fathomcause.com/kvehdx74e?key=526287b768c9d41ea3a02a20a2d07f49&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAAzXLuw6CMBhA4aeREaRVLCbEEO9SDaZ42UiVog0WsPxW5enVwTOc7bsC1M3QcXLZesbmdW3fZFk4MaK9l7%20PmTmN0pPm5fmaKg7fyyxwXewj0iWIuB5GGPuDvvUAlSqRyYcKFNeFAFlerL/UIhdaCx0ses0y/EeaKmJFBUCPm5bfWdFBM8bez6q7Nqt2bQ7Ju99SCRuaTCI6JeNwMt%20Oo5384Q%20WTaG2uAAAAA==&_branch_match_id=1139280828163233975
173.233.137.60200 OK 1.5 kB URL HTTP/1.1 fathomcause.com/kvehdx74e?key=526287b768c9d41ea3a02a20a2d07f49&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAAzXLuw6CMBhA4aeREaRVLCbEEO9SDaZ42UiVog0WsPxW5enVwTOc7bsC1M3QcXLZesbmdW3fZFk4MaK9l7%20PmTmN0pPm5fmaKg7fyyxwXewj0iWIuB5GGPuDvvUAlSqRyYcKFNeFAFlerL/UIhdaCx0ses0y/EeaKmJFBUCPm5bfWdFBM8bez6q7Nqt2bQ7Ju99SCRuaTCI6JeNwMt%20Oo5384Q%20WTaG2uAAAAA==&_branch_match_id=1139280828163233975
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (565)
Hash 8c2bd38a7332946b1b46e83140ffa91b
78483827ca560cc1e65da12025a1cc3dba8a286c
6a74952324394dd5f1b43241b8ec0b467824bf96df5bbaa00b799c9c29e6f54a
Analyzer Verdict Alert quad9 Sinkholed
GET /kvehdx74e?key=526287b768c9d41ea3a02a20a2d07f49&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAAzXLuw6CMBhA4aeREaRVLCbEEO9SDaZ42UiVog0WsPxW5enVwTOc7bsC1M3QcXLZesbmdW3fZFk4MaK9l7%20PmTmN0pPm5fmaKg7fyyxwXewj0iWIuB5GGPuDvvUAlSqRyYcKFNeFAFlerL/UIhdaCx0ses0y/EeaKmJFBUCPm5bfWdFBM8bez6q7Nqt2bQ7Ju99SCRuaTCI6JeNwMt%20Oo5384Q%20WTaG2uAAAAA==&_branch_match_id=1139280828163233975 HTTP/1.1
Host: fathomcause.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 24 Mar 2023 09:44:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18011242; expires=Sat, 25 Mar 2023 09:44:12 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAxMTI0MiwiayI6IjUyNjI4N2I3NjhjOWQ0MWVhM2EwMmEyMGEyZDA3ZjQ5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDA1NzUyLCJwaWQiOjU1ODYxMywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoia3ZlaGR4NzRlIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.bx9pnR2ErRcHzHV_AK6Niz-O5BsJwS9NdOAuuoNrcyc; expires=Fri, 24 Mar 2023 09:45:12 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 18f040320d4cf739bb25e541aefe55d4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12663
Expires: Fri, 24 Mar 2023 13:15:15 GMT
Date: Fri, 24 Mar 2023 09:44:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 210a2a42cfc4f4aced144f5de9babcc6
ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db
59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6363
Expires: Fri, 24 Mar 2023 11:30:15 GMT
Date: Fri, 24 Mar 2023 09:44:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Mar 2023 09:15:14 GMT
content-type: application/json
age: 1738
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash dc2752d83fbed82852248898a132467a
b27a6b4af2e07663a58cafb641513f7224c7a7c3
ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20101
Expires: Fri, 24 Mar 2023 15:19:13 GMT
Date: Fri, 24 Mar 2023 09:44:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: u8fDNnHbCjAx4EEVpi5PakAaVVbW0CDabSinMpr08/8rNh4oHAlXAseA2pkm04Yxva5N1+Om6w8=
x-amz-request-id: 46GAX8JQZ4T8Y8AK
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Mar 2023 08:54:25 GMT
age: 2987
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 09:44:12 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fathomcause.com/kvehdx74e?shu=8058d7dc47a121fc7d11a268708b0326905e4a55ca2219918cb7f12bfd1843b2bf261185d6c8de837f91a1d501aec94ddc2846d9acbff0ad091c4fe6e513994b5bee8e663453adbbe03c4f923a245556aa018af49d5295686ccd18bda5e3ba37&pst=1679651112&rmtc=t&uuid=&pii=&in=false&key=526287b768c9d41ea3a02a20a2d07f49&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAAzXLuw6CMBhA4aeREaRVLCbEEO9SDaZ42UiVog0WsPxW5enVwTOc7bsC1M3QcXLZesbmdW3fZFk4MaK9l7+PmTmN0pPm5fmaKg7fyyxwXewj0iWIuB5GGPuDvvUAlSqRyYcKFNeFAFlerL%2FUIhdaCx0ses0y%2FEeaKmJFBUCPm5bfWdFBM8bez6q7Nqt2bQ7Ju99SCRuaTCI6JeNwMt+Oo5384Q+WTaG2uAAAAA%3D%3D&_branch_match_id=1139280828163233975
173.233.137.60302 Found 0 B URL HTTP/1.1 fathomcause.com/kvehdx74e?shu=8058d7dc47a121fc7d11a268708b0326905e4a55ca2219918cb7f12bfd1843b2bf261185d6c8de837f91a1d501aec94ddc2846d9acbff0ad091c4fe6e513994b5bee8e663453adbbe03c4f923a245556aa018af49d5295686ccd18bda5e3ba37&pst=1679651112&rmtc=t&uuid=&pii=&in=false&key=526287b768c9d41ea3a02a20a2d07f49&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAAzXLuw6CMBhA4aeREaRVLCbEEO9SDaZ42UiVog0WsPxW5enVwTOc7bsC1M3QcXLZesbmdW3fZFk4MaK9l7+PmTmN0pPm5fmaKg7fyyxwXewj0iWIuB5GGPuDvvUAlSqRyYcKFNeFAFlerL%2FUIhdaCx0ses0y%2FEeaKmJFBUCPm5bfWdFBM8bez6q7Nqt2bQ7Ju99SCRuaTCI6JeNwMt+Oo5384Q+WTaG2uAAAAA%3D%3D&_branch_match_id=1139280828163233975
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /kvehdx74e?shu=8058d7dc47a121fc7d11a268708b0326905e4a55ca2219918cb7f12bfd1843b2bf261185d6c8de837f91a1d501aec94ddc2846d9acbff0ad091c4fe6e513994b5bee8e663453adbbe03c4f923a245556aa018af49d5295686ccd18bda5e3ba37&pst=1679651112&rmtc=t&uuid=&pii=&in=false&key=526287b768c9d41ea3a02a20a2d07f49&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAAzXLuw6CMBhA4aeREaRVLCbEEO9SDaZ42UiVog0WsPxW5enVwTOc7bsC1M3QcXLZesbmdW3fZFk4MaK9l7+PmTmN0pPm5fmaKg7fyyxwXewj0iWIuB5GGPuDvvUAlSqRyYcKFNeFAFlerL%2FUIhdaCx0ses0y%2FEeaKmJFBUCPm5bfWdFBM8bez6q7Nqt2bQ7Ju99SCRuaTCI6JeNwMt+Oo5384Q+WTaG2uAAAAA%3D%3D&_branch_match_id=1139280828163233975 HTTP/1.1
Host: fathomcause.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fathomcause.com/kvehdx74e?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=18011242
Cookie: u_pl=18011242; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAxMTI0MiwiayI6IjUyNjI4N2I3NjhjOWQ0MWVhM2EwMmEyMGEyZDA3ZjQ5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDA1NzUyLCJwaWQiOjU1ODYxMywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoia3ZlaGR4NzRlIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.bx9pnR2ErRcHzHV_AK6Niz-O5BsJwS9NdOAuuoNrcyc; cjs=t
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Fri, 24 Mar 2023 09:44:13 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://binomnet.com/cb9cl2k.php?key=f0xy3cb5ozbg4artknqu&SUB_ID_SHORT=2026773ad34bdbba23499a08d39875e8&Cost=0.020000&PLACEMENT_ID=18011242&CAMPAIGN_ID=760652&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2241879
Set-Cookie: pdhtkv=true; expires=Sat, 25 Mar 2023 09:44:13 GMT
uncs=1; expires=Sat, 25 Mar 2023 09:44:13 GMT
pdhtkv28=true; expires=Sat, 25 Mar 2023 09:44:13 GMT
uncs28=1; expires=Sat, 25 Mar 2023 09:44:13 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 159dfc53df92d947a3507f76900e8583
Strict-Transport-Security: max-age=0; includeSubdomains
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Mar 2023 09:17:23 GMT
age: 1610
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
binomnet.com/cb9cl2k.php?key=f0xy3cb5ozbg4artknqu&SUB_ID_SHORT=2026773ad34bdbba23499a08d39875e8&Cost=0.020000&PLACEMENT_ID=18011242&CAMPAIGN_ID=760652&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2241879
162.19.86.114302 Found 0 B URL HTTP/1.1 binomnet.com/cb9cl2k.php?key=f0xy3cb5ozbg4artknqu&SUB_ID_SHORT=2026773ad34bdbba23499a08d39875e8&Cost=0.020000&PLACEMENT_ID=18011242&CAMPAIGN_ID=760652&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2241879
IP 162.19.86.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cb9cl2k.php?key=f0xy3cb5ozbg4artknqu&SUB_ID_SHORT=2026773ad34bdbba23499a08d39875e8&Cost=0.020000&PLACEMENT_ID=18011242&CAMPAIGN_ID=760652&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2241879 HTTP/1.1
Host: binomnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fathomcause.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Fri, 24 Mar 2023 09:44:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=m7e8fn6ji4; expires=Sat, 25-Mar-2023 09:44:13 GMT; Max-Age=86400; path=/
uclickhash=m7e8fn6ji4-m7e8fn6ji4-gxqe-0-qe8n-e8dz-e8vr-932324; expires=Sat, 25-Mar-2023 09:44:13 GMT; Max-Age=86400; path=/
Location: https://ak.hetapus.com/afu.php?zoneid=5543275&ymid=2d61fm7e8fn6ji40ad&var=18011242
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7067
Expires: Fri, 24 Mar 2023 11:42:00 GMT
Date: Fri, 24 Mar 2023 09:44:13 GMT
Connection: keep-alive
ak.hetapus.com/afu.php?zoneid=5543275&ymid=2d61fm7e8fn6ji40ad&var=18011242
95.101.10.43200 OK 819 B URL HTTP/2 ak.hetapus.com/afu.php?zoneid=5543275&ymid=2d61fm7e8fn6ji40ad&var=18011242
IP 95.101.10.43:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (378)
Hash 4dbfb1018e8b15668b2daba104dfff91
352cdab9a4172447db856acda0809e94474e4f1f
4981b488f453753548889a3ca7694acfc7d564571a8249206dbecc0e888c7711
GET /afu.php?zoneid=5543275&ymid=2d61fm7e8fn6ji40ad&var=18011242 HTTP/1.1
Host: ak.hetapus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fathomcause.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 12fe4223e4ae4812bae945ae226fcbc5
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://myeasetrack.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
expires: Fri, 24 Mar 2023 09:44:13 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Mar 2023 09:44:13 GMT
content-length: 819
vary: Accept-Encoding
set-cookie: OAID=028ac3e58fa541dea93f76af0b9b3cf0; expires=Sat, 23 Mar 2024 09:44:13 GMT; path=/; secure; SameSite=None
oaidts=1679651053; expires=Sat, 23 Mar 2024 09:44:13 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 3fc4e9daccaf6beba5e0040abdfd8a99
56361f3b2357d888f563867db70a247b5b4a05cc
46529a849d6e8452a307fd5ef79933553a9a49efee2c623b71af52ebdda7edd0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46529A849D6E8452A307FD5EF79933553A9A49EFEE2C623B71AF52EBDDA7EDD0"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12877
Expires: Fri, 24 Mar 2023 13:18:51 GMT
Date: Fri, 24 Mar 2023 09:44:14 GMT
Connection: keep-alive
ak.hetapus.com/favicon.ico
95.101.10.43204 No Content 0 B URL HTTP/2 ak.hetapus.com/favicon.ico
IP 95.101.10.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ak.hetapus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=028ac3e58fa541dea93f76af0b9b3cf0; oaidts=1679651053
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
expires: Fri, 24 Mar 2023 09:44:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Mar 2023 09:44:14 GMT
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=merge&userId=028ac3e58fa541dea93f76af0b9b3cf0
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=028ac3e58fa541dea93f76af0b9b3cf0
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=028ac3e58fa541dea93f76af0b9b3cf0 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 09:44:14 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=028ac3e58fa541dea93f76af0b9b3cf0; expires=Sat, 23 Mar 2024 09:44:14 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
myeasetrack.com/ce2939e7-f18f-4e8d-b910-5d9b23a74541?zoneid=5543275&device=desktop&browser=firefox&os=windows&country=NO®ion=03&zonetype={zone_type}&useractivity=high&campaignid=6406879&banner=16042566&cost=0.001659&visitor_id=663067175531328321&rdk=rk1
18.192.108.151302 Found 0 B URL HTTP/2 myeasetrack.com/ce2939e7-f18f-4e8d-b910-5d9b23a74541?zoneid=5543275&device=desktop&browser=firefox&os=windows&country=NO®ion=03&zonetype={zone_type}&useractivity=high&campaignid=6406879&banner=16042566&cost=0.001659&visitor_id=663067175531328321&rdk=rk1
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ce2939e7-f18f-4e8d-b910-5d9b23a74541?zoneid=5543275&device=desktop&browser=firefox&os=windows&country=NO®ion=03&zonetype={zone_type}&useractivity=high&campaignid=6406879&banner=16042566&cost=0.001659&visitor_id=663067175531328321&rdk=rk1 HTTP/1.1
Host: myeasetrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 24 Mar 2023 09:44:14 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://ntrfr.leovegas.com/redirect.aspx?pid=3747044&bid=15012&c=wch3gd1nerjlgpgni2nrrhak
pragma: no-cache
set-cookie: ce2939e7-f18f-4e8d-b910-5d9b23a74541-v4=zkpcdfuarB2RHHUCLr6LyW7Awe1u8thOyT747UwYuBQ; Max-Age=86400; Expires=Sat, 25-Mar-2023 09:44:14 GMT; Domain=myeasetrack.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=GaDzLYgMN9VdwoufEkbawpkEzDEEed5YKCWJ%2BIui2Py0gks1FZXPBZNpS%2BvSkTP1OPuvvAsgGKSHt2rCP1W%2B778o%2FOlo614viSXsvzaqZbY6oOELxfxBTz567C6xfutTqDhnKWkHC8CsENOTaLN0vg%3D%3D; Max-Age=31536000; Expires=Sat, 23-Mar-2024 09:44:14 GMT; Domain=myeasetrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.186.71.207101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.71.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ysEVL9cNPbiYHAdeuSV/7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0Ew7j/F7rh7zZ0xHFE35pGFPr4I=
ntrfr.leovegas.com/redirect.aspx?pid=3747044&bid=15012&c=wch3gd1nerjlgpgni2nrrhak
13.107.238.53307 Temporary Redirect 0 B URL HTTP/2 ntrfr.leovegas.com/redirect.aspx?pid=3747044&bid=15012&c=wch3gd1nerjlgpgni2nrrhak
IP 13.107.238.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=3747044&bid=15012&c=wch3gd1nerjlgpgni2nrrhak HTTP/1.1
Host: ntrfr.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
cache-control: private,no-cache, no-store
pragma: no-cache
content-type: text/html
location: https://www.leovegas.com/nb-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; SameSite=None;; domain=.leovegas.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222861626250%7c1%22%7d%5d; domain=.leovegas.com; expires=Sun, 24-Mar-3022 09:44:14 GMT; path=/; secure; SameSite=Strict
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-powered-by: ASP.NET
x-azure-ref: 07nAdZAAAAAABwxwJ1ga/TKz51PRuji+XQ1BIMzBFREdFMDQwOQA3OGIzMGY1NS05NWIyLTQ4YzgtYjFhOC1mZTNkZmIwNTljZDk=
x-cache: CONFIG_NOCACHE
date: Fri, 24 Mar 2023 09:44:13 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 74fa3f9dc11b3177fa7bffc3a67f743f
f8b82a342af963b0a0f931abb3e6f4b6179e36ab
29af481cf6d61ba9bb1bc96bb0b6d468c0a41f5864a3945400549f9e78dfb9ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3548
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:14 GMT
Last-Modified: Fri, 24 Mar 2023 08:45:06 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
www.leovegas.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1565655928
107.154.248.168200 OK 22 kB URL HTTP/2 www.leovegas.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1565655928
IP 107.154.248.168:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f955ce6a87ab37dd437c062fea3b77cf
759fa9d0b9d1ef224e8d772ac46332c5a1d9f53a
ad5b75ecd67d03cccec02381c86fe9fdf542a2cb70718c7263713b5531c48aa4
GET /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1565655928 HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/en-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222861626250%7c1%22%7d%5d; leo-essentials=%7B%22cid%22%3A%22ce969956-c0fc-402c-a2d2-8112a6bea827%22%7D; visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==; leobtag=667909_ED179FB202074EE6A185D27C8D404C26; leonrpid=3747044; leonrbid=15012; leonrmeta=[{"value":"wch3gd1nerjlgpgni2nrrhak","key":"c"}]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/javascript
content-encoding: gzip
x-robots-tag: noindex
content-length: 22058
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 9c689641e0b746cd4bc0dba000933496
78fedb0dc677f79859e3004dda31e1b3bd829c16
c7f67f66fc400b404c947d9cdcd59cfdc9719c6dc60e4a6d8d51cf187bb1fec3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1492
Cache-Control: max-age=115157
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:15 GMT
Etag: "641c89f1-1d7"
Expires: Sat, 25 Mar 2023 17:43:32 GMT
Last-Modified: Thu, 23 Mar 2023 17:18:41 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 9c689641e0b746cd4bc0dba000933496
78fedb0dc677f79859e3004dda31e1b3bd829c16
c7f67f66fc400b404c947d9cdcd59cfdc9719c6dc60e4a6d8d51cf187bb1fec3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5723
Cache-Control: max-age=119389
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:15 GMT
Etag: "641c89f1-1d7"
Expires: Sat, 25 Mar 2023 18:54:04 GMT
Last-Modified: Thu, 23 Mar 2023 17:18:41 GMT
Server: ECAcc (amb/6B38)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 9c689641e0b746cd4bc0dba000933496
78fedb0dc677f79859e3004dda31e1b3bd829c16
c7f67f66fc400b404c947d9cdcd59cfdc9719c6dc60e4a6d8d51cf187bb1fec3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6399
Cache-Control: max-age=120065
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:15 GMT
Etag: "641c89f1-1d7"
Expires: Sat, 25 Mar 2023 19:05:20 GMT
Last-Modified: Thu, 23 Mar 2023 17:18:41 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~1152e2e7.5cd7900ef7305c3b577a.chunk.css?e=p
34.107.241.180200 OK 1.8 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~1152e2e7.5cd7900ef7305c3b577a.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (2702)
Hash f1039f1cbc13b117771efc6feb6e319d
1a88ecd24b55c5a67e2db6618c97aa39c6b27544
43a95af276c4707c9ad293286a1ff29444c6a5cd42c63c05032ced072c1d1a0a
GET /fulcrum/v4/master/dynamic/mobile.app~1152e2e7.5cd7900ef7305c3b577a.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduCaE9JKDhdDxIFC-crvk1vBnMCJRA1cmysMj0pgc5PI_px-KS1Vxq6ZmR45Ent1fwyRMrr_TDw-jExmbLIKy5Q
