server
UploadServer
wings-of-iguazu_AdsI240911065055.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
122 KB
122 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/wings-of-iguazu_AdsI240911065055.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
61077fff290b7f2dd75466d2b90a37bb879d1bd3d1aa252434f0483240014c33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=NjuBjQ==, md5=ZlT3THcf1Qsjk62nxMKqOw==
etag
"6654f74c771fd50b2393ada7c4c2aa3b"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
125194
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 11 Sep 2024 06:50:55 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljsKzOeELnF-GfzSMLCCSgIaYKXyJidhwm1oEpnzXdQIXqARR4nIGhEmYVcnNJQFAhlZzs1wkJ_OiQ
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1726037455862715
content-length
125194
server
UploadServer
Futebol%20Fever_DtTl240911063251.png
cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/
113 KB
113 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%20PG%E6%9C%80%E6%96%B0/Futebol%20Fever_DtTl240911063251.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
90ac74d475c736f780149c5f97fa402002dff58fdcd302cb5c353187d3bcacab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=xoXoFQ==, md5=KYiICBtTZDwn45lbANQTbA==
etag
"298888081b53643c27e3995b00d4136c"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
115415
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Wed, 11 Sep 2024 06:32:52 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljtu-HzfjsE8RVMXlydD-aeBDhtYohpjSFnIsH88YLgRaJMAZU-1AvQTZ8HB2BrHVaEPwmk
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1726036372128455
content-length
115415
server
UploadServer
Happy%20Taxi_rVFE240606083058.png
cms.pailigrgr.com/live/image/AA%E5%90%89%E5%88%A9%E6%9C%80%E6%96%B0/
112 KB
112 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%E5%90%89%E5%88%A9%E6%9C%80%E6%96%B0/Happy%20Taxi_rVFE240606083058.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
65da2f12cbfa4061f2350bc7aa4c972d0c62986a306b7a2e6680412101c615e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=OeuvZg==, md5=Hfoluwy8Zv4FOEvJwrzrRQ==
etag
"1dfa25bb0cbc66fe05384bc9c2bceb45"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
114340
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 06 Jun 2024 08:30:58 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljvpYjNJHPv_dMnJVy8l7XHOg5RqiWuAnzGWgbwdvueCOD7hCMJ29jEZGVwqydHd8lz7uvpINPV0ug
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717662658914352
content-length
114340
server
UploadServer
Boxing%20King_loDf240606083053.png
cms.pailigrgr.com/live/image/AA%E5%90%89%E5%88%A9%E6%9C%80%E6%96%B0/
115 KB
115 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%E5%90%89%E5%88%A9%E6%9C%80%E6%96%B0/Boxing%20King_loDf240606083053.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6649969e47d0964018dae964e7fe5e463b9ebb54d9eddb8d916ee22dd03f6e91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=20RldA==, md5=U8l0TCh9HrFOj6sWkycEvw==
etag
"53c9744c287d1eb14e8fab16932704bf"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
117881
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 06 Jun 2024 08:30:53 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljvvVniBPHgDgNJC45_Y14HMQbtt6rDWdDrJF5kemsB5ajL2gge9-XYNDQUwEVE2qy9gT-w
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717662653253168
content-length
117881
server
UploadServer
Fortune%20Gems_tzML240606083100.png
cms.pailigrgr.com/live/image/AA%E5%90%89%E5%88%A9%E6%9C%80%E6%96%B0/
124 KB