x-goog-generation: 1678963675432023
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1810
content-encoding: gzip
x-goog-hash: crc32c=nVa5Eg==, md5=8QOfHLwTsRd3Hvxv624xnQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1810
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 16 Mar 2023 11:15:00 GMT
expires: Thu, 13 Apr 2023 11:15:00 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Thu, 16 Mar 2023 10:47:55 GMT
etag: "f1039f1cbc13b117771efc6feb6e319d"
content-type: text/css
vary: Origin
age: 685755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.relay~e741b245.556881eaa71238764923.chunk.js?e=p
34.107.241.180200 OK 25 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.relay~e741b245.556881eaa71238764923.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash dbf66eb18d36660cea23083e26f60bbc
0efbe5910b161495208cfc44a186c8dba1c83a55
0862c52183bf85e7e1c79fec6999181c710763b07e95151869890bbd04f289f0
GET /fulcrum/v4/master/dynamic/mobile.relay~e741b245.556881eaa71238764923.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu862VaOUdi0m76M3Ai99DyU2bhQ6ag_I5R1Nm37Cj6z4VyjAQFsO53IiO594wRTsnoYmZ--ueS011096ZpJKFHwQ
x-goog-generation: 1678110251442178
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 25255
content-encoding: gzip
x-goog-hash: crc32c=tv104Q==, md5=2/ZusY02ZgzqIwg+JvYLvA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 25255
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "dbf66eb18d36660cea23083e26f60bbc"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.runtime.7abd96a46d5573b49655.js?e=p
34.107.241.180200 OK 12 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.runtime.7abd96a46d5573b49655.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (33914)
Hash 79c9fb861e35b053fe64cd719d7698ee
39a172f1f55804aa7d98c228ad4721ed2787faa0
71720828b9a028ccf64e271135ce058f684795ec852e0f34b1b6c895df00d235
GET /fulcrum/v4/master/dynamic/mobile.runtime.7abd96a46d5573b49655.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtTOZAnp1djJobnjbPinKUHLYy6E1ITLCWWdi2OXusNNUo6VWISs5GUaVySEl-U8kb-DqKYlnfP1fnXy8ua8ObhZAAFf5zO
x-goog-generation: 1679479819006749
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12058
content-encoding: gzip
x-goog-hash: crc32c=Py62/A==, md5=ecn7hh41sFP+ZM1xnXaY7g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 12058
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 22 Mar 2023 10:25:19 GMT
expires: Wed, 19 Apr 2023 10:25:19 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Wed, 22 Mar 2023 10:10:19 GMT
etag: "79c9fb861e35b053fe64cd719d7698ee"
content-type: application/javascript
vary: Origin
age: 170336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~65914263.6f996d8b6ea9f23747f1.chunk.css?e=p
34.107.241.180200 OK 1.9 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~65914263.6f996d8b6ea9f23747f1.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (5028)
Hash 71b32aaf113588ee53a750afb9f91a02
7f378b3e6695c22fd99484613ffc4328d4d07816
068bf711982c24a8a09bd4432011c0e52355bb823392ab6421cbf62e0f082f97
GET /fulcrum/v4/master/dynamic/mobile.app~65914263.6f996d8b6ea9f23747f1.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtzNeJDuVfhrJXvXf_cdFTZLVZJtA2BjDURgIxEHfqWUjjLKPkPLEB6FaDEOqyGxI8SsAsvP6tCJxzJ0TGZeNahJQ
x-goog-generation: 1669028776140146
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1881
content-encoding: gzip
x-goog-hash: crc32c=ovdTiA==, md5=cbMqrxE1iO5Tp1CvufkaAg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1881
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 07 Mar 2023 13:14:37 GMT
expires: Tue, 04 Apr 2023 13:14:37 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 21 Nov 2022 11:06:16 GMT
etag: "71b32aaf113588ee53a750afb9f91a02"
content-type: text/css
vary: Origin
age: 1456178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~bead5879.4ba62c335ac53fa2f433.chunk.css?e=p
34.107.241.180200 OK 1.6 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~bead5879.4ba62c335ac53fa2f433.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (2303)
Hash e27a18cf1cd1a858e6bc1e56cfe231bd
73821fe3a5a2cff54c549ae91fb5347b5e6d8a9b
5a9ca458694d9b63411c902fe342f88de706187b5552a1670066753f502cd622
GET /fulcrum/v4/master/dynamic/mobile.app~bead5879.4ba62c335ac53fa2f433.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdumN11AUf2myZd-tLf-0iD0Bbdld7pukliNt74HNGjwhAx4VH78KQHd5mMonCadUui5JEt-N3w7IH2l3Z_uZso1Q9TGxviu
x-goog-generation: 1670506834496426
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1625
content-encoding: gzip
x-goog-hash: crc32c=igy0xQ==, md5=4noYzxzRqFjmvB5Wz+IxvQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1625
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Sun, 19 Mar 2023 17:42:27 GMT
expires: Sun, 16 Apr 2023 17:42:27 GMT
cache-control: public, max-age=2419200,no-transform
age: 403308
last-modified: Thu, 08 Dec 2022 13:40:34 GMT
etag: "e27a18cf1cd1a858e6bc1e56cfe231bd"
content-type: text/css
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 9c689641e0b746cd4bc0dba000933496
78fedb0dc677f79859e3004dda31e1b3bd829c16
c7f67f66fc400b404c947d9cdcd59cfdc9719c6dc60e4a6d8d51cf187bb1fec3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6399
Cache-Control: max-age=120065
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:15 GMT
Etag: "641c89f1-1d7"
Expires: Sat, 25 Mar 2023 19:05:20 GMT
Last-Modified: Thu, 23 Mar 2023 17:18:41 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.relay~e729906e.d4f91a3e428c9214c47d.chunk.js?e=p
34.107.241.180200 OK 18 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.relay~e729906e.d4f91a3e428c9214c47d.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (60425)
Hash 59ec976af73af84500e144d814f3a427
2216be622e1115dbae9848a4084d2d59bea98cc6
803e0f995ec6da04ab9894a77042b3261dc9fb9b991bc9f3c84a7a5a61417978
GET /fulcrum/v4/master/dynamic/mobile.relay~e729906e.d4f91a3e428c9214c47d.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduWe-RvD2dz8G_QqK8tdTJ6AUO_LztHDj6fsS24fHVKObfx4pboJ46BTMjW_VmMxDoQr31v9oOBUgQ9Qa0etnJ8cw
x-goog-generation: 1678110251280871
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 18272
content-encoding: gzip
x-goog-hash: crc32c=oRGoXg==, md5=WeyXavc6+EUA4UTYFPOkJw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 18272
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "59ec976af73af84500e144d814f3a427"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~9b312c24.5ce0864ab3d2da049f18.chunk.js?e=p
34.107.241.180200 OK 12 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~9b312c24.5ce0864ab3d2da049f18.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (35552), with no line terminators
Hash d16fa3cf239d96ea2f45e448dfff932d
72368ad8e73e7c73d43a20398c5f67e75d8f692d
8da665864696cacc698a6dea70702ca9d3585f5ec51f24043926849fe883db6a
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~9b312c24.5ce0864ab3d2da049f18.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsjs1EhuzLIDHHshZvbhfMcmYDe9ve5iB2t269DWA6RJqg49WfZoGmiqjKaEnaGQf_Vc4pxcyxHh6uDUIPOn_Lugw
x-goog-generation: 1678110251844018
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 11677
content-encoding: gzip
x-goog-hash: crc32c=AO7PiA==, md5=0W+jzyOdluovReRI3/+TLQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 11677
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "d16fa3cf239d96ea2f45e448dfff932d"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.react~03cc5dce.77734913a4f3cb73f2ce.chunk.js?e=p
34.107.241.180200 OK 36 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.react~03cc5dce.77734913a4f3cb73f2ce.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (58423)
Hash 2905fbc9971761c0407cc6db59deff7b
91a24bc6e60442fa2e27b6c5bdb8e1ff16ce5493
89b422c3800365d1c5502006b68e04717a275ac49c5cb5e8a563d0bbc92b1a87
GET /fulcrum/v4/master/dynamic/mobile.react~03cc5dce.77734913a4f3cb73f2ce.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduP1uPGqqI6mtEGWryMqY5HNgNSL-hnQFGC5cCLEObss6it64uBNbBM1oBfjwIZ1CGej3dnOcXTOQbZFZFnojEN4A
x-goog-generation: 1678110251295442
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 35665
content-encoding: gzip
x-goog-hash: crc32c=3qWosA==, md5=KQX7yZcXYcBAfMbbWd7/ew==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 35665
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "2905fbc9971761c0407cc6db59deff7b"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~6b6ee712.931be5059391cb6243a1.chunk.js?e=p
34.107.241.180200 OK 19 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~6b6ee712.931be5059391cb6243a1.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (54811), with no line terminators
Hash 1ab6ec241c75d199e0e82b38fe7b1529
97e0fa46f80a8f63d1b9b5db183e49aa85950135
e5c6b38df9bf3dac285ea93ccaf697e9ed188c5122bcebcbc798df2db47c83c1
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~6b6ee712.931be5059391cb6243a1.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtcOAqmVySMwrkfaMRJyxEaX2RoaD8kpv3_qDO8hhbl7xKrKSIEQrQdjAioow-l-HP8C66ORCmvDDvpgQ-fjFYhig
x-goog-generation: 1678110251827652
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 18816
content-encoding: gzip
x-goog-hash: crc32c=NCqRqQ==, md5=GrbsJBx10Zng6Cs4/nsVKQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 18816
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "1ab6ec241c75d199e0e82b38fe7b1529"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~e9b2199d.2a075053e6b9ccf17aa7.chunk.js?e=p
34.107.241.180200 OK 14 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~e9b2199d.2a075053e6b9ccf17aa7.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (42449), with no line terminators
Hash a7d88a83ffc16e35dfd82e6cdb0990ce
533e3f5f79cb3b98bde4f1d1a74a0a305ba5ac30
4ebccd4f41430da242228eb19485e890509f5ffd48bb9b1cc4224f33cebbc811
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~e9b2199d.2a075053e6b9ccf17aa7.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu9JkQjR-QtuKvzA4VFURW7yQiXmZaV6NjnI1HKCpV36fUYtsbq5dIKlV5HtV7LlWlVcULoV6jAVM228D3bUe84eA
x-goog-generation: 1678110251942543
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 13609
content-encoding: gzip
x-goog-hash: crc32c=M3h1HQ==, md5=p9iKg//BbjXf2C5s2wmQzg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 13609
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "a7d88a83ffc16e35dfd82e6cdb0990ce"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/static/c16b1b72809f0ebf0713c5d56aaaa998.svg
34.107.241.180200 OK 2.9 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/static/c16b1b72809f0ebf0713c5d56aaaa998.svg
IP 34.107.241.180:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2945), with no line terminators
Hash 342bb69e34b5d81e1fab7241f0398da8
f12381655ac55a5b4a620595348576477dd61236
79387e649471e7a99751a3168ea95f57796929c435d7f1eb2cfca955bbf23c44
GET /fulcrum/v4/master/static/c16b1b72809f0ebf0713c5d56aaaa998.svg HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222861626250%7c1%22%7d%5d; visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==; leobtag=667909_ED179FB202074EE6A185D27C8D404C26; leonrpid=3747044; leonrbid=15012; leonrmeta=[{"value":"wch3gd1nerjlgpgni2nrrhak","key":"c"}]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsQUodMhUorRrih1WrbMqccCNANaWy2MZXV78Sn-kG9jxijhND-Zbc9-Yxbf9x1kS0igzVEpT4186ssmaTqes7KxQ
x-goog-generation: 1675783529881459
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2945
x-goog-meta-goog-reserved-file-mtime: 1675783502
x-goog-hash: crc32c=T17Tvw==, md5=NCu2njS12B4fq3JB8DmNqA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 2945
server: UploadServer
date: Tue, 07 Mar 2023 20:38:18 GMT
expires: Tue, 04 Apr 2023 20:38:18 GMT
cache-control: public, max-age=2419200
age: 1429557
last-modified: Tue, 07 Feb 2023 15:25:29 GMT
etag: "342bb69e34b5d81e1fab7241f0398da8"
content-type: image/svg+xml
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ik.imagekit.io/leovegas/lv/games/PPr5VBnqZ/DeZ7BS1J4MEJv1.jpg
54.230.111.107200 OK 29 kB URL HTTP/2 ik.imagekit.io/leovegas/lv/games/PPr5VBnqZ/DeZ7BS1J4MEJv1.jpg
IP 54.230.111.107:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 278x278, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81ecc34d15dd2e421c5d0a7b964c72d8
e555a99e3099bbb36bbc3599f43183956dbfaf09
90bde47f69620c196b7eb2221903b2fda20678c41b3d58c76cd352fa6d9bfb11
GET /leovegas/lv/games/PPr5VBnqZ/DeZ7BS1J4MEJv1.jpg HTTP/1.1
Host: ik.imagekit.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 28918
x-request-id: 4874fb35-5f8a-431f-86de-a961bc3e757b
x-server: ImageKit.io
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
etag: W/"70f6-5VWpnjCZu7NrvDWZ9DGDlW2/rwk"
date: Tue, 07 Mar 2023 04:49:51 GMT
vary: Accept
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: tkyYsGXejNKUUQyplcCTj87QVwwbHM5Ljns6O-D3c2wV7PuFCEgAZA==
age: 1486464
X-Firefox-Spdy: h2
ik.imagekit.io/leovegas/lv/games/e4raG1BNE/bldXYUedW8pZwb.jpg
54.230.111.107200 OK 23 kB URL HTTP/2 ik.imagekit.io/leovegas/lv/games/e4raG1BNE/bldXYUedW8pZwb.jpg
IP 54.230.111.107:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 278x278, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b3a70338ca6f11c6c6a27460250f46d9
f0f9f558bd68f785430f56805bdd0549771671eb
ba918e29c68bd7f70438c22e9823757e37676cc44025b2fddc2d22f8988cc1eb
GET /leovegas/lv/games/e4raG1BNE/bldXYUedW8pZwb.jpg HTTP/1.1
Host: ik.imagekit.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 22886
x-request-id: b9f0181b-69f5-44df-92d3-f4b6f62b3b48
x-server: ImageKit.io
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
etag: W/"5966-8Pn1WL1o94VDD1aAW90FSXcWces"
date: Tue, 07 Mar 2023 11:43:50 GMT
vary: Accept
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: N0Dfnx4gzNFbyauvI-jgJWQMsDt-oUJRw-l8AAxs5xSrRb-fRIgJQA==
age: 1461625
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6901
Expires: Fri, 24 Mar 2023 11:39:16 GMT
Date: Fri, 24 Mar 2023 09:44:15 GMT
Connection: keep-alive
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~91835fe9.09ddead3790fa70c1cfc.chunk.js?e=p
34.107.241.180200 OK 7.7 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~91835fe9.09ddead3790fa70c1cfc.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (25581), with no line terminators
Hash c60ca5be3f9fb98943a4e4c128a333b4
234593de5bab63518cf4256b7d8bd00cd7d0a886
2bdf4468478042fccea4e35abb47b83b0d33babe9a7c42b19fde9cd9970019bb
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~91835fe9.09ddead3790fa70c1cfc.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv1DlhEHGngYgwxwpfNuuryv2OsJoulNK5hj8wCY85wQ44WAWcCPOIVBaccQuhL_eUZYiy3Fq6LkP1IrFAl9sKy-A
x-goog-generation: 1678110251797275
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7708
content-encoding: gzip
x-goog-hash: crc32c=sMuFAQ==, md5=xgylvj+fuYlDpOTBKKMztA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7708
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "c60ca5be3f9fb98943a4e4c128a333b4"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 9c689641e0b746cd4bc0dba000933496
78fedb0dc677f79859e3004dda31e1b3bd829c16
c7f67f66fc400b404c947d9cdcd59cfdc9719c6dc60e4a6d8d51cf187bb1fec3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5723
Cache-Control: max-age=119389
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:15 GMT
Etag: "641c89f1-1d7"
Expires: Sat, 25 Mar 2023 18:54:04 GMT
Last-Modified: Thu, 23 Mar 2023 17:18:41 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6901
Expires: Fri, 24 Mar 2023 11:39:16 GMT
Date: Fri, 24 Mar 2023 09:44:15 GMT
Connection: keep-alive
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~80e93ec1.35cf46730125732d2b96.chunk.js?e=p
34.107.241.180200 OK 22 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~80e93ec1.35cf46730125732d2b96.chunk.js?e=p
IP 34.107.241.180:0
File type Unicode text, UTF-8 text, with very long lines (29073), with LF, NEL line terminators
Hash a26e858f8405dd5f75a4b505ddab8f4d
2733ba67293abe032d9e55fd4e958669eca77652
fcdcf74338d953612f27c0a6403055c84deee9bb3934151ba0be07104a4e9a2a
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~80e93ec1.35cf46730125732d2b96.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdso-0yGsdTkcWyT96It6znqufxo53xIfdx4jY33W8i2RvPWtEqJyNSK37sH6_kknDgX76f9G6HLt6HBBH6zFms-fQ
x-goog-generation: 1679319458217981
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 22129
content-encoding: gzip
x-goog-hash: crc32c=QBfshg==, md5=om6Fj4QF3V91pLUF3auPTQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 22129
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:38 GMT
etag: "a26e858f8405dd5f75a4b505ddab8f4d"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~acf67890.2eec108dc7748ef2e8bf.chunk.js?e=p
34.107.241.180200 OK 12 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~acf67890.2eec108dc7748ef2e8bf.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (46125), with no line terminators
Hash 07ad96a44666b86822a2b9ab666b9ab0
50d958955a9ade32dbc3962ea594d8c6b76176e2
5e835fb7860e6c4bbb2151d733087b4a7ec83ad6e3c16ae1153cb0b38e079e41
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~acf67890.2eec108dc7748ef2e8bf.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu0s5MneOamn4mCa-uYcEyjs6vt4vPRMHg3wgUeANcSb7W5w5qo5nLdSKqNMCSn3aYUqPNSvhjZHsKMn-mEKYTvAA
x-goog-generation: 1678110251828233
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12365
content-encoding: gzip
x-goog-hash: crc32c=rbZ/PA==, md5=B62WpEZmuGgiormrZmuasA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 12365
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "07ad96a44666b86822a2b9ab666b9ab0"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~4da73d43.7600ce349d005aeceee9.chunk.js?e=p
34.107.241.180200 OK 7.5 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~4da73d43.7600ce349d005aeceee9.chunk.js?e=p
IP 34.107.241.180:0
File type Unicode text, UTF-8 text, with very long lines (21358), with no line terminators
Hash f1c144dc2301c3607f3dfb9b7e809efb
cd8b806a080cad7560daefa37a22c5796cbecd99
ceb456a1397113df5478fa6dd80c5958c3ffb8c21b1ffb135efdf51e5fe12a62
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~4da73d43.7600ce349d005aeceee9.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsciTWA_ZIrWagmTdyF_vopPpBUfTo0n_CuRnLExgCeqBVH4nA2wVfS4l5WQBCTIkTP1OWNWEdXdXh4pAEErdAJJw
x-goog-generation: 1678110251767302
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7515
content-encoding: gzip
x-goog-hash: crc32c=E+dA0Q==, md5=8cFE3CMBw2B/PfubfoCe+w==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7515
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "f1c144dc2301c3607f3dfb9b7e809efb"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~127b6cf7.5968132b62c691d897cb.chunk.js?e=p
34.107.241.180200 OK 24 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~127b6cf7.5968132b62c691d897cb.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 38eee39516b6cb5cea3625e7e15d5f17
4ed8a03ac1643405e61e1f71d4e28d8de47d5d33
a1cbe75743a72971b0c70395c19194132b4c420d4135d32b10332f68490c6cad
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~127b6cf7.5968132b62c691d897cb.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsnz1EWYK0g6N-ulHPvKUVDpcKWvVf9akvX_8ziUs11tDby0q1iiTtbfXcwo7UDy4fCn5Y0SOiWwys2ZPHE84BsIA
x-goog-generation: 1678110251746595
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 23571
content-encoding: gzip
x-goog-hash: crc32c=1mAWgg==, md5=OO7jlRa2y1zqNiXn4V1fFw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 23571
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "38eee39516b6cb5cea3625e7e15d5f17"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6901
Expires: Fri, 24 Mar 2023 11:39:16 GMT
Date: Fri, 24 Mar 2023 09:44:15 GMT
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 9c689641e0b746cd4bc0dba000933496
78fedb0dc677f79859e3004dda31e1b3bd829c16
c7f67f66fc400b404c947d9cdcd59cfdc9719c6dc60e4a6d8d51cf187bb1fec3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 142
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:15 GMT
Etag: "641c89f1-1d7"
Last-Modified: Fri, 24 Mar 2023 09:41:53 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~a8f9656c.81b5147c454a9d4872bd.chunk.js?e=p
34.107.241.180200 OK 20 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~a8f9656c.81b5147c454a9d4872bd.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (52100)
Hash 4d05e785a2a4480a874c16f39c5ec305
5711d12ba972242518d83dd8310ddb48a8b2ea22
fe9c113b22c3b4aeca6c14324220168f71b6c9b8740c8fc16c540dc97d8a53e5
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~a8f9656c.81b5147c454a9d4872bd.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvX3MnzZctBknFTsWmQ3fLQky9v9J8CvRD2qYPRcmLhDth2LSxLexgTlozUEh5fXG4VBrC7ADTOCRXtUlxjO7KTcA
x-goog-generation: 1678110251942169
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 20063
content-encoding: gzip
x-goog-hash: crc32c=wuWPVA==, md5=TQXnhaKkSAqHTBbznF7DBQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 20063
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "4d05e785a2a4480a874c16f39c5ec305"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~1d14d743.3c0efc34a658b73f64dc.chunk.js?e=p
34.107.241.180200 OK 4.8 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~1d14d743.3c0efc34a658b73f64dc.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (12062)
Hash 8b8453f806d76384ddac69e7dcb52311
5b79483d8d705d77ec7c768ab521d5469a890f52
150c2fc0eaa5633bf1ca68921959c29286b43c5250176bef6cd7dda73a50646e
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~1d14d743.3c0efc34a658b73f64dc.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvwqKLw0ZSyzK7-RhrBdu3caSA_fS5FNePWjYCr0qkE2Q52H6oo80jhRQvx8hYpHDpcH8sBlfgGkVEAVprFS1eE4w
x-goog-generation: 1678110251653210
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 4804
content-encoding: gzip
x-goog-hash: crc32c=ytDTng==, md5=i4RT+AbXY4TdrGnn3LUjEQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 4804
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "8b8453f806d76384ddac69e7dcb52311"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6901
Expires: Fri, 24 Mar 2023 11:39:16 GMT
Date: Fri, 24 Mar 2023 09:44:15 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~0efdf0b8.2b9cc901525e72d0d85a.chunk.js?e=p
34.107.241.180200 OK 30 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~0efdf0b8.2b9cc901525e72d0d85a.chunk.js?e=p
IP 34.107.241.180:0
File type Unicode text, UTF-8 text, with very long lines (46939)
Hash 0d5841944e72acfaa9d1a30d9232e6be
7653ac365728fb053f48ef54cedcfaa6e0c9ec33
f33f772d12a9fe9add08eacca1b8dace86779b1a52970e7b4a032aa0778ae312
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~0efdf0b8.2b9cc901525e72d0d85a.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtfD6Stw0uRukV5jFJ_sl7ApahymCJxu7HtkDjNkd-EeGnlwF9X_BEQ2WKGyl2zLE3ZmHPH52b1R6jZZ9RcWhtiwg
x-goog-generation: 1678110251770880
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 30343
content-encoding: gzip
x-goog-hash: crc32c=pIF2Ng==, md5=DVhBlE5yrPqp0aMNkjLmvg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 30343
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "0d5841944e72acfaa9d1a30d9232e6be"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49e3bd59-44bb-4c85-81cb-08614cf98777.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49e3bd59-44bb-4c85-81cb-08614cf98777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89cd024b8021bb2873b0b8972c77cb47
9aea167a3ebf62d91e705433f13b9fb0194daad4
454e0b9e6e12f7a8a1a87913fb7f539358bbfdb1371e30abd472c897082c2a38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49e3bd59-44bb-4c85-81cb-08614cf98777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8490
x-amzn-requestid: 7444a745-87e0-4424-92fd-630bf7cacc0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQP4QFRxoAMF3Yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc69a-112bec36430d78e3733e6e12;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:37:31 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 7bujxVYzIuSbb0k7QTtODPpARYVNjAExwSJwNlRWNwR1u_oGeDZqow==
via: 1.1 626ad4a6bf529166d2aad94a2957694c.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:13:47 GMT
age: 41428
etag: "9aea167a3ebf62d91e705433f13b9fb0194daad4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.leovegas.com/en-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
107.154.248.168200 OK 181 kB URL HTTP/2 www.leovegas.com/en-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
IP 107.154.248.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (40162)
Size 181 kB (181116 bytes)
Hash e8b0a4a293bc0c9e5b3bd94efd69521a
8c568c4771875d59d6ae17f0ba9dd658694a0dc2
7c5602841ecc2523b88f6d7f7bc4808549dc3277573f5822571bdc7e3645434a
GET /en-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012 HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; leo-essentials=%7B%22cid%22%3A%22ce969956-c0fc-402c-a2d2-8112a6bea827%22%7D; visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 09:44:14 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
set-cookie: leobtag=667909_ED179FB202074EE6A185D27C8D404C26; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrpid=3747044; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrbid=15012; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
leonrmeta=[{"value":"wch3gd1nerjlgpgni2nrrhak","key":"c"}]; Max-Age=3888000; Domain=.leovegas.com; Path=/; HttpOnly; Secure
etag: bbd026564edac9ebc1963c8bb6f816d9274a423d
cache-control: public, must-revalidate
x-render-cache: 1
x-cache-key: bbd026564edac9ebc1963c8bb6f816d9274a423d
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com webcache.googleusercontent.com
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cdn: Imperva
x-iinfo: 3-5052336-5051586 PNNy RT(1679651053824 111) q(0 0 0 -1) r(1 1) U12
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d6ed667dad0c17b3f1697f6ad5f1dd2
9eff2b1900bc9788dfbff11fce69cc7c944b1fc1
ec0f7b928c7efd46d2679477acd9f3bf0b335f31b9739c4e925b23bd5cd16a05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8385
x-amzn-requestid: 7b1e47a8-7adb-48d9-9b0e-036305a77957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xbmGJsoAMF-5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562b0-2e4e7a3b14bfce4210def298;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 61beGZuZOIgOsG91c3VjhfcAEk4jwLQ1wyZ8OufNOLMkPwRSCcHo7Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 04:34:28 GMT
age: 18587
etag: "9eff2b1900bc9788dfbff11fce69cc7c944b1fc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fced2b6fc-bd10-4ea8-bf1d-03a29da081f6.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fced2b6fc-bd10-4ea8-bf1d-03a29da081f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09021529f311448e284f6b65ef322bf9
f9aecb6f69fb068c5b2bb660d21338ab6cff3ae9
2bc6b1fd474101cbbc6100f2afab3973552ff71d3fd73e9970efd6c67e71cd38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fced2b6fc-bd10-4ea8-bf1d-03a29da081f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8001
x-amzn-requestid: c128e071-673c-4e31-96a8-049a6eb48660
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQQjsHlXIAMFX3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc7b0-3efff85e1cdbe08118fe7dce;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:42:08 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: t-lqKBTduo9OZniqXSzzvxHu2XzsQIn0CsboARa7nwcIuHA63Ir0UA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:14:01 GMT
age: 41414
etag: "f9aecb6f69fb068c5b2bb660d21338ab6cff3ae9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~bfe0ed74.2e94f4cfba6e37253e72.chunk.js?e=p
34.107.241.180200 OK 23 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~bfe0ed74.2e94f4cfba6e37253e72.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6ae2e28a47a6e89d2816b2c87c95f2e7
70371d31003e8c71bf750b9b147c9a41a61dfb2c
0a7f19ae1bba7214227a517cc67652d974ca0bab2921412145fd302056e313b0
GET /fulcrum/v4/master/dynamic/mobile.app~bfe0ed74.2e94f4cfba6e37253e72.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvOULJhTM5lOQje7FuQoLdfjfp2MEtLDFFSF-knjzX0oKjvLEHHwa9n5ssn_ya97RZw3bJLEC98LZHU_w2ZLYHJ3R6vzpxL
x-goog-generation: 1679479819035454
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 23145
content-encoding: gzip
x-goog-hash: crc32c=bNdoAw==, md5=auLiikem6J0oFrLIfJXy5w==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 23145
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 22 Mar 2023 10:25:19 GMT
expires: Wed, 19 Apr 2023 10:25:19 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Wed, 22 Mar 2023 10:10:19 GMT
etag: "6ae2e28a47a6e89d2816b2c87c95f2e7"
content-type: application/javascript
vary: Origin
age: 170336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bb55b1044454d0db2324a4af956cd51
5aa34545aa2274453b301c74a083034273177cbd
fb7fa8b91ff7374ac6be2df05e1e98194f2adf3ce728b02a66323993145975ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7405
x-amzn-requestid: 9865b715-ff9b-498d-95b3-c728fd3430be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt7E46oAMF1Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-78b66faf317a7aaf689de782;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: MOdi4IjE6ooc_bhXhjI2pikpJfBxxg7kS8qHmvDRZD169vLef4FKYw==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:42:31 GMT
age: 43304
etag: "5aa34545aa2274453b301c74a083034273177cbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~9675856e.a3895382864b64c9d9a0.chunk.js?e=p
34.107.241.180200 OK 31 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~9675856e.a3895382864b64c9d9a0.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f22d529bf23b55c098fcdf86c5da80d1
2b17724b5a0a7cf88809c70ef0d5b97c09d735ce
308e6963a13c81022999449f6fd43337522a615cc26c5dca228f68769ee90de6
GET /fulcrum/v4/master/dynamic/mobile.app~9675856e.a3895382864b64c9d9a0.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduEs-ycMXNJk4949WU0vLdAmwU1ltT8hIsV7Ju7woHzHYt_a4WQ4l5ACE2PxCFOFq5wcJxVGLEc0z12wUjyChQisQ
x-goog-generation: 1679319458052173
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 30719
content-encoding: gzip
x-goog-hash: crc32c=WZE5Vw==, md5=8i1Sm/I7VcCY/N+GxdqA0Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 30719
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:38 GMT
etag: "f22d529bf23b55c098fcdf86c5da80d1"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aa66443-f7a3-4c3f-9601-88479f0d3377.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aa66443-f7a3-4c3f-9601-88479f0d3377.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16968f32674c676d865a1a1abc045cba
40cdf5ecb6b5d368e6ffd0c7bc1de3a6d13e70e2
22419b3ebddc3fba458ef919a6241542c93314be1e09c17d0eb0c6575b72f7b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aa66443-f7a3-4c3f-9601-88479f0d3377.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8526
x-amzn-requestid: f94c33e6-3139-4242-b558-d48f4c3df59a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPu6F6EIAMF3OQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc65f-60e85e784b4bbea405990940;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:31 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: N4GMc0IIhJeaRdew2ZNSj3I7a_CLXYLutmgCNPL41PEUfMJdcq1w1Q==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:37:38 GMT
etag: "40cdf5ecb6b5d368e6ffd0c7bc1de3a6d13e70e2"
content-type: image/jpeg
age: 39997
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~521067a8.61dcb28a0f60b4851c08.chunk.js?e=p
34.107.241.180200 OK 10 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~521067a8.61dcb28a0f60b4851c08.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (49037)
Hash 72ccfaee94b50fff0a7009d7496d36bb
d8bedbc9beae280513ffcf26f6e96f4db00bda5e
43e00e84fb73caeefb1c80912fa17afc7a54aeaaee41a299289d1f4b1b14cc7c
GET /fulcrum/v4/master/dynamic/mobile.app~521067a8.61dcb28a0f60b4851c08.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu-cmgFUoFLtdnq8dqyvwg1uD7yF90TboJLTp8UmAh1DD1K8LSGBVZGEpNiHQIs2Jdluh48x8417p8JNvjLrGYKHg
x-goog-generation: 1679319457867658
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10252
content-encoding: gzip
x-goog-hash: crc32c=Czr5MA==, md5=csz67pS1D/8KcAnXSW02uw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 10252
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:37 GMT
etag: "72ccfaee94b50fff0a7009d7496d36bb"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~b60d9e2a.3d2bdf46f651ee8189c8.chunk.js?e=p
34.107.241.180200 OK 40 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~b60d9e2a.3d2bdf46f651ee8189c8.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 062c83a071fb1d1b523a03c23f0f7c57
8deecd3d90cb874fddc422429ffbf73e1e1f7366
eab5050961de1c0d75a036542eba7c1241d7477cdf6125fadb6952521d386148
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~b60d9e2a.3d2bdf46f651ee8189c8.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycds4MCYS_CweV6Nuri-J8yBvKTkxgIMGD1MhDe6uRKgmOYG_AH6km7kYUlm1U-KpCZO3rYEFT8CzCq58JpTlWOYH1w
x-goog-generation: 1678110251970553
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 39936
content-encoding: gzip
x-goog-hash: crc32c=Qbs0EQ==, md5=BiyDoHH7HRtSOgPCPw98Vw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 39936
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "062c83a071fb1d1b523a03c23f0f7c57"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~c7b8ce09.88b16b8189638f0ba78d.chunk.js?e=p
34.107.241.180200 OK 38 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~c7b8ce09.88b16b8189638f0ba78d.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ea7fd11ed0c412d833ec9c88bef24651
2530856dcae0c11030c1653d7f450bc9acba9bdd
55716f07c86d88c0ab4132db399c849fd864b721c415b186716b0ea70488efd7
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~c7b8ce09.88b16b8189638f0ba78d.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtjfyYdV8gaei8qS4L_F0Yk74msy7pAaNssz-GOc4arAXyhHWa-fE4A0mI9Jmz3ZrBycu1MZffjOCJLKHDQR1zjQQ
x-goog-generation: 1678110251951569
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 37478
content-encoding: gzip