124 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%E5%90%89%E5%88%A9%E6%9C%80%E6%96%B0/Fortune%20Gems_tzML240606083100.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
98f0f5cb30b9b56ea71e93109c5cae4ce89e241d8c28062c68fcd7412e759e29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=kVQbAA==, md5=lDXEmWBZ4qVQ1M61gREgzA==
etag
"9435c4996059e2a550d4ceb5811120cc"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
126559
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 06 Jun 2024 08:31:00 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljtuqCVZX_SBbHuQvV0OPYA1QdaT1zEnIOsfJRgKrpmeGGzI3UEaDZtmPx7SSFMpu9N-vTY
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717662660591962
content-length
126559
server
UploadServer
Pharaoh%20Treasure_7hhx240606083052.png
cms.pailigrgr.com/live/image/AA%E5%90%89%E5%88%A9%E6%9C%80%E6%96%B0/
117 KB
117 KB
Image
General
Full URL
https://cms.pailigrgr.com/live/image/AA%E5%90%89%E5%88%A9%E6%9C%80%E6%96%B0/Pharaoh%20Treasure_7hhx240606083052.png?auto=format
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.134.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.134.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
30467d9aa76b5d0b4e177f48a583be5da875956a53ce381efb01bc5c00f49eb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=E3d7nw==, md5=0yr5y708PhTNO+dl09sr4A==
etag
"d32af9cbbd3c3e14cd3be765d3db2be0"
age
304
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
119346
date
Sat, 28 Sep 2024 22:10:18 GMT
last-modified
Thu, 06 Jun 2024 08:30:53 GMT
content-type
image/png
x-guploader-uploadid
AD-8ljucG5H3PT9vpFdVvJvUHFnEaWdr49arDv7Iu9sRjBpPXNuNwEV6bi_nZ5mt1sFhklFDnFQ9U_F9vQ
cache-control
public,max-age=15811200,7884000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1717662653059114
content-length
119346
server
UploadServer
tracking.js
cdn.livechatinc.com/
84 KB
27 KB
Script
General
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.26.20 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-210-26-20.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4657a9811d411ba0785fe4681282a82ef8c89e8c532862d12c0e7725fc16c48e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

content-encoding
br
etag
W/"fd823e21819cd53520a8904641318097"
x-amz-version-id
wkAxt4XehMYGKq10Y2OFuZJNXn7Xhrv7
expires
Sun, 29 Sep 2024 06:15:23 GMT
x-amz-cf-id
ofiMYKmaFk1izrYL831cXdDNhMSU8cgT8yeAT_UZ423pUAvpDPW2LA==
date
Sat, 28 Sep 2024 22:15:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 27 Sep 2024 09:12:37 GMT
vary
Accept-Encoding
cache-control
max-age=28800
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
27174
x-amz-cf-pop
NRT20-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/
382 B
602 B
Script
General
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=17898843&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Flesapremium168.com%2F&channel_type=code&jsonp=__xsdyjs00pg
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.163 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-118-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f463939134c39862e901c972f621068dc7c18f6023f11252ffe762812a74ba80
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://lesapremium168.com/;
X-Frame-Options allow-from https://lesapremium168.com/

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

content-security-policy
frame-ancestors https://lesapremium168.com/;
content-length
382
date
Sat, 28 Sep 2024 22:15:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
x-frame-options
allow-from https://lesapremium168.com/
get_configuration