x-goog-hash: crc32c=yTmtjg==, md5=6n/RHtDEEtgz7JyIvvJGUQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 37478
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 06 Mar 2023 13:44:11 GMT
etag: "ea7fd11ed0c412d833ec9c88bef24651"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.leovegas.com/nb-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
107.154.248.168302 Found 40 kB URL HTTP/2 www.leovegas.com/nb-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
IP 107.154.248.168:0
File type ASCII text, with very long lines (40178)
Hash ea23c97c0833de30d9369dba03624e58
3199f15543f6b72cf5a926b0e7a8e5e40a55f79e
f9d1f532786e5c26bf29fc95f5570a9c492109d7543ee81b99ee031986a1e4e9
GET /nb-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012 HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 24 Mar 2023 09:44:14 GMT
content-type: application/json; charset=utf8
content-encoding: gzip
location: /en-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com webcache.googleusercontent.com
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
set-cookie: leo-essentials=%7B%22cid%22%3A%22ce969956-c0fc-402c-a2d2-8112a6bea827%22%7D; Max-Age=31536000; Path=/; Secure
visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; expires=Fri, 22 Mar 2024 22:59:42 GMT; HttpOnly; path=/; Domain=.leovegas.com; Secure; SameSite=None
nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; path=/; Domain=.leovegas.com; Secure; SameSite=None
incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==; path=/; Domain=.leovegas.com; Secure; SameSite=None
x-cdn: Imperva
x-iinfo: 3-5052336-5051586 PNNy RT(1679651053824 36) q(0 0 0 0) r(1 1) U11
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~748942c6.0e315a717ce30b07f0b7.chunk.js?e=p
34.107.241.180200 OK 33 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~748942c6.0e315a717ce30b07f0b7.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0e237fca94e0bf6190acafcd2e73f6a7
5a91140e6f149718a649061ce973c8c0e4af4cd4
57deaf2dc6559db1b2c6bf20d07d8a3ff1c3ded1300abdfac4289fce4e5d0ce5
GET /fulcrum/v4/master/dynamic/mobile.app~748942c6.0e315a717ce30b07f0b7.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvD3YCUjOyVKUKWUG5HSRp_ErlAeMqNvaVnhHcx_pVkqaWKM8rF-3hmWHVTW4489pQN-uY8QEP2ThoeA32fW9fTtw
x-goog-generation: 1679319458072973
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 33101
content-encoding: gzip
x-goog-hash: crc32c=HeJ/Jg==, md5=DiN/ypTgv2GQrK/NLnP2pw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 33101
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:38 GMT
etag: "0e237fca94e0bf6190acafcd2e73f6a7"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~CasinoCategory~CasinoScreen~9b1fde68.a9e7c39286349e3c8b9b.chunk.js?e=p
34.107.241.180200 OK 6.4 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~CasinoCategory~CasinoScreen~9b1fde68.a9e7c39286349e3c8b9b.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (13972)
Hash b790aa79e68a58b70d18df8a45aac11f
400f3aa04a0eb1f26403f41dba65de81591a5d75
0408b3c96867519c8b23e4539bf3c6b68c0c87271db3ed8f0b2c8752e4078791
GET /fulcrum/v4/master/dynamic/mobile.vendors~CasinoCategory~CasinoScreen~9b1fde68.a9e7c39286349e3c8b9b.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdszR7kd5Ul834jjHClB8B43sBPpV84BakIeyxzXoyzBqqwTmSAe3hfl-1CIq6CBavuZ1l5wtVVJSGd2y8uaPMmBTrKzg7qe
x-goog-generation: 1678352180101387
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 6393
content-encoding: gzip
x-goog-hash: crc32c=YhSHiA==, md5=t5CqeeaKWLcNGN+KRarBHw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 6393
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 09 Mar 2023 09:03:23 GMT
expires: Thu, 06 Apr 2023 09:03:23 GMT
cache-control: public, max-age=2419200,no-transform
age: 1298452
last-modified: Thu, 09 Mar 2023 08:56:20 GMT
etag: "b790aa79e68a58b70d18df8a45aac11f"
content-type: application/javascript
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~AndroidAppScreen~BankID~BonusInfoScreen~BonusTermsScreen~CampaignScreen~CasinoScreen~CommonC~3e8f83d7.63b6466f9924924a7958.chunk.js?e=p
34.107.241.180200 OK 4.1 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~AndroidAppScreen~BankID~BonusInfoScreen~BonusTermsScreen~CampaignScreen~CasinoScreen~CommonC~3e8f83d7.63b6466f9924924a7958.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (10428), with no line terminators
Hash 034fb7858a5ff59950bed208d714703c
dbdf9db8043cfd589c440a34c9d2f3529357268a
451479595a7b8d04375c3ae655734c7995f9dc4bc934e2ea27c3513f24ca8c0f
GET /fulcrum/v4/master/dynamic/mobile.vendors~AndroidAppScreen~BankID~BonusInfoScreen~BonusTermsScreen~CampaignScreen~CasinoScreen~CommonC~3e8f83d7.63b6466f9924924a7958.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycds4EadhLUi95DhyUWXmj6XtCLdwV7agv2lR2Pg4KYYsQUN1yuHwimxhxsQxQns80SilpeQYxh10jAorlB_igw6fhg
x-goog-generation: 1678352179906155
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 4149
content-encoding: gzip
x-goog-hash: crc32c=etO6Vw==, md5=A0+3hYpf9ZlQvtII1xRwPA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 4149
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 09 Mar 2023 09:03:24 GMT
expires: Thu, 06 Apr 2023 09:03:24 GMT
cache-control: public, max-age=2419200,no-transform
age: 1298451
last-modified: Thu, 09 Mar 2023 08:56:19 GMT
etag: "034fb7858a5ff59950bed208d714703c"
content-type: application/javascript
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~CasinoScreen~MyOffers~Payment~WelcomeOffer~b3c4a2ff.60604200e65ac8f7e4fe.chunk.js?e=p
34.107.241.180200 OK 6.7 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~CasinoScreen~MyOffers~Payment~WelcomeOffer~b3c4a2ff.60604200e65ac8f7e4fe.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (29702), with no line terminators
Hash 9e1a5067ae5a446815cdf57961a711b1
3075d3937de3f5191936bfffacb838f2cb141825
129d9a0d28e49eff2962e835eb839909f39bde722ab765d040ba56c1d16cb908
GET /fulcrum/v4/master/dynamic/mobile.vendors~CasinoScreen~MyOffers~Payment~WelcomeOffer~b3c4a2ff.60604200e65ac8f7e4fe.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvOHzDzQKAVSHBYTLv70WbXT7q0kbqGY3coqPHEHLap5O30qR41YhJnO_1l5rljMu2jBscFztOIr589UyPKu69UmA
x-goog-generation: 1679319458087304
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 6712
content-encoding: gzip
x-goog-hash: crc32c=Aqx6ag==, md5=nhpQZ65aRGgVzfV5YacRsQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 6712
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:10 GMT
expires: Mon, 17 Apr 2023 13:49:10 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:38 GMT
etag: "9e1a5067ae5a446815cdf57961a711b1"
content-type: application/javascript
vary: Origin
age: 330905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.AuthorizationBar~faa51968.fa954b1b3aa0b64761c0.chunk.js?e=p
34.107.241.180200 OK 5.9 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.AuthorizationBar~faa51968.fa954b1b3aa0b64761c0.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (26510)
Hash 78d6e5bf25326ea814973269c4bd673a
539c0a77d6326f1ea8a60e8d4834bd8a28586d7f
9d071a55154540b448882ec07f2a45c72c0907c7ab1e3b8e3b58c5b7dd52bf1a
GET /fulcrum/v4/master/dynamic/mobile.AuthorizationBar~faa51968.fa954b1b3aa0b64761c0.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsDiaSVuoHTHMFMLJT8HB9IqOzJ06xaWHA-a4dYKsUCTSbiIjH6tNfW4Tt4zUt5OM5Gpz_vKzmEUh56XRZsYsMfJ-HiTK4t
x-goog-generation: 1678352175993116
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5872
content-encoding: gzip
x-goog-hash: crc32c=DGSuhg==, md5=eNblvyUybqgUlzJpxL1nOg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 5872
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 09 Mar 2023 09:03:23 GMT
expires: Thu, 06 Apr 2023 09:03:23 GMT
cache-control: public, max-age=2419200,no-transform
age: 1298452
last-modified: Thu, 09 Mar 2023 08:56:16 GMT
etag: "78d6e5bf25326ea814973269c4bd673a"
content-type: application/javascript
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BottomBarScreen~493df0b3.b516e392cabbdf0455e3.chunk.js?e=p
34.107.241.180200 OK 20 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BottomBarScreen~493df0b3.b516e392cabbdf0455e3.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 32e13469f323cbef23e9980f8abc1cac
f7bc5271088224dba598abfe5215ba2983a6806f
7ffddb5004b23d6e6f38d577a2e3b30a85d05ec3c9e291ce8b93179fe919136b
GET /fulcrum/v4/master/dynamic/mobile.BottomBarScreen~493df0b3.b516e392cabbdf0455e3.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvcLwqw_2Nqa5Y-Y700tIl-VPQQw_K8aTf5qZSYeV3vanttFUwVxEH7hWkBl2qdMnc3e_6bTPzTDkrDS_FJ4EmJUg
x-goog-generation: 1679319455203269
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 19538
content-encoding: gzip
x-goog-hash: crc32c=HuXZOQ==, md5=MuE0afMjy+8j6ZgPirwcrA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 19538
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:10 GMT
expires: Mon, 17 Apr 2023 13:49:10 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:35 GMT
etag: "32e13469f323cbef23e9980f8abc1cac"
content-type: application/javascript
vary: Origin
age: 330905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.ROWBanner~bfe0ed74.0446bb98668232c5d3be.chunk.css?e=p
34.107.241.180200 OK 855 B URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.ROWBanner~bfe0ed74.0446bb98668232c5d3be.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (2056)
Hash 4a16c5f59bea1f27ee21dbcff3c5a4c0
1a5ccf49d4297fe14b0586c5302a0c7666dfd89b
270812d18857fefd0d504acb0e07180ddd0bb6be0760ff6276551565bdde8da2
GET /fulcrum/v4/master/dynamic/mobile.ROWBanner~bfe0ed74.0446bb98668232c5d3be.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvj9q1nFuqKLky-SXFcUhv2eD-AGas0b9g5KkOdCFq419b8FyEqrsBMQvTbNG_Hvt6u-SZz5rT7PJRgakvCQS-Z1A
x-goog-generation: 1675167093709299
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 855
content-encoding: gzip
x-goog-hash: crc32c=GXWvqw==, md5=ShbF9ZvqHyfuIdvP88WkwA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 855
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 15 Mar 2023 22:22:20 GMT
expires: Wed, 12 Apr 2023 22:22:20 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Tue, 31 Jan 2023 12:11:33 GMT
etag: "4a16c5f59bea1f27ee21dbcff3c5a4c0"
content-type: text/css
vary: Origin
age: 732115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.AuthorizationBar~faa51968.96d7b9660bac924e9e28.chunk.css?e=p
34.107.241.180200 OK 825 B URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.AuthorizationBar~faa51968.96d7b9660bac924e9e28.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (862)
Hash fd587e74839b1c5b1633eb0dc71cdbb3
4112fb16194b143a25e6944fa47c324db0efc7c0
05181e87f506d22c56e19cb8bacf26d7c5bea740cc1b5024a098a311d2a7f9b4
GET /fulcrum/v4/master/dynamic/mobile.AuthorizationBar~faa51968.96d7b9660bac924e9e28.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdscWvaI0frl3STJmIwUxzOH4H0J9HQ5U1ExZniBClQ-iZKCGqz5cfnqm3L5-18yAC4vqHgaN5MQFhkhDR_JV_i-VMcJ_l21
x-goog-generation: 1669118795773812
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 825
content-encoding: gzip
x-goog-hash: crc32c=4EUfsA==, md5=/Vh+dIObHFsWM+sNxxzbsw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 825
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 07 Mar 2023 13:52:13 GMT
expires: Tue, 04 Apr 2023 13:52:13 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Tue, 22 Nov 2022 12:06:35 GMT
etag: "fd587e74839b1c5b1633eb0dc71cdbb3"
content-type: text/css
vary: Origin
age: 1453922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash efe6268f9f1914b9d7e1c4c34643f63f
73e7e277a24f4a6ce0c67d5f1d304e15313bc6b1
ab809b97937c989b5819116350b5ae0a7d87fb7250cb0dd0a613bf3e18bbcfd1
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87425
Date: Fri, 24 Mar 2023 09:44:15 GMT
Etag: "641c0b7f-1d7"
Expires: Sat, 25 Mar 2023 10:01:20 GMT
Last-Modified: Thu, 23 Mar 2023 08:19:11 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BiXuEjHwLEbVTgRielkU_9vqm_bK-JfCoTgE7_jMOXgxZyaQflvcGA==
Age: 6129
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.ROWBanner~bfe0ed74.3f713ab51fced2ff5219.chunk.js?e=p
34.107.241.180200 OK 1.5 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.ROWBanner~bfe0ed74.3f713ab51fced2ff5219.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (3281)
Hash bda3ef1475eec4244fb6acb3b9b72ad7
506c57aad7bbfdf453c9790755fc1315b00f1405
9683b31cb8a11f88fa2dbc300564b1af7c9f8ebaf0bc79be5baaa71cfb29293e
GET /fulcrum/v4/master/dynamic/mobile.ROWBanner~bfe0ed74.3f713ab51fced2ff5219.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsM-cgnM3uIcYAtpRtPFb7WTUGu-65-6_ab0373xGFAR155gBMhfam3lFehN1MgaBusb9DETyu4vgJ_5c00_-DYEg
x-goog-generation: 1679319456678585
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1504
content-encoding: gzip
x-goog-hash: crc32c=3r+5xw==, md5=vaPvFHXuxCRPtqyzubcq1w==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1504
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:05 GMT
expires: Mon, 17 Apr 2023 13:49:05 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:36 GMT
etag: "bda3ef1475eec4244fb6acb3b9b72ad7"
content-type: application/javascript
vary: Origin
age: 330910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BankID~BankingVerification~DEVerification~Deposit~FlowChecker~GameScreen~KYCCheck~LoginScreen~LostPa~952074d0.d01d872af38a2b83fed6.chunk.css?e=p
34.107.241.180200 OK 3.2 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BankID~BankingVerification~DEVerification~Deposit~FlowChecker~GameScreen~KYCCheck~LoginScreen~LostPa~952074d0.d01d872af38a2b83fed6.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (3276)
Hash 1f3980b31a459738edf6b8f64e0c549b
b0fe9692e7c1ee7205a291fbab885273aa9dfbfd
ede6d828fce80956c5cb66a8dc0211ede58718ce01a3da9867a6141e372752bf
GET /fulcrum/v4/master/dynamic/mobile.BankID~BankingVerification~DEVerification~Deposit~FlowChecker~GameScreen~KYCCheck~LoginScreen~LostPa~952074d0.d01d872af38a2b83fed6.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvuPC_S4H5TTadrC8UfM74klgxWxGvKe_Kt9CLF9ewpkICB-x0pnkEEbW9611TW2JyKnJTpZuvuINpD_t2LLMt93h7rB-BW
x-goog-generation: 1675167093338125
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3216
content-encoding: gzip
x-goog-hash: crc32c=Okt9Ow==, md5=HzmAsxpFlzjt9rj2TgxUmw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 3216
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 15 Mar 2023 20:12:37 GMT
expires: Wed, 12 Apr 2023 20:12:37 GMT
cache-control: public, max-age=2419200,no-transform
age: 739898
last-modified: Tue, 31 Jan 2023 12:11:33 GMT
etag: "1f3980b31a459738edf6b8f64e0c549b"
content-type: text/css
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Experimentation~0035cfbb.87b9638f5bff200a8c5d.chunk.js?e=p
34.107.241.180200 OK 1.4 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Experimentation~0035cfbb.87b9638f5bff200a8c5d.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (2892)
Hash 67ad7f2b4bcaa15ca6ceb76659b50e67
93b80493c1f216342097e1a2e3f46a909238d8cd
03940f0814f5dad654419b01bbf7fb2fa8975edb953a4b3d8cf6795e95c59067
GET /fulcrum/v4/master/dynamic/mobile.Experimentation~0035cfbb.87b9638f5bff200a8c5d.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvbYE3MFR6MBrx3w0RqKvR_NCIPmfxG32DHbPKpv7qByY4nMamQNJIC2iIa0bnipnPjtmWODUxg5sg0Q0011uwSFw
x-goog-generation: 1677830925394314
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1390
content-encoding: gzip
x-goog-hash: crc32c=sOKjiA==, md5=Z61/K0vKoVymzrdmWbUOZw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1390
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 03 Mar 2023 09:15:11 GMT
expires: Fri, 31 Mar 2023 09:15:11 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Fri, 03 Mar 2023 08:08:45 GMT
etag: "67ad7f2b4bcaa15ca6ceb76659b50e67"
content-type: application/javascript
vary: Origin
age: 1816144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.DocumentTitle~344174d7.3d36547536b86e624035.chunk.js?e=p
34.107.241.180200 OK 1.0 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.DocumentTitle~344174d7.3d36547536b86e624035.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (1675)
Hash ffe696ae5564fe898d96f91ee9c7ef64
54159c5f87cf8a18e0210c92ef2ce220f34d592d
142f831b8ff180d366e342613194eb5bcee88a4789cc83c028f5da1ba3033090
GET /fulcrum/v4/master/dynamic/mobile.DocumentTitle~344174d7.3d36547536b86e624035.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvyIvZ8aODQ8Zcpxj-giF9STc7BJ0BWpmASmjaKF804wsXd5k02dzX-8sdC8Lu1oesygaMAco2M3Jwv0Yk2XnYRAQ
x-goog-generation: 1677830925349888
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1046
content-encoding: gzip
x-goog-hash: crc32c=rffksg==, md5=/+aWrlVk/omNlvke6cfvZA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1046
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 03 Mar 2023 09:15:11 GMT
expires: Fri, 31 Mar 2023 09:15:11 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Fri, 03 Mar 2023 08:08:45 GMT
etag: "ffe696ae5564fe898d96f91ee9c7ef64"
content-type: application/javascript
vary: Origin
age: 1816144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Snackbar~9765a08b.503e1e70d5dd35ddac15.chunk.js?e=p
34.107.241.180200 OK 3.0 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Snackbar~9765a08b.503e1e70d5dd35ddac15.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (8082)
Hash e9b93445bbac208b7c4118bb2f4fe5e7
36cf481b29fdfeb6776202206e380f30fb16bfeb
b46254df2c33160213b4ea9efc5353d44eea2a2e4cfca6b4b24a101098f4e04e
GET /fulcrum/v4/master/dynamic/mobile.Snackbar~9765a08b.503e1e70d5dd35ddac15.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtHhub8JUHDTtTEb3vgQUyO-YzYdGe-6N-phdePxY9RYWCRk5VOE5nQ8dXUx4L7BbVSPVXG8B7Eq2wZyqNCRoN9Tg
x-goog-generation: 1679319457071286
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2973
content-encoding: gzip
x-goog-hash: crc32c=rM4yVw==, md5=6bk0RbusIIt8QRi7L0/l5w==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 2973
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:05 GMT
expires: Mon, 17 Apr 2023 13:49:05 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:37 GMT
etag: "e9b93445bbac208b7c4118bb2f4fe5e7"
content-type: application/javascript
vary: Origin
age: 330910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Snackbar~9765a08b.bbb624b4c6a00e9ac79e.chunk.css?e=p
34.107.241.180200 OK 465 B URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Snackbar~9765a08b.bbb624b4c6a00e9ac79e.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (631)
Hash 99c084dd92a699e13251da924e9724c9
e005575addfea39ef22d6949f9c3dc92fb859389
20fa74d03ed880ed3615b72143b64547ed3ab72665e256e84b07157556903ec0
GET /fulcrum/v4/master/dynamic/mobile.Snackbar~9765a08b.bbb624b4c6a00e9ac79e.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvHwZzgwInpCSLhONLGH_2X4KLkpd7SRddRhHGw7POfwemjPq7wOWeWMabr6g6fhRglr2I9qHXlEaVEdJC-0tWMRyIMuJtT
x-goog-generation: 1647331609164951
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 465
content-encoding: gzip
x-goog-hash: crc32c=wV6JEQ==, md5=mcCE3ZKmmeEyUdqSTpckyQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 465
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 07 Mar 2023 09:33:10 GMT
expires: Tue, 04 Apr 2023 09:33:10 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Tue, 15 Mar 2022 08:06:49 GMT
etag: "99c084dd92a699e13251da924e9724c9"
content-type: text/css
vary: Origin
age: 1469465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoScreen~493df0b3.5086fedca4bac2baba62.chunk.css?e=p
34.107.241.180200 OK 6.2 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoScreen~493df0b3.5086fedca4bac2baba62.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (7149)
Hash e6eb0e4b45aa82186b9f72b6319eb424
a17ddecdd8a26e75f27b04a9049ffa043d7c7365
169b3de6a66540c7db44b419b738a837a978ce11b4ab34d74f0c739a1caee387
GET /fulcrum/v4/master/dynamic/mobile.CasinoScreen~493df0b3.5086fedca4bac2baba62.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvE5sp4RPJWoAbiqEJr00025lDN_iB3ttl6uMAM2z5o8e2FFLIvCtqlmaOgTTlf_qBf87sPbb-EHW_GFwQ-ZqSuI6wRrx1s
x-goog-generation: 1677830929282236
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 6182
content-encoding: gzip
x-goog-hash: crc32c=aPA7mw==, md5=5usOS0Wqghhrn3K2MZ60JA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 6182
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 03 Mar 2023 09:15:11 GMT
expires: Fri, 31 Mar 2023 09:15:11 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Fri, 03 Mar 2023 08:08:49 GMT
etag: "e6eb0e4b45aa82186b9f72b6319eb424"
content-type: text/css
vary: Origin
age: 1816144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~bfe0ed74.6588734231c0db63fedc.chunk.css?e=p
34.107.241.180200 OK 2.1 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~bfe0ed74.6588734231c0db63fedc.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (5257)
Hash 56cafbcd6e14696cf0de9ac1f5d9c210
18651ee4aa10cd1756cbbedbf268749035d2046a
bde9fcd791f8565519249ba4e00fdb6ee1c3f08dab958a35de4f66404552c9ef
GET /fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~bfe0ed74.6588734231c0db63fedc.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsZBe0aFJ8ITDop3bXDwjzu7FgnENT_Xb52lbPoyy36Prz5nWB5Pwl7tVY5QyPq6P4FZ9HFzQJIQguDFvGbV4SOmyCBsCm0
x-goog-generation: 1675777180828778
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2142
content-encoding: gzip
x-goog-hash: crc32c=A9Rvmg==, md5=Vsr7zW4UaWzw3prB9dnCEA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 2142
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 07 Mar 2023 14:01:03 GMT
expires: Tue, 04 Apr 2023 14:01:03 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Tue, 07 Feb 2023 13:39:40 GMT
etag: "56cafbcd6e14696cf0de9ac1f5d9c210"
content-type: text/css
vary: Origin
age: 1453392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BottomBarScreen~493df0b3.e958e2aa63ca71e9fd66.chunk.css?e=p
34.107.241.180200 OK 3.6 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BottomBarScreen~493df0b3.e958e2aa63ca71e9fd66.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (3276)
Hash 0c23bfbb885e4854ad3495f33980c757
b42253a3bd0daaaf2883b5cbb869293901cdeb5d
af1ccdaecd8a72d508427585a33868d92ded31dcd3bc157ae2bcabfbab66e352
GET /fulcrum/v4/master/dynamic/mobile.BottomBarScreen~493df0b3.e958e2aa63ca71e9fd66.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu0neITTeTN8fakbsJyyzKVYDJB86qFEbxZ0rt3FLQo2dQ_CPipar4eRuU7j7-fr7wC2VOu2JFq2hmenEYypc3ihM6tIk6W
x-goog-generation: 1675848827338713
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3576
content-encoding: gzip
x-goog-hash: crc32c=IDop1w==, md5=DCO/u4heSFStNJXzOYDHVw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 3576
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 16 Mar 2023 11:52:45 GMT
expires: Thu, 13 Apr 2023 11:52:45 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Wed, 08 Feb 2023 09:33:47 GMT
etag: "0c23bfbb885e4854ad3495f33980c757"
content-type: text/css
vary: Origin
age: 683490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.AndroidAppScreen~BankID~BlogPostScreen~BlogPostsScreen~BonusInfoScreen~BonusTermsScreen~CampaignList~c348699f.2917c0a34e0ebcd5a444.chunk.css?e=p
34.107.241.180200 OK 1.8 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.AndroidAppScreen~BankID~BlogPostScreen~BlogPostsScreen~BonusInfoScreen~BonusTermsScreen~CampaignList~c348699f.2917c0a34e0ebcd5a444.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (5542)
Hash b7e0b86d61599fdf56470fd8286ae263
4097e6f41066046323350280f0c771c98cc56ed0
01299f8d985176c8043fea42559777c49fc8f68e2eced618be59e4700e451196
GET /fulcrum/v4/master/dynamic/mobile.AndroidAppScreen~BankID~BlogPostScreen~BlogPostsScreen~BonusInfoScreen~BonusTermsScreen~CampaignList~c348699f.2917c0a34e0ebcd5a444.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtpQgX3ufcIuboCwV252y5hLkOOfIFjj6ad4OTqdY-d8L5QTer4qfT_pDygQVhmnn7lPaypllqNvO47PbQYxNstqV6bTFbg
x-goog-generation: 1679397624653306
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1758
content-encoding: gzip
x-goog-hash: crc32c=eRr6Rw==, md5=t+C4bWFZn99WRw/YKGriYw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1758
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 21 Mar 2023 11:26:41 GMT
expires: Tue, 18 Apr 2023 11:26:41 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Tue, 21 Mar 2023 11:20:24 GMT
etag: "b7e0b86d61599fdf56470fd8286ae263"
content-type: text/css
vary: Origin
age: 253054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~65914263.95eea1a7b870a67baa6e.chunk.js?e=p
34.107.241.180200 OK 11 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~65914263.95eea1a7b870a67baa6e.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b34fbb781d5db5e701cd634df484ed43
cc261d193da5d80f39289c23392eb6de1a36a161
a7d780fe977146c0a8903745cfa48fcd1661cbe5eda79b73973f60f7d075a832
GET /fulcrum/v4/master/dynamic/mobile.app~65914263.95eea1a7b870a67baa6e.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvC4MOKVjhoK97y01GDzVxED09fta11fXQO0dZtbY3tsMxf7cK6nhANAIqdOssi8zQfaZ_qbkuOcELVKRynF_DqCw
x-goog-generation: 1679319457943663
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10741
content-encoding: gzip
x-goog-hash: crc32c=O4TtKA==, md5=s0+7eB1dtecBzWNN9ITtQw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 10741
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:37 GMT
etag: "b34fbb781d5db5e701cd634df484ed43"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~6ae16c75.fd00b08ecfd070a1f5f7.chunk.js?e=p
34.107.241.180200 OK 18 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~6ae16c75.fd00b08ecfd070a1f5f7.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 48971eca241f478cdf90cf81a207b89e
d4030a176b874adfa776d88adaaa03fe6394c77e
6cd2f34c0eace28dbc3844a3f9660bf35daf5e2e2e5cf84eac9b7398d7d32ca6
GET /fulcrum/v4/master/dynamic/mobile.app~6ae16c75.fd00b08ecfd070a1f5f7.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsM7sfC2F2jZSbvBmdcA7j8hciH79uTwGn8EoTHDwsGwPkRBhsrFMpLJo4f5qWIIdgnykzlroou59SH6ifiEVUcHg
x-goog-generation: 1679319458086402
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 18367
content-encoding: gzip
x-goog-hash: crc32c=Aik7ww==, md5=SJceyiQfR4zfkM+Boge4ng==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 18367
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:38 GMT
etag: "48971eca241f478cdf90cf81a207b89e"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~361546bd.e22712edc33625fb4769.chunk.js?e=p
34.107.241.180200 OK 16 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~361546bd.e22712edc33625fb4769.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0bc6c6918d6dda60e95f8338a3adce33
7a2614d619f138ef3a1008733727c18f02fa92f5
bf56364b3d51a916b189da41c81d406eb00975d1eda1a9b7ba53e45411de5776
GET /fulcrum/v4/master/dynamic/mobile.app~361546bd.e22712edc33625fb4769.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtP7o7XvGxUpV-YC7XbYdTfCo0-ftHgHIshyqFFtIsZAy_dqb-hObO39U8gC42S_nHttQMCBzKpxsW07XKbRIWAoQ
x-goog-generation: 1679319457984547
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 15923
content-encoding: gzip
x-goog-hash: crc32c=uQsLIQ==, md5=C8bGkY1t2mDpX4M4o63OMw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 15923
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:38 GMT
etag: "0bc6c6918d6dda60e95f8338a3adce33"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~29a429d8.a095d48301c87c612de9.chunk.js?e=p
34.107.241.180200 OK 10 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~29a429d8.a095d48301c87c612de9.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 11a4b0a4325866f5600b2f6dec35e5bb
0f28eb130ae62d61f6cdf8c83b4d0e4fcdd1aa0c
f536746189c7bb0bb3aefe49ca2310feba47e24770af4e2a819854ca6e2bb168
GET /fulcrum/v4/master/dynamic/mobile.app~29a429d8.a095d48301c87c612de9.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtRtCSPpAyXrwcgKLFfxkgvR1zZVsd6pn5TR369ZXePr2QKg1ypvZ8WcTedxJeAF01OC8D-h54-h62hVgrxfnW1zg
x-goog-generation: 1679319457854933
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10486
content-encoding: gzip
x-goog-hash: crc32c=9WzLlw==, md5=EaSwpDJYZvVgCy9t7DXluw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 10486
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:37 GMT
etag: "11a4b0a4325866f5600b2f6dec35e5bb"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~bead5879.bf5c0dc96a6e5f40a6a5.chunk.js?e=p
34.107.241.180200 OK 5.3 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~bead5879.bf5c0dc96a6e5f40a6a5.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (15830)
Hash d3cff5fb13c1906e48a21cd6d6fec497
17f822bb13934ff0e1c3f48388c76d4bbf45385f
b9cb3237707e366d4426307527a8e95b7ba7d1bed41b9d34527fac4552553c79
GET /fulcrum/v4/master/dynamic/mobile.app~bead5879.bf5c0dc96a6e5f40a6a5.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsUF3F1zwDBM98icQ8KdxvougnPEZpVuzp4_Xcu2RhYkHa5OD9WJjRVyA51AGjJKInMC9-gUEBf1iSu8BbrGWTlUA
x-goog-generation: 1679319457895645
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5336
content-encoding: gzip
x-goog-hash: crc32c=9yXgoQ==, md5=08/1+xPBkG5IohzW1v7Elw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 5336
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:37 GMT
etag: "d3cff5fb13c1906e48a21cd6d6fec497"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~1152e2e7.522d0956fb70f2081280.chunk.js?e=p
34.107.241.180200 OK 22 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~1152e2e7.522d0956fb70f2081280.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2a61fb8cb5defd5997432a82b801fa66
30fed9790034f0da07b5699dd06997f73d213cd9
0baa29edc77b785064b6e64f1bbf7b88c6e0565c8e73beaae4391b808ddc102d
GET /fulcrum/v4/master/dynamic/mobile.app~1152e2e7.522d0956fb70f2081280.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsstQDTbdLdgugFDR5p8lVPt6XdUQWzMTu8iYPB4cg8ZOK5y-aD4dxdMpP0gQaDQKDTmNzr-ZMqaGGOZkxD4KF17A
x-goog-generation: 1679319457876990
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 21960
content-encoding: gzip
x-goog-hash: crc32c=m8uhRw==, md5=KmH7jLXe/VmXQyqCuAH6Zg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 21960
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:37 GMT
etag: "2a61fb8cb5defd5997432a82b801fa66"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.ZendeskHelpCenter~9c9801fa.2445b73ae99d4e8d0b1a.chunk.js?e=p
34.107.241.180200 OK 6.8 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.ZendeskHelpCenter~9c9801fa.2445b73ae99d4e8d0b1a.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (22670)
Hash 70755c7cd4a7d863f3acdaf92438673b
a12d1dff9528a1cbf1c6005979d1272edf306bed
51aae0b2cee90506082ae2bd0d96e7e4c5fe3b681e9ce4ec1284c4e76ec8eb51
GET /fulcrum/v4/master/dynamic/mobile.ZendeskHelpCenter~9c9801fa.2445b73ae99d4e8d0b1a.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduwboI4hVcdVNk18MTUwO2JX08D9PwFQTkYaPcI_Vc51FPtHUvMbTQJNsK2cmD037GHi81jaS4zudpnMk0JUQhHbg
x-goog-generation: 1679319457690423
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 6767
content-encoding: gzip
x-goog-hash: crc32c=8MzcdQ==, md5=cHVcfNSn2GPzrNr5JDhnOw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 6767
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:06 GMT
expires: Mon, 17 Apr 2023 13:49:06 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:37 GMT
etag: "70755c7cd4a7d863f3acdaf92438673b"
content-type: application/javascript
vary: Origin
age: 330909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.AndroidAppScreen~BankID~BonusInfoScreen~BonusTermsScreen~CampaignScreen~CasinoScreen~CommonContentSc~2f699297.593f8e3dfcf9b212ccf4.chunk.js?e=p
34.107.241.180200 OK 6.1 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.AndroidAppScreen~BankID~BonusInfoScreen~BonusTermsScreen~CampaignScreen~CasinoScreen~CommonContentSc~2f699297.593f8e3dfcf9b212ccf4.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (20694)
Hash 56c51dcdf38601c9f50ebfcbd0f8cd00
ef3ea5ec445feabe6d25a756db1e08254fa38b6c
c771a178b0c2b892d288c3f3a21bb406f555a12d09e04bde023b5ae4c0aaf1ce
GET /fulcrum/v4/master/dynamic/mobile.AndroidAppScreen~BankID~BonusInfoScreen~BonusTermsScreen~CampaignScreen~CasinoScreen~CommonContentSc~2f699297.593f8e3dfcf9b212ccf4.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdteoisIYMktgzH_Y4Kv8O6up7yUDCo_y81IAPHb3KUSZ2-1sRP_WwYGJHXQFnxmErmWAzabjIsYCFrTL0-JmaFp8A
x-goog-generation: 1679319454718583
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 6131
content-encoding: gzip
x-goog-hash: crc32c=LWYM0w==, md5=VsUdzfOGAcn1Dr/L0PjNAA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 6131
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:06 GMT
expires: Mon, 17 Apr 2023 13:49:06 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:34 GMT
etag: "56c51dcdf38601c9f50ebfcbd0f8cd00"
content-type: application/javascript
vary: Origin
age: 330909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.FlowChecker~493df0b3.2a66ee60dd6219bafc56.chunk.css?e=p
34.107.241.180200 OK 1.7 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.FlowChecker~493df0b3.2a66ee60dd6219bafc56.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (1298)
Hash 7543b46c3dd3ee59e5532d971f2b5d5f
5d396f145a7e9b9b47fd7802b6d01613ae711f8f
14f434e87de14ce624414e3378b544ae3e4d6fc8ba68eae3623c73dd1c8e2bd6
GET /fulcrum/v4/master/dynamic/mobile.FlowChecker~493df0b3.2a66ee60dd6219bafc56.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdveUj_LZJkOIIbfAKW1dVJBjZVALyF18Wc8l74VCR0kiHhPaQkKUaWBBCVXjuN7wPKMZvNRYfCGYfquimHESkRlAg
x-goog-generation: 1672760598499902
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1738
content-encoding: gzip
x-goog-hash: crc32c=xhs6+w==, md5=dUO0bD3T7lnlUy2XHytdXw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1738
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 07 Mar 2023 08:43:44 GMT
expires: Tue, 04 Apr 2023 08:43:44 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Tue, 03 Jan 2023 15:43:18 GMT
etag: "7543b46c3dd3ee59e5532d971f2b5d5f"
content-type: text/css
vary: Origin