api.livechatinc.com/v3.4/customer/action/
5 KB
2 KB
Script
General
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=457fd943-ccc0-46a0-8a0b-cdf54c2138f7&version=183.0.2.26.80.27.8.3.2.1.2.4.2&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.163 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-118-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4257c3a3bce56c67633cb600a0a60722f0a4edc6cedec2a2f9f7f8d533a5d74e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

cache-control
public, max-age=600
content-encoding
gzip
cross-origin-resource-policy
cross-origin
deprecation
2024-11-30
expires
Sat, 28 Sep 2024 22:25:23 GMT
content-length
1640
date
Sat, 28 Sep 2024 22:15:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
open_chat
secure.livechatinc.com/customer/action/ Frame 9008
0
0
Document
General
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=17898843&group=0&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.172 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-118-172.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://lesapremium168.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
744
Content-Type
text/html; charset=utf-8
Date
Sat, 28 Sep 2024 22:15:24 GMT
Vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
get_localization
api.livechatinc.com/v3.4/customer/action/
11 KB
5 KB
Script
General
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=457fd943-ccc0-46a0-8a0b-cdf54c2138f7&version=470b74842e9d45ce9f156d1d5a957bad_5b9252e930bba331f26918b379d5b669&language=cn&group_id=0&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.163 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-118-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe79dd43a8feddaa5416ae102203b5fde23dbad2711bf99346fd462f874df3a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://lesapremium168.com/

Response headers

cache-control
public, max-age=546
content-encoding
gzip
cross-origin-resource-policy
cross-origin
deprecation
2024-11-30
expires
Sat, 28 Sep 2024 22:24:30 GMT
content-length
4960
date
Sat, 28 Sep 2024 22:15:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
collect
3s.sreanalyze.com/api/v1/stats/
71 B
469 B
XHR
General
Full URL
https://3s.sreanalyze.com/api/v1/stats/collect
Requested by
Host: lesapremium168.com
URL: https://lesapremium168.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=kj546j&module=frontend_web&v=20240517
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.170.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f35d93adfdbca5f84af324bf4535c0d3d9351205df04e32713fcf89364e8641d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lesapremium168.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-method
POST
access-control-expose-headers
Correlation-ID
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
correlation-id
b130ed1a60c242f5897ef91c9412254f
date
Sat, 28 Sep 2024 22:15:26 GMT
content-type
application/json; chaset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
access-control-allow-headers
x-requested-with
strict-transport-security
max-age=15552000; includeSubDomains; preload
referrer-policy
same-origin
allow
POST, OPTIONS
cf-ray
8ca717942a8e264b-NRT
access-control-allow-origin
*
content-length
71
server
cloudflare
collect
3s.sreanalyze.com/api/v1/stats/ Frame
0
0
Preflight
General
Full URL
https://3s.sreanalyze.com/api/v1/stats/collect
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.170.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://lesapremium168.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-method