age: 1472431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BonusChaserInGameCurtain~BonusChaserLobbyContainer~BonusChaserSwitcher~CasinoCategory~CasinoScreen~G~6b779408.182936e3ecd39b5d5bd7.chunk.js?e=p
34.107.241.180200 OK 15 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BonusChaserInGameCurtain~BonusChaserLobbyContainer~BonusChaserSwitcher~CasinoCategory~CasinoScreen~G~6b779408.182936e3ecd39b5d5bd7.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 545f018c4f7a9b9d4de33ce10d2c1c65
01c7c43a126a4a88e7ebc743f35c32edb968a30d
38fd80437c4cc9388b3034ba6890a501518ff624b68d74e0c3300450f08ce774
GET /fulcrum/v4/master/dynamic/mobile.BonusChaserInGameCurtain~BonusChaserLobbyContainer~BonusChaserSwitcher~CasinoCategory~CasinoScreen~G~6b779408.182936e3ecd39b5d5bd7.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtkXuSkal32kIG8MrZa5drNQi4GwXVmY1JnHSgBmCr3HLgoUnBHn4QvfVqb8aRmHj0FYE8nvpt69O6LWSRAGSx2OQ
x-goog-generation: 1679319455170166
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 14888
content-encoding: gzip
x-goog-hash: crc32c=eGHhSA==, md5=VF8BjE96m51N4zzhDSwcZQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 14888
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:10 GMT
expires: Mon, 17 Apr 2023 13:49:10 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:35 GMT
etag: "545f018c4f7a9b9d4de33ce10d2c1c65"
content-type: application/javascript
vary: Origin
age: 330905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BonusChaserInGameCurtain~BonusChaserLobbyContainer~BonusChaserSwitcher~CasinoCategory~CasinoScreen~G~6b779408.05333c94070bd35e1307.chunk.css?e=p
34.107.241.180200 OK 1.9 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BonusChaserInGameCurtain~BonusChaserLobbyContainer~BonusChaserSwitcher~CasinoCategory~CasinoScreen~G~6b779408.05333c94070bd35e1307.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (7854)
Hash 8459a1afc2e91caa7da8a06e8e5eed2a
573d0a17a5ea0809a52cd9782e068760b50845ac
5b3ba1a4934dd53610822679f1fde33943fce637a3678203f99beac851aa632c
GET /fulcrum/v4/master/dynamic/mobile.BonusChaserInGameCurtain~BonusChaserLobbyContainer~BonusChaserSwitcher~CasinoCategory~CasinoScreen~G~6b779408.05333c94070bd35e1307.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdte0vJUnJYH-CvdcX-r87nQbqJ322CI-rus7xheinKdVpgi894sKI-HGwdxr8NvKZzCQIiQAdp4JRwUIB-W9c3YXKn5RzL9
x-goog-generation: 1675777180685459
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1933
content-encoding: gzip
x-goog-hash: crc32c=6oPmaQ==, md5=hFmhr8LpHKp9qKBujl7tKg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1933
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 15 Mar 2023 22:13:36 GMT
expires: Wed, 12 Apr 2023 22:13:36 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Tue, 07 Feb 2023 13:39:40 GMT
etag: "8459a1afc2e91caa7da8a06e8e5eed2a"
content-type: text/css
vary: Origin
age: 732639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~index~bfe0ed74.1a857ce452e1e0b19eaf.chunk.js?e=p
34.107.241.180200 OK 18 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~index~bfe0ed74.1a857ce452e1e0b19eaf.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3b33bf637d9211a8f99fec0a95a1b7c0
ac7a962319fa441baf425d8d86b63c1d9be276c7
c215393ce86003c78373a5f27cd06e2cb4d29e523ee72c071f446bef281f8edb
GET /fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~index~bfe0ed74.1a857ce452e1e0b19eaf.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduHhvYm7STaFttdtgt52GrD_TBsmpJbW58y4DYEzJPCnIe-vM539J9b66jNdnzyd0Hjhn8pGOG2fszeZEe6ffwzkQ
x-goog-generation: 1679319455220831
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 18008
content-encoding: gzip
x-goog-hash: crc32c=VQA4Xw==, md5=OzO/Y32SEaj5n+wKlaG3wA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 18008
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:10 GMT
expires: Mon, 17 Apr 2023 13:49:10 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:35 GMT
etag: "3b33bf637d9211a8f99fec0a95a1b7c0"
content-type: application/javascript
vary: Origin
age: 330905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Adform~e8e8aaba.764514d34ff150bc1ac9.chunk.js?e=p
34.107.241.180200 OK 2.7 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Adform~e8e8aaba.764514d34ff150bc1ac9.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (7023)
Hash ed6fb98e3e1dcd274e9d3e8fe5a10a71
d0f62be5c65b19341445bcf50e95dbb396e55479
ddb326b090a4f9d68e8ba3b2bf388f3898ef0be90c705bff0588cce011d1b353
GET /fulcrum/v4/master/dynamic/mobile.Adform~e8e8aaba.764514d34ff150bc1ac9.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvCTcJYBlTCKAvY_S-_hCVzLnHC6aXNoCgrpwdFRB6h--Qacj0Xl8A9S23CR34aDrH_tNcfFue-5bShiK2D9i03
x-goog-generation: 1678352175802367
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2719
content-encoding: gzip
x-goog-hash: crc32c=gQkb5w==, md5=7W+5jj4dzSdOnT6P5aEKcQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 2719
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 09 Mar 2023 09:03:24 GMT
expires: Thu, 06 Apr 2023 09:03:24 GMT
cache-control: public, max-age=2419200,no-transform
age: 1298451
last-modified: Thu, 09 Mar 2023 08:56:15 GMT
etag: "ed6fb98e3e1dcd274e9d3e8fe5a10a71"
content-type: application/javascript
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~bfe0ed74.2ea6bae722b5bac073e3.chunk.js?e=p
34.107.241.180200 OK 7.7 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~bfe0ed74.2ea6bae722b5bac073e3.chunk.js?e=p
IP 34.107.241.180:0
File type Unicode text, UTF-8 text, with very long lines (25734)
Hash f5f19f5706c9b29e7210a209249f4527
53f5fc72f32c9fe2e5b013b8cf3fd78650c7df6b
ce702af4dfb1f2aa8f53c339f16c425af07e00e58422e426f0f036da562addb2
GET /fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~bfe0ed74.2ea6bae722b5bac073e3.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtPaRmkrN4BjlJ0Gbz3zgkyCPPQas_nCFm6T0zp7LQcXKTO6Q3wyKb0lLbnmHFwxwQpPyMb6IdDP9FoJYTqkGYBJA
x-goog-generation: 1679319455201063
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7656
content-encoding: gzip
x-goog-hash: crc32c=R59JRQ==, md5=9fGfVwbJsp5yEKIJJJ9FJw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7656
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:10 GMT
expires: Mon, 17 Apr 2023 13:49:10 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:35 GMT
etag: "f5f19f5706c9b29e7210a209249f4527"
content-type: application/javascript
vary: Origin
age: 330905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BankID~BankingVerification~DEVerification~Deposit~FlowChecker~GameScreen~KYCCheck~LoginScreen~LostPa~952074d0.668ab8139a75f9daeca6.chunk.js?e=p
34.107.241.180200 OK 18 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.BankID~BankingVerification~DEVerification~Deposit~FlowChecker~GameScreen~KYCCheck~LoginScreen~LostPa~952074d0.668ab8139a75f9daeca6.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 90db37acfd80713224037f6e76214a1e
f50f19353f26e8bd1435dd5f3f37cf65752787a7
acbaced50bba0a020d22b2cad719599df1d1567bbdbd175f7645a88fa1acfbe9
GET /fulcrum/v4/master/dynamic/mobile.BankID~BankingVerification~DEVerification~Deposit~FlowChecker~GameScreen~KYCCheck~LoginScreen~LostPa~952074d0.668ab8139a75f9daeca6.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtz_s726FHeZGkx4bOGAqh9D_yo8I9sZaMwMEG1HtNVeKAjvxgkKsGWjYlxP7dcejU2p6q5Wsa6V-TJWd8twTuTMA
x-goog-generation: 1679319454836655
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 17474
content-encoding: gzip
x-goog-hash: crc32c=xPpYbQ==, md5=kNs3rP2AcTIkA39udiFKHg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 17474
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:05 GMT
expires: Mon, 17 Apr 2023 13:49:05 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:34 GMT
etag: "90db37acfd80713224037f6e76214a1e"
content-type: application/javascript
vary: Origin
age: 330910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Icons-Categories~4c719359.f18bf0bcd688b8c509ef.chunk.js?e=p
34.107.241.180200 OK 30 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Icons-Categories~4c719359.f18bf0bcd688b8c509ef.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 525411d4419abba3d019861a2515e6a3
cf1fba6c73f91076b35ea9e1f1ceee9f101bc547
b6e0cc9ff950f77ba8093d097ca54641fa536c8b01cde575759c303da00dd4af
GET /fulcrum/v4/master/dynamic/mobile.Icons-Categories~4c719359.f18bf0bcd688b8c509ef.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvrmzdcIgleUaBhnW-YIoorqtDzDeq_5VHhnHUHHNXf6TeKAiN9AgTzpv8qNSHdLWoL8unxvvHbsh2acQmrz1ATEQ
x-goog-generation: 1679319455959007
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 29839
content-encoding: gzip
x-goog-hash: crc32c=+3UcMg==, md5=UlQR1EGau6PQGYYaJRXmow==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 29839
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:10 GMT
expires: Mon, 17 Apr 2023 13:49:10 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:35 GMT
etag: "525411d4419abba3d019861a2515e6a3"
content-type: application/javascript
vary: Origin
age: 330905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Icons-OPL~6f2a7a41.7b72b6cdb2bf8f5140f8.chunk.js?e=p
34.107.241.180200 OK 9.5 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.Icons-OPL~6f2a7a41.7b72b6cdb2bf8f5140f8.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (30076)
Hash 1156f4fad27d406d46d5b5e3c6331e81
35e633f6e5cb7a10420114376041940dc09cb42c
aaf63bff654d336497a80a2d39cb3cee78127cc8987d6251e3cf42c889475db2
GET /fulcrum/v4/master/dynamic/mobile.Icons-OPL~6f2a7a41.7b72b6cdb2bf8f5140f8.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt8pJLe3bJxvh3i7rod0-3VyJ-rvyFaxTyeULznrnWhbjl7T-Q0wkOIuNz2kbYqo1tID2rBWiFGTgcWc8jkKcYthg
x-goog-generation: 1679319455951637
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 9510
content-encoding: gzip
x-goog-hash: crc32c=KGhFig==, md5=EVb0+tJ9QG1G1bXjxjMegQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 9510
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:07 GMT
expires: Mon, 17 Apr 2023 13:49:07 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:35 GMT
etag: "1156f4fad27d406d46d5b5e3c6331e81"
content-type: application/javascript
vary: Origin
age: 330908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoScreen~493df0b3.53b881d16b2bbe3dd406.chunk.js?e=p
34.107.241.180200 OK 40 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoScreen~493df0b3.53b881d16b2bbe3dd406.chunk.js?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6baba8ca0e42beae393b7e049ca6eb69
6a9582012ff00a1a99c957cf4b2545cd3bb6d7fd
cfbce2ef3b6ac5a2d331a1e92875e65ba7d75708ebae3620890bfee605eadd21
GET /fulcrum/v4/master/dynamic/mobile.CasinoScreen~493df0b3.53b881d16b2bbe3dd406.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduc9_qwlvK85UXPsFYBWPRfrCeVr_B2bL4U0Mph8g5JWjeYcg8V4J6xsbCqA86HIzMUVi6Qm51-Xs7K3S1ZMDUZ5Q
x-goog-generation: 1679319455356739
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 40333
content-encoding: gzip
x-goog-hash: crc32c=OjLVoA==, md5=a6uoyg5Cvq45O34EnKbraQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 40333
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:10 GMT
expires: Mon, 17 Apr 2023 13:49:10 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:35 GMT
etag: "6baba8ca0e42beae393b7e049ca6eb69"
content-type: application/javascript
vary: Origin
age: 330905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~521067a8.89f65db9ae423b9197b1.chunk.css?e=p
34.107.241.180200 OK 283 B URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~521067a8.89f65db9ae423b9197b1.chunk.css?e=p
IP 34.107.241.180:0
Hash 327122b5334eeb33cd79c886dd49beb3
e58dfacbb2db54d6652889e2dad8ce19f2d2fe2f
9df65c43857dea61bc65232b1e3fd20a82475f77563d3999ac0a9b9ed6d90f38
GET /fulcrum/v4/master/dynamic/mobile.app~521067a8.89f65db9ae423b9197b1.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvRJ3nXFhmSHcfJQWM1RhgW13h8lOFeAsaDTSu7KfkRreBZsxa3U0mmQr371SG8d3LcRUBbJd2kdCtB2JQhFRQYhG7eT-EP
x-goog-generation: 1663591116440358
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 283
content-encoding: gzip
x-goog-hash: crc32c=uA/axQ==, md5=MnEitTNO6zPNeciG3Um+sw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 283
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 15 Mar 2023 23:12:15 GMT
expires: Wed, 12 Apr 2023 23:12:15 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 19 Sep 2022 12:38:36 GMT
etag: "327122b5334eeb33cd79c886dd49beb3"
content-type: text/css
vary: Origin
age: 729121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~493df0b3.48fd81c71c9e436cfa6e.chunk.css?e=p
34.107.241.180200 OK 10 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~493df0b3.48fd81c71c9e436cfa6e.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (17796)
Hash cfeb84e29b2f4eb2b5660ed8a9803bcc
ae4aeb9807b9ab580f5d8a17d42d5154d9214497
279ef3417e12395b6bbbd967592c592b7978a98fc9991ec41e947a81b739d3b7
GET /fulcrum/v4/master/dynamic/mobile.app~493df0b3.48fd81c71c9e436cfa6e.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduEVxBzpxH99MNh8XeHwH-v-2PNZ2nf6KOYJHhBGT4t-YZGFl0mj8_dUH7KyhATIJpfmZvoFhgF3lkzcT0Tp_6uiA
x-goog-generation: 1679397625018542
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10003
content-encoding: gzip
x-goog-hash: crc32c=+5WJyw==, md5=z+uE4psvTrK1Zg7YqYA7zA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 10003
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 21 Mar 2023 11:26:41 GMT
expires: Tue, 18 Apr 2023 11:26:41 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Tue, 21 Mar 2023 11:20:25 GMT
etag: "cfeb84e29b2f4eb2b5660ed8a9803bcc"
content-type: text/css
vary: Origin
age: 253055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~bfe0ed74.f5afd94bdac610591557.chunk.css?e=p
34.107.241.180200 OK 585 B URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~bfe0ed74.f5afd94bdac610591557.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (1286)
Hash 27c4a2615df59ed93991f6b354671dd6
0e0d88a402dc646af5a4c199145ac8a422d2d448
a98cad2dd71c709b26875e33ae112f368fac45aa666664ba7c94fc2e7a2b9df5
GET /fulcrum/v4/master/dynamic/mobile.app~bfe0ed74.f5afd94bdac610591557.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv-Y-vaEFYtDPp43K6lSY-cJs8wJ2ITn2RQo5FGM1xEmM4PK19uQiAb4u_BvlUsaNZW6Md-S5G4yjW7Gbqol2oXZ2NpN_rs
x-goog-generation: 1666691230328646
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 585
content-encoding: gzip
x-goog-hash: crc32c=K8QcbA==, md5=J8SiYV31ntk5kfazVGcd1g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 585
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 16 Mar 2023 11:59:41 GMT
expires: Thu, 13 Apr 2023 11:59:41 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Tue, 25 Oct 2022 09:47:10 GMT
etag: "27c4a2615df59ed93991f6b354671dd6"
content-type: text/css
vary: Origin
age: 683075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~748942c6.64ddd5236a515f7652b0.chunk.css?e=p
34.107.241.180200 OK 1.7 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~748942c6.64ddd5236a515f7652b0.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (1772)
Hash 07ccdcb3ce4c5f2862e0e60b739520d9
e90961c07533bab39457aa62e6fe8decf671469c
6ad0f911505b8af66ecf58b2db7aba96c5c5b63f911eeb1707cdde9fc392d2ce
GET /fulcrum/v4/master/dynamic/mobile.app~748942c6.64ddd5236a515f7652b0.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtaunE-ztT8VZb2-_Z6z_geqYtCAD2gT-YK5KW4Vtbx8EtRFG6F3eXvBvpSAWjh6TWRGVRIbiMzko-dRcWligOcog
x-goog-generation: 1677830929722049
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1661
content-encoding: gzip
x-goog-hash: crc32c=kXUuBA==, md5=B8zcs85MXyhi4OYLc5Ug2Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1661
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 03 Mar 2023 09:15:11 GMT
expires: Fri, 31 Mar 2023 09:15:11 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Fri, 03 Mar 2023 08:08:49 GMT
etag: "07ccdcb3ce4c5f2862e0e60b739520d9"
content-type: text/css
vary: Origin
age: 1816145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~9675856e.dd984e891c8a0e00c45b.chunk.css?e=p
34.107.241.180200 OK 2.1 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.app~9675856e.dd984e891c8a0e00c45b.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (2605)
Hash 8bf6d4e9191247f34f49910ff4bce36c
083cc5e954c1cadc64847b769796b4f783194a8d
a26135400ddfc9dcb572f5cee188ef7cd5faf61bbb851a25b74738bc12cc0477
GET /fulcrum/v4/master/dynamic/mobile.app~9675856e.dd984e891c8a0e00c45b.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduR0K_B55dil2LVLU_mpscakummAv85PonVNz0Hc5Hrv71BdaG4EpIdjjh4gsQt1qZqtCkK8unQl5keAKs_D3URfQ
x-goog-generation: 1670506834487828
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2102
content-encoding: gzip
x-goog-hash: crc32c=xSTuIQ==, md5=i/bU6RkSR/NPSZEP9LzjbA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 2102
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 15 Mar 2023 22:17:02 GMT
expires: Wed, 12 Apr 2023 22:17:02 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Thu, 08 Dec 2022 13:40:34 GMT
etag: "8bf6d4e9191247f34f49910ff4bce36c"
content-type: text/css
vary: Origin
age: 732434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 14:12:20 GMT
expires: Tue, 19 Mar 2024 14:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 329516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
age: 142745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 142745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 142745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
372fc806295528bc5fbf-83c638ca2a0b52c62d893afeac24561e.ssl.cf3.rackcdn.com/GenericLiveCasino.jpg
23.38.200.149200 OK 88 kB URL HTTP/1.1 372fc806295528bc5fbf-83c638ca2a0b52c62d893afeac24561e.ssl.cf3.rackcdn.com/GenericLiveCasino.jpg
IP 23.38.200.149:0
File type JPEG image data, baseline, precision 8, 600x117, components 3\012- data
Hash 354579f5e2bbf9efee9ef5b730b02bf0
494e7620512430459d1f3233366dee956897ff0a
08893d543a20215b5ee2d85fa344a9bb3470490285fd3693e9952adf979ca619
GET /GenericLiveCasino.jpg HTTP/1.1
Host: 372fc806295528bc5fbf-83c638ca2a0b52c62d893afeac24561e.ssl.cf3.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 03 Dec 2019 10:23:28 GMT
ETag: 354579f5e2bbf9efee9ef5b730b02bf0
X-Trans-Id: tx95c8e270b1ae409eb8d12-006418fe9alon3
Content-Length: 88183
Accept-Ranges: bytes
X-Timestamp: 1575368607.19877
Content-Type: image/jpeg
Cache-Control: public, max-age=201154
Expires: Sun, 26 Mar 2023 17:36:50 GMT
Date: Fri, 24 Mar 2023 09:44:16 GMT
Connection: keep-alive
fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12820, version 1.0\012- data
Hash 5c02543fd50416d417c4fde1410008d5
82803a4554e56c2247c2ce50e9a0a3c77b5e0730
084c044e1a353a41a04f9c923b418d582f8e8d3a1996053c8e4912a57d158799
GET /s/robotoslab/v24/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:15:07 GMT
content-type: font/woff2
age: 142745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 142745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.leovegas.com/_Incapsula_Resource?SWKMTFSR=1&e=0.34689011417382354
107.154.248.168200 OK 1 B URL HTTP/2 www.leovegas.com/_Incapsula_Resource?SWKMTFSR=1&e=0.34689011417382354
IP 107.154.248.168:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /_Incapsula_Resource?SWKMTFSR=1&e=0.34689011417382354 HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/en-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222861626250%7c1%22%7d%5d; leo-essentials=%7B%22cid%22%3A%22ce969956-c0fc-402c-a2d2-8112a6bea827%22%7D; visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==; leobtag=667909_ED179FB202074EE6A185D27C8D404C26; leonrpid=3747044; leonrbid=15012; leonrmeta=[{"value":"wch3gd1nerjlgpgni2nrrhak","key":"c"}]; ___utmvc=rEFTyMqrfwLhvI0Bc3+zauq1Ll5qgvA6nQphsxGw6wc+sIOiSvqOYIlTwkq8IgzVH46Je/nqI7NNAKauUraS3cYVrLWJxoQ2mf1suYQhzRXd5Hzdm2+GrnCXaHu23CJMzd50v0S44ufli5CsF8vYVENGUcZkOu72EbUcG6MoN3AcnOYR7q2qrKD/wpE7+fr/FBKT8SR28wUMbk7thIATsSmarE/5aDYplpAQ9oU+yAi6PxWHttcojWMiii6aJxhUBvZllRBxgiMwv8o4HLY+LUQjwFa/rc1RK7jClmgQe7BC0GI9O0PZkT3MTZc2NOGMwt/iuAj/fclKIoeTOopytAYnoCTxthMXVzMqlvQW9O2ucCWKnWf2S8/RFAtrXQNhLJSRsO7uTIE1ktACr7OY9gD70f9RMbu/boNqcTqyvwiB3rsgg36O0xi7hxqEauewSWjsuy7nWMcnp6f/n5N2XjHSzS8oxreN54/Ilj7idNOp7RHSYlogG6rKbTq566jcOVYwYyCnEQfwlMFg7vUVcYBEnSXu27uF0Q1w/G4b0NEm/pgdNszGAsnNIHqIBouo3c5/VFlmJRmQw6V2tH7I3H1yynuCiTDqE7zsqU4yLoqn9do0PSBnXT/CBjTsbQ9pxPx64sSkJmLBCk5cH+aYePA0Z6dZ280juux3yyRbfLbZMttCGxgzC7g0qIv93U2zryBh4dzEXU0IixAweZe1sDMcjYWbSWWx6/CB2SJ2jXx8xrd5SLZrNJYWbcnyh4+ORaJ1vAoA11TFl/SsMpVSyOvK09+PsscTtZjVrigerS6Qpy/ons0iZSUAr5wxbW5/Tt1DdJK2Kymwk3z+urUtQlpGHJzNBv0gE2xBwRKHkUkVciRIA+KxQB2HXU+1CFLXyzrX3Kly6kvNENr43sXOSX+jrIxTfFcvY2ZBPgz57jmq3R2Hm+Zi8rzf8fKFIdHUWP4GBlHvVPMGLPC64gRU0GKsCSWXIaVmt8lzQSiwOrBKiy2ljObf5Gp3Az8Hc7O9LCh/z1HC96oX050qwH9HlCzURHOiu0nEwORfLfuEoPp4TFWqr8REKPHUCJuyom2iVZAiyxI7yf9nPchOZNKejdCM/8KvyfMrsJZIsgXqoktDsyGur4kzo2VtXd0GzWdWSw8UqAbhqyZYnJvbyuEbJCSM/u+fXqr86539n5JJNQVs0Aiz0GzNo7gMexPY7xUcVPAAa77Kr9c6NVoXRt4QeuK12hN6zZuVDxRrjiH+dNBst8UdrifQIN0jxAOPShp3kiOoyoVdOWSgyP+ByniLdonQjqf7yqIys0lriro7AWydi506Mbw4V5F4k07aa0JuPSMDsll8SzZhIglEwDoofusjonctej/p4e2EEZp6OvNUuZuQ5jMM23xuw3mSWWuV5FvVeRyq60iHMJxvU2y4ReCtgD5OUiDIK5q+EolH3+liFUdoYJMNZUa+7MPSKkblLWzK+UXdG/zFdM/DtC+oeimddANngujQV6QH11+S20oMsgtsivHbN8o85v7vYUXkuvscyU2EenAkxhTxfpge/MULxuKaBoM5sXTsE8KjLOrIgbJEtXEch2rLUS2jNlLl5CxD1UVse5XRXo+XoVs9MFklLzwKxk6R7ln/05Zmc5SEKqgJNInnKl1qgve0c4aG3RsZ9K3AQ+Ag/4asNKK/yJ9nxM3ZCjNTUhngtn4cK/sjA9Nh+7El7piepCXMRocDr4NWG0mf9RJDjm/jmXbG0O/ZNPWfiNKM/Td2+0rZGGUlqW5IYYD+XY8aUMdOKjDQJH+lBjldfZJtlmc8uHqDO6oOQBaQyqGNuvuy6v9Eh6uRRN/lVMwUPluKvsm1e1RjvuMUOnRaq5iTTpuXBTqos/7k9/6S7k2SpYDZu9qSxFP9i4/+NCmnXbCW7495QjGLh/6BV7UEPaDcj8MUoLrSfyp4Y5BcZrz0nwSjDkniIeSMXiFQci4CmXWV66ucSDrSn8iuVoRWvaXqJg74IqJVaed3xiKOJFi6q8vbDdyi0+59vB/ysLKdqgJ/YoVapjAaYyRXN2lXunetckfRQU/UhLtcBSOs6wue6nYN9a0IKneTJk/aRdSPwiiSyCGSgD2FzzoECzCTaI+A28kAm7wrBWBCq3aEl2fljm6aHXw6ralnYKRkv8TUf9G9k5kUHRraD++L/HMNs4MQY+XS8imU5iubdmAgpcyGXFjQl58Cq0jxe4j2wDB+slzILyo72klupGuu+hTSI02o30bb2SFydyUWMRBN1YochEtXOpmne/vubVmz3vrkadPTtsl9lY4Yskg/tg4P9KVIs4OMXfxW59AG9ts+1f+3RaXl/zBq++YYm3Fb8i4ik0C7FT6MDZbfbZERe50GHEO056I1A9TfXxPiP2dSOVJEkOpM+IjfNOrkainA3Or4G126/U2uByeCToL9wBHG+Np8mkuE4IVeVEnSnl275DWUVJhzevXemBwY69/d6L/7ZFi6+cYSMaXcq/79kFx0J6dEJURbLGU+2Rc8whGRK+8b/xwOE4zIrVH0PvAXSxR/ORRPs9vr9Bvr+vAhtvgX7kxMXpl0aExWMJ6PqE4DWO6aOkH7HKBrjsNDfjvfutKveN+5n738JgGNMyy18KqNgHCDXl4iq0Fao1JGKKwqwl/4KQ8hZ7i+MjqmbpLbhfddEBzF9MHu9L4wdqmjzAK8WkYeqUkPyxQX4RntE4XfoyxkaWdlc3Q9MTg1MzI4LHM9ODBhZDk2ODA3ZDlkNjdhNTljOWM5YmEwN2E4ZDZiNmE5ODkxN2Q4MTY3YWE5NzhlNzZhNzY0ODhhOWFiN2E5YWE2OWI5NjdlN2JhZjcyNzA=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: text/plain
x-robots-tag: noindex
content-length: 1
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.leovegas.com/static/fulcrum/apple-touch-icon.png
107.154.248.168200 OK 21 kB URL HTTP/2 www.leovegas.com/static/fulcrum/apple-touch-icon.png
IP 107.154.248.168:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash f9a35c0fdecb2ee483d7badb5e03dd5b
6b9e2d23f188021f914eb2f58ce74d4753afd996
5137e8fe669f23cfe46ec272e9621157210a5e4b3f985520d22ed65f37ad3e0b
GET /static/fulcrum/apple-touch-icon.png HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/en-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222861626250%7c1%22%7d%5d; leo-essentials=%7B%22cid%22%3A%22ce969956-c0fc-402c-a2d2-8112a6bea827%22%7D; visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==; leobtag=667909_ED179FB202074EE6A185D27C8D404C26; leonrpid=3747044; leonrbid=15012; leonrmeta=[{"value":"wch3gd1nerjlgpgni2nrrhak","key":"c"}]; ___utmvc=rEFTyMqrfwLhvI0Bc3+zauq1Ll5qgvA6nQphsxGw6wc+sIOiSvqOYIlTwkq8IgzVH46Je/nqI7NNAKauUraS3cYVrLWJxoQ2mf1suYQhzRXd5Hzdm2+GrnCXaHu23CJMzd50v0S44ufli5CsF8vYVENGUcZkOu72EbUcG6MoN3AcnOYR7q2qrKD/wpE7+fr/FBKT8SR28wUMbk7thIATsSmarE/5aDYplpAQ9oU+yAi6PxWHttcojWMiii6aJxhUBvZllRBxgiMwv8o4HLY+LUQjwFa/rc1RK7jClmgQe7BC0GI9O0PZkT3MTZc2NOGMwt/iuAj/fclKIoeTOopytAYnoCTxthMXVzMqlvQW9O2ucCWKnWf2S8/RFAtrXQNhLJSRsO7uTIE1ktACr7OY9gD70f9RMbu/boNqcTqyvwiB3rsgg36O0xi7hxqEauewSWjsuy7nWMcnp6f/n5N2XjHSzS8oxreN54/Ilj7idNOp7RHSYlogG6rKbTq566jcOVYwYyCnEQfwlMFg7vUVcYBEnSXu27uF0Q1w/G4b0NEm/pgdNszGAsnNIHqIBouo3c5/VFlmJRmQw6V2tH7I3H1yynuCiTDqE7zsqU4yLoqn9do0PSBnXT/CBjTsbQ9pxPx64sSkJmLBCk5cH+aYePA0Z6dZ280juux3yyRbfLbZMttCGxgzC7g0qIv93U2zryBh4dzEXU0IixAweZe1sDMcjYWbSWWx6/CB2SJ2jXx8xrd5SLZrNJYWbcnyh4+ORaJ1vAoA11TFl/SsMpVSyOvK09+PsscTtZjVrigerS6Qpy/ons0iZSUAr5wxbW5/Tt1DdJK2Kymwk3z+urUtQlpGHJzNBv0gE2xBwRKHkUkVciRIA+KxQB2HXU+1CFLXyzrX3Kly6kvNENr43sXOSX+jrIxTfFcvY2ZBPgz57jmq3R2Hm+Zi8rzf8fKFIdHUWP4GBlHvVPMGLPC64gRU0GKsCSWXIaVmt8lzQSiwOrBKiy2ljObf5Gp3Az8Hc7O9LCh/z1HC96oX050qwH9HlCzURHOiu0nEwORfLfuEoPp4TFWqr8REKPHUCJuyom2iVZAiyxI7yf9nPchOZNKejdCM/8KvyfMrsJZIsgXqoktDsyGur4kzo2VtXd0GzWdWSw8UqAbhqyZYnJvbyuEbJCSM/u+fXqr86539n5JJNQVs0Aiz0GzNo7gMexPY7xUcVPAAa77Kr9c6NVoXRt4QeuK12hN6zZuVDxRrjiH+dNBst8UdrifQIN0jxAOPShp3kiOoyoVdOWSgyP+ByniLdonQjqf7yqIys0lriro7AWydi506Mbw4V5F4k07aa0JuPSMDsll8SzZhIglEwDoofusjonctej/p4e2EEZp6OvNUuZuQ5jMM23xuw3mSWWuV5FvVeRyq60iHMJxvU2y4ReCtgD5OUiDIK5q+EolH3+liFUdoYJMNZUa+7MPSKkblLWzK+UXdG/zFdM/DtC+oeimddANngujQV6QH11+S20oMsgtsivHbN8o85v7vYUXkuvscyU2EenAkxhTxfpge/MULxuKaBoM5sXTsE8KjLOrIgbJEtXEch2rLUS2jNlLl5CxD1UVse5XRXo+XoVs9MFklLzwKxk6R7ln/05Zmc5SEKqgJNInnKl1qgve0c4aG3RsZ9K3AQ+Ag/4asNKK/yJ9nxM3ZCjNTUhngtn4cK/sjA9Nh+7El7piepCXMRocDr4NWG0mf9RJDjm/jmXbG0O/ZNPWfiNKM/Td2+0rZGGUlqW5IYYD+XY8aUMdOKjDQJH+lBjldfZJtlmc8uHqDO6oOQBaQyqGNuvuy6v9Eh6uRRN/lVMwUPluKvsm1e1RjvuMUOnRaq5iTTpuXBTqos/7k9/6S7k2SpYDZu9qSxFP9i4/+NCmnXbCW7495QjGLh/6BV7UEPaDcj8MUoLrSfyp4Y5BcZrz0nwSjDkniIeSMXiFQci4CmXWV66ucSDrSn8iuVoRWvaXqJg74IqJVaed3xiKOJFi6q8vbDdyi0+59vB/ysLKdqgJ/YoVapjAaYyRXN2lXunetckfRQU/UhLtcBSOs6wue6nYN9a0IKneTJk/aRdSPwiiSyCGSgD2FzzoECzCTaI+A28kAm7wrBWBCq3aEl2fljm6aHXw6ralnYKRkv8TUf9G9k5kUHRraD++L/HMNs4MQY+XS8imU5iubdmAgpcyGXFjQl58Cq0jxe4j2wDB+slzILyo72klupGuu+hTSI02o30bb2SFydyUWMRBN1YochEtXOpmne/vubVmz3vrkadPTtsl9lY4Yskg/tg4P9KVIs4OMXfxW59AG9ts+1f+3RaXl/zBq++YYm3Fb8i4ik0C7FT6MDZbfbZERe50GHEO056I1A9TfXxPiP2dSOVJEkOpM+IjfNOrkainA3Or4G126/U2uByeCToL9wBHG+Np8mkuE4IVeVEnSnl275DWUVJhzevXemBwY69/d6L/7ZFi6+cYSMaXcq/79kFx0J6dEJURbLGU+2Rc8whGRK+8b/xwOE4zIrVH0PvAXSxR/ORRPs9vr9Bvr+vAhtvgX7kxMXpl0aExWMJ6PqE4DWO6aOkH7HKBrjsNDfjvfutKveN+5n738JgGNMyy18KqNgHCDXl4iq0Fao1JGKKwqwl/4KQ8hZ7i+MjqmbpLbhfddEBzF9MHu9L4wdqmjzAK8WkYeqUkPyxQX4RntE4XfoyxkaWdlc3Q9MTg1MzI4LHM9ODBhZDk2ODA3ZDlkNjdhNTljOWM5YmEwN2E4ZDZiNmE5ODkxN2Q4MTY3YWE5NzhlNzZhNzY0ODhhOWFiN2E5YWE2OWI5NjdlN2JhZjcyNzA=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "87ff2fdf"
last-modified: Wed, 22 Mar 2023 10:06:27 GMT
content-type: image/png
content-length: 21096
content-encoding: gzip
cache-control: max-age=2704, public
expires: Fri, 24 Mar 2023 10:29:19 GMT
date: Fri, 24 Mar 2023 09:44:15 GMT
set-cookie: ___utmvc=a; Max-Age=0; path=/; expires=Mon, 20 Mar 2023 22:52:01 GMT
strict-transport-security: max-age=63072000
x-cdn: Imperva
x-iinfo: 3-5052336-0 0CNN RT(1679651053824 2075) q(0 -1 -1 -1) r(1 -1)
X-Firefox-Spdy: h2
www.leovegas.com/static/fulcrum/favicon.ico
107.154.248.168200 OK 6.8 kB URL HTTP/2 www.leovegas.com/static/fulcrum/favicon.ico
IP 107.154.248.168:0
File type MS Windows icon resource - 1 icon, -106x-106, 32 bits/pixel\012- data
Hash 53438ecc6f90cf975c2cedaa7d07ba34
dfd5818a6e5dab0db9f6f2205323d191cea86be0
bba3673649c31b21e3f29faba5db5865d5f38d6e13a78cba4f50a251266d0147
GET /static/fulcrum/favicon.ico HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/en-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222861626250%7c1%22%7d%5d; leo-essentials=%7B%22cid%22%3A%22ce969956-c0fc-402c-a2d2-8112a6bea827%22%7D; visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==; leobtag=667909_ED179FB202074EE6A185D27C8D404C26; leonrpid=3747044; leonrbid=15012; leonrmeta=[{"value":"wch3gd1nerjlgpgni2nrrhak","key":"c"}]; ___utmvc=rEFTyMqrfwLhvI0Bc3+zauq1Ll5qgvA6nQphsxGw6wc+sIOiSvqOYIlTwkq8IgzVH46Je/nqI7NNAKauUraS3cYVrLWJxoQ2mf1suYQhzRXd5Hzdm2+GrnCXaHu23CJMzd50v0S44ufli5CsF8vYVENGUcZkOu72EbUcG6MoN3AcnOYR7q2qrKD/wpE7+fr/FBKT8SR28wUMbk7thIATsSmarE/5aDYplpAQ9oU+yAi6PxWHttcojWMiii6aJxhUBvZllRBxgiMwv8o4HLY+LUQjwFa/rc1RK7jClmgQe7BC0GI9O0PZkT3MTZc2NOGMwt/iuAj/fclKIoeTOopytAYnoCTxthMXVzMqlvQW9O2ucCWKnWf2S8/RFAtrXQNhLJSRsO7uTIE1ktACr7OY9gD70f9RMbu/boNqcTqyvwiB3rsgg36O0xi7hxqEauewSWjsuy7nWMcnp6f/n5N2XjHSzS8oxreN54/Ilj7idNOp7RHSYlogG6rKbTq566jcOVYwYyCnEQfwlMFg7vUVcYBEnSXu27uF0Q1w/G4b0NEm/pgdNszGAsnNIHqIBouo3c5/VFlmJRmQw6V2tH7I3H1yynuCiTDqE7zsqU4yLoqn9do0PSBnXT/CBjTsbQ9pxPx64sSkJmLBCk5cH+aYePA0Z6dZ280juux3yyRbfLbZMttCGxgzC7g0qIv93U2zryBh4dzEXU0IixAweZe1sDMcjYWbSWWx6/CB2SJ2jXx8xrd5SLZrNJYWbcnyh4+ORaJ1vAoA11TFl/SsMpVSyOvK09+PsscTtZjVrigerS6Qpy/ons0iZSUAr5wxbW5/Tt1DdJK2Kymwk3z+urUtQlpGHJzNBv0gE2xBwRKHkUkVciRIA+KxQB2HXU+1CFLXyzrX3Kly6kvNENr43sXOSX+jrIxTfFcvY2ZBPgz57jmq3R2Hm+Zi8rzf8fKFIdHUWP4GBlHvVPMGLPC64gRU0GKsCSWXIaVmt8lzQSiwOrBKiy2ljObf5Gp3Az8Hc7O9LCh/z1HC96oX050qwH9HlCzURHOiu0nEwORfLfuEoPp4TFWqr8REKPHUCJuyom2iVZAiyxI7yf9nPchOZNKejdCM/8KvyfMrsJZIsgXqoktDsyGur4kzo2VtXd0GzWdWSw8UqAbhqyZYnJvbyuEbJCSM/u+fXqr86539n5JJNQVs0Aiz0GzNo7gMexPY7xUcVPAAa77Kr9c6NVoXRt4QeuK12hN6zZuVDxRrjiH+dNBst8UdrifQIN0jxAOPShp3kiOoyoVdOWSgyP+ByniLdonQjqf7yqIys0lriro7AWydi506Mbw4V5F4k07aa0JuPSMDsll8SzZhIglEwDoofusjonctej/p4e2EEZp6OvNUuZuQ5jMM23xuw3mSWWuV5FvVeRyq60iHMJxvU2y4ReCtgD5OUiDIK5q+EolH3+liFUdoYJMNZUa+7MPSKkblLWzK+UXdG/zFdM/DtC+oeimddANngujQV6QH11+S20oMsgtsivHbN8o85v7vYUXkuvscyU2EenAkxhTxfpge/MULxuKaBoM5sXTsE8KjLOrIgbJEtXEch2rLUS2jNlLl5CxD1UVse5XRXo+XoVs9MFklLzwKxk6R7ln/05Zmc5SEKqgJNInnKl1qgve0c4aG3RsZ9K3AQ+Ag/4asNKK/yJ9nxM3ZCjNTUhngtn4cK/sjA9Nh+7El7piepCXMRocDr4NWG0mf9RJDjm/jmXbG0O/ZNPWfiNKM/Td2+0rZGGUlqW5IYYD+XY8aUMdOKjDQJH+lBjldfZJtlmc8uHqDO6oOQBaQyqGNuvuy6v9Eh6uRRN/lVMwUPluKvsm1e1RjvuMUOnRaq5iTTpuXBTqos/7k9/6S7k2SpYDZu9qSxFP9i4/+NCmnXbCW7495QjGLh/6BV7UEPaDcj8MUoLrSfyp4Y5BcZrz0nwSjDkniIeSMXiFQci4CmXWV66ucSDrSn8iuVoRWvaXqJg74IqJVaed3xiKOJFi6q8vbDdyi0+59vB/ysLKdqgJ/YoVapjAaYyRXN2lXunetckfRQU/UhLtcBSOs6wue6nYN9a0IKneTJk/aRdSPwiiSyCGSgD2FzzoECzCTaI+A28kAm7wrBWBCq3aEl2fljm6aHXw6ralnYKRkv8TUf9G9k5kUHRraD++L/HMNs4MQY+XS8imU5iubdmAgpcyGXFjQl58Cq0jxe4j2wDB+slzILyo72klupGuu+hTSI02o30bb2SFydyUWMRBN1YochEtXOpmne/vubVmz3vrkadPTtsl9lY4Yskg/tg4P9KVIs4OMXfxW59AG9ts+1f+3RaXl/zBq++YYm3Fb8i4ik0C7FT6MDZbfbZERe50GHEO056I1A9TfXxPiP2dSOVJEkOpM+IjfNOrkainA3Or4G126/U2uByeCToL9wBHG+Np8mkuE4IVeVEnSnl275DWUVJhzevXemBwY69/d6L/7ZFi6+cYSMaXcq/79kFx0J6dEJURbLGU+2Rc8whGRK+8b/xwOE4zIrVH0PvAXSxR/ORRPs9vr9Bvr+vAhtvgX7kxMXpl0aExWMJ6PqE4DWO6aOkH7HKBrjsNDfjvfutKveN+5n738JgGNMyy18KqNgHCDXl4iq0Fao1JGKKwqwl/4KQ8hZ7i+MjqmbpLbhfddEBzF9MHu9L4wdqmjzAK8WkYeqUkPyxQX4RntE4XfoyxkaWdlc3Q9MTg1MzI4LHM9ODBhZDk2ODA3ZDlkNjdhNTljOWM5YmEwN2E4ZDZiNmE5ODkxN2Q4MTY3YWE5NzhlNzZhNzY0ODhhOWFiN2E5YWE2OWI5NjdlN2JhZjcyNzA=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "7543516c"
last-modified: Wed, 22 Mar 2023 10:06:27 GMT
content-type: image/vnd.microsoft.icon
content-length: 6767
content-encoding: gzip
cache-control: max-age=3595, public
expires: Fri, 24 Mar 2023 10:44:10 GMT
date: Fri, 24 Mar 2023 09:44:15 GMT
set-cookie: ___utmvc=a; Max-Age=0; path=/; expires=Mon, 20 Mar 2023 22:52:01 GMT
strict-transport-security: max-age=63072000
x-cdn: Imperva
x-iinfo: 3-5052336-5036945 2CNN RT(1679651053824 2080) q(0 0 0 -1) r(0 0)
X-Firefox-Spdy: h2
www.leovegas.com/stream?relay
107.154.248.168101 Switching Protocols 0 B URL HTTP/1.1 www.leovegas.com/stream?relay
IP 107.154.248.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stream?relay HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.leovegas.com
Sec-WebSocket-Protocol: graphql-ws
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uh7l2lstVBTnzgfr2Zt2Jw==
Connection: keep-alive, Upgrade
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222861626250%7c1%22%7d%5d; leo-essentials=%7B%22cid%22%3A%22ce969956-c0fc-402c-a2d2-8112a6bea827%22%7D; visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==; leobtag=667909_ED179FB202074EE6A185D27C8D404C26; leonrpid=3747044; leonrbid=15012; leonrmeta=[{"value":"wch3gd1nerjlgpgni2nrrhak","key":"c"}]; ___utmvc=rEFTyMqrfwLhvI0Bc3+zauq1Ll5qgvA6nQphsxGw6wc+sIOiSvqOYIlTwkq8IgzVH46Je/nqI7NNAKauUraS3cYVrLWJxoQ2mf1suYQhzRXd5Hzdm2+GrnCXaHu23CJMzd50v0S44ufli5CsF8vYVENGUcZkOu72EbUcG6MoN3AcnOYR7q2qrKD/wpE7+fr/FBKT8SR28wUMbk7thIATsSmarE/5aDYplpAQ9oU+yAi6PxWHttcojWMiii6aJxhUBvZllRBxgiMwv8o4HLY+LUQjwFa/rc1RK7jClmgQe7BC0GI9O0PZkT3MTZc2NOGMwt/iuAj/fclKIoeTOopytAYnoCTxthMXVzMqlvQW9O2ucCWKnWf2S8/RFAtrXQNhLJSRsO7uTIE1ktACr7OY9gD70f9RMbu/boNqcTqyvwiB3rsgg36O0xi7hxqEauewSWjsuy7nWMcnp6f/n5N2XjHSzS8oxreN54/Ilj7idNOp7RHSYlogG6rKbTq566jcOVYwYyCnEQfwlMFg7vUVcYBEnSXu27uF0Q1w/G4b0NEm/pgdNszGAsnNIHqIBouo3c5/VFlmJRmQw6V2tH7I3H1yynuCiTDqE7zsqU4yLoqn9do0PSBnXT/CBjTsbQ9pxPx64sSkJmLBCk5cH+aYePA0Z6dZ280juux3yyRbfLbZMttCGxgzC7g0qIv93U2zryBh4dzEXU0IixAweZe1sDMcjYWbSWWx6/CB2SJ2jXx8xrd5SLZrNJYWbcnyh4+ORaJ1vAoA11TFl/SsMpVSyOvK09+PsscTtZjVrigerS6Qpy/ons0iZSUAr5wxbW5/Tt1DdJK2Kymwk3z+urUtQlpGHJzNBv0gE2xBwRKHkUkVciRIA+KxQB2HXU+1CFLXyzrX3Kly6kvNENr43sXOSX+jrIxTfFcvY2ZBPgz57jmq3R2Hm+Zi8rzf8fKFIdHUWP4GBlHvVPMGLPC64gRU0GKsCSWXIaVmt8lzQSiwOrBKiy2ljObf5Gp3Az8Hc7O9LCh/z1HC96oX050qwH9HlCzURHOiu0nEwORfLfuEoPp4TFWqr8REKPHUCJuyom2iVZAiyxI7yf9nPchOZNKejdCM/8KvyfMrsJZIsgXqoktDsyGur4kzo2VtXd0GzWdWSw8UqAbhqyZYnJvbyuEbJCSM/u+fXqr86539n5JJNQVs0Aiz0GzNo7gMexPY7xUcVPAAa77Kr9c6NVoXRt4QeuK12hN6zZuVDxRrjiH+dNBst8UdrifQIN0jxAOPShp3kiOoyoVdOWSgyP+ByniLdonQjqf7yqIys0lriro7AWydi506Mbw4V5F4k07aa0JuPSMDsll8SzZhIglEwDoofusjonctej/p4e2EEZp6OvNUuZuQ5jMM23xuw3mSWWuV5FvVeRyq60iHMJxvU2y4ReCtgD5OUiDIK5q+EolH3+liFUdoYJMNZUa+7MPSKkblLWzK+UXdG/zFdM/DtC+oeimddANngujQV6QH11+S20oMsgtsivHbN8o85v7vYUXkuvscyU2EenAkxhTxfpge/MULxuKaBoM5sXTsE8KjLOrIgbJEtXEch2rLUS2jNlLl5CxD1UVse5XRXo+XoVs9MFklLzwKxk6R7ln/05Zmc5SEKqgJNInnKl1qgve0c4aG3RsZ9K3AQ+Ag/4asNKK/yJ9nxM3ZCjNTUhngtn4cK/sjA9Nh+7El7piepCXMRocDr4NWG0mf9RJDjm/jmXbG0O/ZNPWfiNKM/Td2+0rZGGUlqW5IYYD+XY8aUMdOKjDQJH+lBjldfZJtlmc8uHqDO6oOQBaQyqGNuvuy6v9Eh6uRRN/lVMwUPluKvsm1e1RjvuMUOnRaq5iTTpuXBTqos/7k9/6S7k2SpYDZu9qSxFP9i4/+NCmnXbCW7495QjGLh/6BV7UEPaDcj8MUoLrSfyp4Y5BcZrz0nwSjDkniIeSMXiFQci4CmXWV66ucSDrSn8iuVoRWvaXqJg74IqJVaed3xiKOJFi6q8vbDdyi0+59vB/ysLKdqgJ/YoVapjAaYyRXN2lXunetckfRQU/UhLtcBSOs6wue6nYN9a0IKneTJk/aRdSPwiiSyCGSgD2FzzoECzCTaI+A28kAm7wrBWBCq3aEl2fljm6aHXw6ralnYKRkv8TUf9G9k5kUHRraD++L/HMNs4MQY+XS8imU5iubdmAgpcyGXFjQl58Cq0jxe4j2wDB+slzILyo72klupGuu+hTSI02o30bb2SFydyUWMRBN1YochEtXOpmne/vubVmz3vrkadPTtsl9lY4Yskg/tg4P9KVIs4OMXfxW59AG9ts+1f+3RaXl/zBq++YYm3Fb8i4ik0C7FT6MDZbfbZERe50GHEO056I1A9TfXxPiP2dSOVJEkOpM+IjfNOrkainA3Or4G126/U2uByeCToL9wBHG+Np8mkuE4IVeVEnSnl275DWUVJhzevXemBwY69/d6L/7ZFi6+cYSMaXcq/79kFx0J6dEJURbLGU+2Rc8whGRK+8b/xwOE4zIrVH0PvAXSxR/ORRPs9vr9Bvr+vAhtvgX7kxMXpl0aExWMJ6PqE4DWO6aOkH7HKBrjsNDfjvfutKveN+5n738JgGNMyy18KqNgHCDXl4iq0Fao1JGKKwqwl/4KQ8hZ7i+MjqmbpLbhfddEBzF9MHu9L4wdqmjzAK8WkYeqUkPyxQX4RntE4XfoyxkaWdlc3Q9MTg1MzI4LHM9ODBhZDk2ODA3ZDlkNjdhNTljOWM5YmEwN2E4ZDZiNmE5ODkxN2Q4MTY3YWE5NzhlNzZhNzY0ODhhOWFiN2E5YWE2OWI5NjdlN2JhZjcyNzA=