*
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8ca717936a1a264b-NRT
content-length
34
content-type
application/json; chaset=utf-8
date
Sat, 28 Sep 2024 22:15:26 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __cfQR object| yunweiConfig function| cdnPing function| createTags function| createdCss function| createdJs function| createdJsCall function| removeDom function| getLanguage string| cdn boolean| __cfRLUnblockHandlers object| THREEDATA boolean| ISACTIVE number| ThreeInitLock object| ThreeSeconds object| dataLayer function| hj object| _hjSettings object| webpackJsonp object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _0xeb02 object| anj_05324ad8_4fed_4591_a828_336da19ccdfe object| ANJ function| _0x3747 object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| regeneratorRuntime object| Base64 function| _ object| __SVG_SPRITE__ object| $i18n object| $toast object| recaptcha object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| Paho function| JSEncrypt object| __lc object| LiveChatWidget boolean| __lc_inited object| LC_API object| ACTIVEDATA

7 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: 3183b2d3-9285-42a1-937f-c9c5867d21a9
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: 4050b11b256ce71c3ac6b6bfb255f8eff6e9e0c38fddaeacbcee4a4e157ee97d2fc16cefc37932adddc82b2478c8115fc1029eace9662ac82549d634fc6e
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: 3183b2d3-9285-42a1-937f-c9c5867d21a9
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: 4050b11b256ce71c3ac6b6bfb255f8eff6e9e0c38fddaeacbcee4a4e157ee97d2fc16cefc37932adddc82b2478c8115fc1029eace9662ac82549d634fc6e
.lesapremium168.com/ Name: _hjSessionUser_3636929
Value: eyJpZCI6ImE3ZmFmMjcwLWYxMTktNTE1Mi04MzVhLWFjOGVmMDU3ZjRlMCIsImNyZWF0ZWQiOjE3Mjc1NjE3MjI3NzIsImV4aXN0aW5nIjpmYWxzZX0=
.lesapremium168.com/ Name: _hjSession_3636929
Value: eyJpZCI6ImIwZDdkNTZjLTJjZGQtNGFiOS1hNWMwLWZmNjc3NmJlMzFhZSIsImMiOjE3Mjc1NjE3MjI3NzMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1727561755&tag=c04d2564a9b18b4db36462a0683fe7dc98598658

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options ON

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

05324ad8-4fed-4591-a828-336da19ccdfe.snippet.anjouangaming.org
3s.sreanalyze.com
api.livechatinc.com
cdn.livechatinc.com
cms.pailigrgr.com
lesapremium168.com
script.hotjar.com
secure.livechatinc.com
static.hotjar.com
vc.hotjar.io
www.google.com
www.googletagmanager.com
www.gstatic.com
104.16.170.118
142.250.207.4
142.251.42.131
172.64.148.2
18.65.207.24
23.210.26.20
23.50.118.163
23.50.118.172
2404:6800:4004:828::2008
2600:9000:26a7:6e00:a:4a4b:1400:93a1
2606:4700:4400::ac40:9402
3.165.39.42
34.120.134.211
99.84.55.36
004b7a2404c7049abfe7aa438d13aad2c71bcd4eb2002316ea0914c3b8b8bd34
07fab401344254db25ce0d3e10494cb8ab70b50306097042e5ee42d5020e5dd0
0b82225856d1cd645e1d48828032b3d322e90e535812c2ed360758d4c448d645
105375010a0e9577e4ed1ec9ab685164e2bdd106eae16f8248a43d05cc8f05f1
11700a909a89aeb0150ae6b0f2ad049cff0600a248bd8d2e82f60c1c5cf8826a
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
13e5440bd50a4ed4de972eae25cc8cc496a03235615760e64403314fbb952639
15921225b61392412553a0f1663aae2958dabc7bfe7e1297d1c1614fad3fe8ce
15c92cf06afe5b61bbdb2e496afe448b8f8f74c899ed09885c43c5c321eb42fc
1e9fd3a32db5d42700823a8fe518dbee9acde90a0de24d5fd6661b89e1f6fce6
1f426a2ce3e126879a7490c32f18fa26ce3f7b8adcf14951ab7e2c8f2f3d3489
20264ec24e72a798f8882f70a8b3c720394e832bb16d79bb2c776956f0b72b51
204e98145aaf6a53dad477e21a28bf779ec8fa8d16992d500364c335a1519356
2332a44d9dc0e2d7d62a2fcb95b9091c0254118032f74ebabfa8b927f678d63d
25747aa9a0df934cb61dda2e12130050971c68cc7a6e1c739550f20e72b1bc12
267a2b124848849f015977611b526011c9a2509cbaf7345404cdbfeeaaf775d8
26ce5d18b8dc4ed76b0f4967f29d38b78b4b8962888a6f08a1be61625996d94e
299d3d868ca100da2712a8c464b8a18e78b2dccaeccb9af1b646d44ef48747c5
29f28d951cf33cc12f1c64a00bc07f0e3225c968d5149799e49aa8aa17836704
2ab46bde48519f61190817a77e73fc90fe94816ffb36f7d6bd7010280d35f2f6
2c58c680de862e51f718b66eb6fc2dda6ac1c5733f86c51cf1e66d633d2353a3
30467d9aa76b5d0b4e177f48a583be5da875956a53ce381efb01bc5c00f49eb8
309cd6556f717443171c95c561afe51e42c042e72d02e73772ab65ec45fab8a4
32a4dc9682123896f5878d6c2a7c4f166ad71dd68438271f4e5f3963296dc3c6
33a2cf985feec8388ecf1be2ac2172426e9876374b01a5f8da23d884c6aa13e2
3beaa077f228410021c7394f1566da6953f47dac631f0cb585c8d81c94a1ab18
3eae1e5cc5190416972f2dbd28d04db8492c16bb75f5875812433ccdccc3d872
4257c3a3bce56c67633cb600a0a60722f0a4edc6cedec2a2f9f7f8d533a5d74e
4657a9811d411ba0785fe4681282a82ef8c89e8c532862d12c0e7725fc16c48e
47442a5de775c492ceac601812ca87aaedc9900501a7561887dd3a7df6c0b77e
48146cad4b4e2362440c4df5798b1b089ddd20e49b97690b3095fa584dbe447d
4b89f59f732e55af5aa7be9545f9c2785dfadc9a20ea30fc4e0f9fa9b70fb11a
4ce5179524e84b690668f4572089eeb694bc88430a709bc6b216e7559bdb29c1
4e0d64eab5d8615201eeaa0b4b4cf27719bb1393c8a6fbcd8b2181efe6c14235
4e34501bdd39c5ffe62faf78b71b62d7b8ed83d9e123f8dc4fc7d7df8d400d8f
4feee85465c2665bad590d4fb5dc38d72f5b4e65c808c748a97517abe6f806b9
4ff409db15fc3308a9ee913fc0d132138b10dd443f086ff9b8b70cb78c8e7ab0
528c8cf48d0e3a66144a752466caf7745761e8cbdc315aec0a40eefed6ed04bd
54b22813eeb073c8974f034008a49f0ee362746202bd3f7e0c48b3565e343c18
562aa4e2ef4c3cd17dd065e95a7a1b2ffaeed397ce73cc5510a6963c01ef1e37
564b10cd218bb10af00687b8d1f9ec1132e39c670febd564760dad525a56c92d
59b1321690f79eccb044d0059e52fa15761aeb9052f2ffae2700861c0ae50c03
61077fff290b7f2dd75466d2b90a37bb879d1bd3d1aa252434f0483240014c33
626753804212588f6fa420b4dee065cfb0a9a591116561d7dcab4c218c885911
63acd90239a6073a9fdfa66d54201dbbcb979e79bd79391641143816b7109993
65da2f12cbfa4061f2350bc7aa4c972d0c62986a306b7a2e6680412101c615e7
6649969e47d0964018dae964e7fe5e463b9ebb54d9eddb8d916ee22dd03f6e91
685ba0e03ed1ffe35c67165d2362415662e9ef77e896e03607fed07f0cf48dad
6be839a123ead9d64dacd1dc9b5b17b1843c216cd460d961d285399780a0074d
6c3ecc39856ed3dd146a5547490f5bf001beb4ed3ab8bb106082576e64519500
6f80f442f42f8fc05c9be254a0a8e9edc474373e4d3b97d92ce8e6b145c0f235
76707f744478868fdc29c495705515644faec716301439683574f77417f4214a
771b8ba3ba9a3bd1bf6a02812d5a4ac9a61ddbf26086fc6528048570e81c4d5f
790496259bd0834dc5639e6b3f79b1c1935a8f9ae34037f5ff3f2f4f295e9f8c
7aa5ad618990af81616ed92eb87491bded9b38867d1bd8457a4d5d8980eb4af1
7b7c990e7988046786072880c130722fee4a2ca874f18ca022ebf90b963ee39e
7c3691d6c51230c03d9538914be8ef7d125e44ceb30fc2b5ec4bf720c01b957e
7da4452e62761e1bfdb7cc7f1ae7053a79ff73542d543919ad899720911ed399
7f16cbeb2aa869acb05e1e44be52b62f2c52ea536de9a309411ab276bad60fc3
82191672c11a2317a35effefe7979fc7ef2d67a3b260871f8cfc5983b2b8084d
8283c17f73e83b8b2b22fc926a02fe45f4fe800cbcc922a9a96bee9d8dfcb91f
85e798cf223abe3faee2358c894ead4ad66d4d5a7a81e600eaef9e4993328f9e
8f0b17bdc34e457e76e7faae984c8f60a1aeb0e709aaf7f876ddd1cf0f7f0430
8f23d99b4189eeaeb5c3e5ad876a354982dceed96699508a48dfac70195ebb09
90ac74d475c736f780149c5f97fa402002dff58fdcd302cb5c353187d3bcacab
90ed2f045147753af6fce1f5b19992283b2516c04d3298cc85f40cab284608d1
913fcb46da8850410a834c7a44ccc1ab0001c16dc241a7f7538206fdd5bbde24
91908b91456970196dd3ad140f92c657f82ea37690647dea5b86f399f311c9de
95a85b57de9bcd21c9bab5936cb9d84bb3aed397e62549f787d524539e12b953
95f3f8e77f781fbdce8a1ef4e8dcee7c0b066c115b6d9b4986ed9f833974ce8b
98f0f5cb30b9b56ea71e93109c5cae4ce89e241d8c28062c68fcd7412e759e29
9995da44228402c0786376d1a4ff8ea83649fb77efa7e67f32bf06cdeefe1807
99b4d03e1201e7fbf5e6d03edd8cfb706de26c6ed01450fdabcbb20dde2dc741
99ff8a50db601687fb3e84c9cc1a07984736147e8061f84eddef721bdeb13a09
9cff673315e0af174905a1e58bddf8a2c05e55fec8f96bf59bc76ae016acebcf
9e18591db67d672aba6f4b41d505997ac2e7b48091273a69a5a30676d797d5a9
a0441fb75ffec5f261a562660c307ef45b083a82109da0f790f8970bd239f566
a86c6971c494911b13eee3c3716a60798bf3094ead87b9ac0077553a4effaaed
a8d08fba91db7c7e87a753b77c019397583ef8f8c50e02223607e5a8e5ecd5ae
a99b9bcf5b5e756181509f6fd77bfdddd7510383a335b49757a9182351d06d1d
b07debb222b93fdeb4b083e14aab9b5d4d0e309ad37936bf12b2d3bde2efe477
b13573ddbec81a6619420169edca0727ed3ab5ae825f493b8662b426f3d622a5
b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b
b68932598f2ea9afd2732098bd2f2e9c9d4dd65bf8fe04b336d843db22892853
b9820c3237d56c52bb776dd6ec22fb09647f72e11b59fc23636bc621ab4920ca
bc8f4d0f4c842c6b0da41b65aa86377f14bcd17a276edc9d5bd74eb1dca70f6c
bd532cfc1e542649199b7af0432bf19aa0ca54f03ecd8cc896165d0f20f898b3
bd79386f11aacfaa614ebc4450935fd01b30d10c1c97801f31b10358d3ae06d3
c08864bcb3fd2509bfc61657f4a4562019ede6b50d562355ff45b8ef17d4ee67
c419627841f2b8d4e325ec7c1a00d998e6e9221d447b21235f465f35cbc583a4
c447bd798f56f394e78a702bddba131a17255e1e2b8082731604a1745599773f
c4b3da1ab1ca12e205824b73e56ddaf154a63de6cab9890e005c7e6a5f6d03ea
c90de7073119c151f0dc35f442902a0c5458c939e4e2125b4285f8709069715f
cac14657bc75fe509c3cf4601455f7ea4a6adf4d9a68810ccecd7e2694416892
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf544db025c447300eb6ce1eb9758ca5578fc1ce43fe6b58c6870f839cfdd4f2
d16f01f929ee90504d5ddbfdb6bb3bb77be80b2bb1b5920fbeef079783a7f461
d6ee3833d52f14d4daccb07629870598212631eed96c3167e8c616f8d10a6e0a
d7ba98ba74e58d8fdfb573ba13e4e50c86e9593a765cdac84e9f9541d89de644
d86ac4481de4b7f73b0ab3215b0c9da37255016d13ce5a94af7457c91e015882
d88980682e9534f743f04b133db29f874619ef79ebacb0f01faead998ec7a197
d95dc4b1594a613209678449c0d26409d4391d8e3f680e2ae7a4b791c07b7bfa
da038f03b900821828abc6fe0c44e4605752e4e129bfc2144477953532839199
dd27d260b81e02070819209337ee58a15f4ba4a6fb54f2d207c4892d51fcabbd
e00d39f5076f79a39185ad2134ea172ca88c258868e9b5cabf3cd792ef7efc33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9f269153d3c53ac69f8cbdb449fd8922eac1d4cfa7df7767289edc1aeda2a
e54e811fb469e41717194a87d37c562c0380c67147ec849593bf9315f6ee2092
e56cf45353297cea9df8ca16b676eed9f335232c8282b160b79b71e291ef09d0
e77b7eee0130ea4b49e5ed639996cfbacc78774f7bf69a3712830455a233f6cf
edeaad5283ed8f4151b27d7832a6c6ebe99cc49eb0a8d0ebeae99d4190721c91
f35d93adfdbca5f84af324bf4535c0d3d9351205df04e32713fcf89364e8641d
f463939134c39862e901c972f621068dc7c18f6023f11252ffe762812a74ba80
f5a80b2863516a1c2f91d7e2f6a332bb65ea2265ad1a421fd5f72db9dc9932da
f60d2f61eae499e62c0a3fa5e54c9a389651eb68059649414b4f92b2308cc7a1
fa1d630beba0466c0746b825d7e18a9b97402be16d68ce58f64811d1ee87cf38
fb2f795ef18f2c7c15961cc11180d8d2a5e44292f1d9f5b658ec9f15415d3a4d
fb9e98fb42c03e4ec70fd733427be7ba982282895f124308f14258847789c6bd
fca727b43e0a7ffc54850492e28400da085c50c45c458d0df58dc7bacb2693c3
fd628922e24ef065ccbe2dac28848bed7e4e0eb4a5b3d1599d91a0b8d1a60f30
fe3d4938d8823f76e7583d6fe6c9e91a44eeb569efc3234d6e2d6b8ef9ae1020
fe79dd43a8feddaa5416ae102203b5fde23dbad2711bf99346fd462f874df3a2