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Fri, 24 Mar 2023 09:44:16 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Tly7Qq2YGyL9KsBKtQIJl/DAbr8=
Sec-WebSocket-Protocol: graphql-ws
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Set-Cookie: ___utmvc=a; Max-Age=0; path=/; expires=Mon, 20 Mar 2023 22:52:01 GMT
Strict-Transport-Security: max-age=63072000
X-CDN: Imperva
X-Iinfo: 11-4484818-4484820 NNNY CT(2 10 0) RT(1679651055923 14) q(0 0 0 -1) r(0 0) U11
app.launchdarkly.com/sdk/goals/5b9627a39619fd15611a390c
151.101.66.217200 OK 23 B URL HTTP/2 app.launchdarkly.com/sdk/goals/5b9627a39619fd15611a390c
IP 151.101.66.217:0
Hash f0d79988b7772c003d04a28bd7417a62
58423a999eec2997bcfffb247e9ecd3dfd0abf44
30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f
OPTIONS /sdk/goals/5b9627a39619fd15611a390c HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Referer: https://www.leovegas.com/
Origin: https://www.leovegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Fri, 24 Mar 2023 09:44:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 21
x-timer: S1679651057.974927,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23
X-Firefox-Spdy: h2
app.launchdarkly.com/sdk/goals/5b9627a39619fd15611a390c
151.101.66.217200 OK 26 B URL HTTP/2 app.launchdarkly.com/sdk/goals/5b9627a39619fd15611a390c
IP 151.101.66.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4895d253dd2c6acdb944f2bd7579cc89
9befc050756e1ec3b4b99e2579c0b86132f642a3
261feae8b4d06341989808887b33303dfb972c7566e389dbd8e1c1ea9b096a13
GET /sdk/goals/5b9627a39619fd15611a390c HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LaunchDarkly-User-Agent: JSClient/2.24.2
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 300
cache-control: max-age=0
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Fri, 24 Mar 2023 09:44:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 9
x-timer: S1679651057.984866,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 26
X-Firefox-Spdy: h2
app.launchdarkly.com/sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true
151.101.66.217200 OK 23 B URL HTTP/2 app.launchdarkly.com/sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true
IP 151.101.66.217:0
Hash f0d79988b7772c003d04a28bd7417a62
58423a999eec2997bcfffb247e9ecd3dfd0abf44
30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f
OPTIONS /sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Referer: https://www.leovegas.com/
Origin: https://www.leovegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Fri, 24 Mar 2023 09:44:17 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 118
x-timer: S1679651057.107839,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23
X-Firefox-Spdy: h2
app.launchdarkly.com/sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiRVVSIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true
151.101.66.217200 OK 23 B URL HTTP/2 app.launchdarkly.com/sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiRVVSIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true
IP 151.101.66.217:0
Hash f0d79988b7772c003d04a28bd7417a62
58423a999eec2997bcfffb247e9ecd3dfd0abf44
30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f
OPTIONS /sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiRVVSIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Referer: https://www.leovegas.com/
Origin: https://www.leovegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Fri, 24 Mar 2023 09:44:17 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: HIT
x-cache-hits: 119
x-timer: S1679651057.141328,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 6393b79bf0ac1e95524b8542e7360644
46f9ac2866a3446f37842ee8d183c8a274723222
2e62d45108204c52df0b7a645a4d944c165875bd3232c98dc2da21b659a67afd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2547
Cache-Control: max-age=121599
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:17 GMT
Etag: "641c9efd-1d7"
Expires: Sat, 25 Mar 2023 19:30:56 GMT
Last-Modified: Thu, 23 Mar 2023 18:48:29 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 6393b79bf0ac1e95524b8542e7360644
46f9ac2866a3446f37842ee8d183c8a274723222
2e62d45108204c52df0b7a645a4d944c165875bd3232c98dc2da21b659a67afd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4451
Cache-Control: max-age=123503
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:17 GMT
Etag: "641c9efd-1d7"
Expires: Sat, 25 Mar 2023 20:02:40 GMT
Last-Modified: Thu, 23 Mar 2023 18:48:29 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471
track.adform.net/serving/cookie/?adfaction=getjs;adfcookname=uid
37.157.6.254200 OK 180 B URL HTTP/2 track.adform.net/serving/cookie/?adfaction=getjs;adfcookname=uid
IP 37.157.6.254:0
File type ASCII text, with no line terminators
Hash 2255005e68a8880fe8846b0ce53772ad
36ba75259314950e35818b9d871b02b09dab56ce
28df773657a07be0bbc8ab226c401438dacd6a9bc8662f38f0a69252c0089fc5
GET /serving/cookie/?adfaction=getjs;adfcookname=uid HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 09:44:17 GMT
content-type: text/javascript; charset=utf-8
content-length: 180
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
app.launchdarkly.com/sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true
151.101.66.217200 OK 3.7 kB URL HTTP/2 app.launchdarkly.com/sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true
IP 151.101.66.217:0
File type JSON data\012- , ASCII text, with very long lines (24939), with no line terminators
Hash 0852d4b3ba81f7b2101e409a54d15644
2e9ad0b27af4cb58d3e30df3e058db15609897c1
d6a275aa48efbd76dab16e5e93bc9e6367e4d2c577b3c502bd3e6a93f88fdf15
GET /sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LaunchDarkly-User-Agent: JSClient/2.24.2
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: max-age=0
etag: "5504dbb"
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
content-encoding: gzip
accept-ranges: bytes
date: Fri, 24 Mar 2023 09:44:17 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA, cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679651057.140077,VS0,VE47
vary: Authorization, Accept-Encoding
age: 0
content-length: 3665
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i|Roboto+Slab:700&subset=latin-ext&display=swap
142.250.74.138200 OK 24 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i|Roboto+Slab:700&subset=latin-ext&display=swap
IP 142.250.74.138:0
Hash 94c5a30f86b31f453a32a3c7ede214f3
911908a06d317afa56b58236657926ad3ad83880
a8b9900308d70a28d00ec7ce71fcdc8e7432b91a3aa55716eb5dfb5cf6b9a3f6
GET /css?family=Roboto:400,400i,500,500i,700,700i,900,900i|Roboto+Slab:700&subset=latin-ext&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 24 Mar 2023 09:44:15 GMT
date: Fri, 24 Mar 2023 09:44:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
app.launchdarkly.com/sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiRVVSIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true
151.101.66.217200 OK 3.7 kB URL HTTP/2 app.launchdarkly.com/sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiRVVSIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true
IP 151.101.66.217:0
File type JSON data\012- , ASCII text, with very long lines (24939), with no line terminators
Hash 0852d4b3ba81f7b2101e409a54d15644
2e9ad0b27af4cb58d3e30df3e058db15609897c1
d6a275aa48efbd76dab16e5e93bc9e6367e4d2c577b3c502bd3e6a93f88fdf15
GET /sdk/evalx/5b9627a39619fd15611a390c/users/eyJrZXkiOiJjZTk2OTk1Ni1jMGZjLTQwMmMtYTJkMi04MTEyYTZiZWE4MjciLCJjb3VudHJ5IjoiTk8iLCJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJjbGllbnRJZCI6ImFub255bW91cyIsImNvbnRleHRDb3VudHJ5IjoiTk8iLCJjb250ZXh0TGljZW5zZSI6Ik1HQSIsImN1cnJlbmN5IjoiRVVSIiwibGFuZ3VhZ2UiOiJFTiIsImxpY2Vuc2UiOiJNR0EiLCJtYXJrZXQiOiJOTyIsInBsYXRmb3JtVHlwZSI6Im1vYmlsZSIsInBsYXllcklkIjoiIiwicmVhbEtleSI6ImNlOTY5OTU2LWMwZmMtNDAyYy1hMmQyLTgxMTJhNmJlYTgyNyIsInVuaXF1ZUlkIjoiY2U5Njk5NTYtYzBmYy00MDJjLWEyZDItODExMmE2YmVhODI3In19?withReasons=true HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LaunchDarkly-User-Agent: JSClient/2.24.2
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: max-age=0
etag: "5504dbb"
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
content-encoding: gzip
accept-ranges: bytes
date: Fri, 24 Mar 2023 09:44:17 GMT
via: 1.1 varnish
x-served-by: cache-bma1628-BMA, cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679651057.154079,VS0,VE47
vary: Authorization, Accept-Encoding
age: 0
content-length: 3665
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-6&cid=1578965344.1679651068&jid=336859295&_gid=1389938635.1679651068&gjid=694672961&_v=j99&z=1870802245
64.233.162.156302 Found 366 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-6&cid=1578965344.1679651068&jid=336859295&_gid=1389938635.1679651068&gjid=694672961&_v=j99&z=1870802245
IP 64.233.162.156:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6dd078a400763cc4376571d72626e351
7d72fee60f1e48672138d4cf131f98bd8bbaa081
4a1ef97bf6a91a292687f04fb850171c5fdc68a0e6b16ccbae8abbdf7abdd269
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25600410-6&cid=1578965344.1679651068&jid=336859295&_gid=1389938635.1679651068&gjid=694672961&_v=j99&z=1870802245 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://www.leovegas.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-6&cid=1578965344.1679651068&jid=336859295&_v=j99&z=1870802245
access-control-allow-origin: null
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 24 Mar 2023 09:44:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a37ccb2b0d2b6bd75ea76a9535478b74
282cdfc85b1bc6e7b8741fb82ea37844ba831a53
6f9eded96973ad739947a784fddd57298bd3bc8abb3d71eff5c5492826cf254a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-6&cid=1578965344.1679651068&jid=336859295&_v=j99&z=1870802245
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-6&cid=1578965344.1679651068&jid=336859295&_v=j99&z=1870802245
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-6&cid=1578965344.1679651068&jid=336859295&_v=j99&z=1870802245 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://www.leovegas.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-6&cid=1578965344.1679651068&jid=336859295&_v=j99&z=1870802245&slf_rd=1&random=3428789231
access-control-allow-origin: null
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash bd8094658345752130fe70666a853e71
d9836e489664576f261f23204c3263846b371c6a
0b85cc8184573772722084aa849e2770fd47fa46160e7371ce8c3e8e144738f3
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163946
Date: Fri, 24 Mar 2023 09:44:17 GMT
Etag: "641d3c88-1d7"
Expires: Sun, 26 Mar 2023 07:16:43 GMT
Last-Modified: Fri, 24 Mar 2023 06:00:40 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7BxQpxhyHTjIx-25kuigSN0rW7-6EcchkUreogjcMzinzh-nXMXLUg==
Age: 4563
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c1bec9941c82e2a75f433a9989ff131d
f362aafde39e53e6c85aed88514e7d9272d8b099
693fe25761b15b3f663bb491a3cad382f1bb0a60083375b6aec21af2fdddb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a6cad75209fdd6f267646b8382348c4b
35d993c683277cba55a4a86e15afa0c378d9a1d8
f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-6&cid=1578965344.1679651068&jid=336859295&_v=j99&z=1870802245&slf_rd=1&random=3428789231
216.58.207.227200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-6&cid=1578965344.1679651068&jid=336859295&_v=j99&z=1870802245&slf_rd=1&random=3428789231
IP 216.58.207.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25600410-6&cid=1578965344.1679651068&jid=336859295&_v=j99&z=1870802245&slf_rd=1&random=3428789231 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://www.leovegas.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-origin: null
access-control-allow-credentials: true
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a6cad75209fdd6f267646b8382348c4b
35d993c683277cba55a4a86e15afa0c378d9a1d8
f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=LeoVegas%7C%2Flive-casino&ADFdivider=%7C&ord=600165562062&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.6.254302 Found 1.2 kB URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=LeoVegas%7C%2Flive-casino&ADFdivider=%7C&ord=600165562062&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.6.254:0
Hash e6554a365e5c496b4e9d52ccfc71210d
53b43d970283ef7ff703069cbf07a25683468571
c5cce28b80151e0c7284629095c42f8d6ef55348a91705c02a50a1a2b7463b2c
GET /Serving/TrackPoint/?pm=497538&ADFPageName=LeoVegas%7C%2Flive-casino&ADFdivider=%7C&ord=600165562062&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 24 Mar 2023 09:44:18 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=497538&ADFPageName=LeoVegas%7C%2Flive-casino&ADFdivider=%7C&ord=600165562062&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
set-cookie: C=1; domain=adform.net; expires=Mon, 24-Apr-2023 08:44:18 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=Sc_Ret&ADFdivider=%7C&ord=499625651414&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.6.254302 Found 1.0 kB URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=Sc_Ret&ADFdivider=%7C&ord=499625651414&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.6.254:0
Hash b36b6e42855648357f9379445c530df7
e7692144621bfbc92721e7d3ca31e030a46e201d
2cec8002732da73a5c275204ae891e9d67e08c5e23de5e7e2b32e16f0a9c3e56
GET /Serving/TrackPoint/?pm=497538&ADFPageName=Sc_Ret&ADFdivider=%7C&ord=499625651414&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 24 Mar 2023 09:44:18 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=497538&ADFPageName=Sc_Ret&ADFdivider=%7C&ord=499625651414&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
set-cookie: C=1; domain=adform.net; expires=Mon, 24-Apr-2023 08:44:18 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
dmp.adform.net/serving/cookie/match?party=1140&cid=&uid=-5932061713061764574
37.157.2.234302 Found 0 B URL HTTP/2 dmp.adform.net/serving/cookie/match?party=1140&cid=&uid=-5932061713061764574
IP 37.157.2.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving/cookie/match?party=1140&cid=&uid=-5932061713061764574 HTTP/1.1
Host: dmp.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 24 Mar 2023 09:44:18 GMT
content-length: 0
location: https://dmp.adform.net/serving/cookie/match?CC=1&party=1140&cid=&uid=-5932061713061764574
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Mon, 24 Apr 2023 09:44:18 GMT; domain=adform.net; path=/
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~index~bfe0ed74.0f6e4495cbb73572edbb.chunk.css?e=p
34.107.241.180200 OK 11 kB URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~index~bfe0ed74.0f6e4495cbb73572edbb.chunk.css?e=p
IP 34.107.241.180:0
File type ASCII text, with very long lines (34776)
Hash 63cfb578e4b806f79f1c531d81ab3ca6
f8ec0faadea7b5871dc3461c0de77576691ba2fd
4744b20160952080d1ce9cfcfb21afb16305b4d86a4e008035ea14ae1e7e9cb9
GET /fulcrum/v4/master/dynamic/mobile.CasinoCategory~CasinoScreen~index~bfe0ed74.0f6e4495cbb73572edbb.chunk.css?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvHPCg5y6e_hUJCpxIIGK0HFwCe8BqsGlGfOCfXDdpH9xuuqjMMleBm-oXzJnID3IdQ8Bh6Tu_bF5tL1dl4Xq4OwA
x-goog-generation: 1677074271617531
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5245
content-encoding: gzip
x-goog-hash: crc32c=Z2j94A==, md5=i5sK4vq5ZNhVqVWMHNg4sQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 5245
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 22 Mar 2023 14:01:35 GMT
expires: Wed, 19 Apr 2023 14:01:35 GMT
cache-control: public, max-age=2419200,no-transform
age: 157360
last-modified: Wed, 22 Feb 2023 13:57:51 GMT
etag: "8b9b0ae2fab964d855a9558c1cd838b1"
content-type: text/css
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 727 B IP 192.229.221.95:0
Hash 72e954969f367fc337fd0cb1e24307b1
f2594a6247a926b05996ae549ba7310d020e7761
6f21b9580ad3dab2840bec014a1c62626a61ad4aea722dc6dc5daaef42349b06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6121
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:18 GMT
Last-Modified: Fri, 24 Mar 2023 08:02:18 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 727
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 5e8704a12f07410f765f73bae0a091a5
d92791a047258ff29137c7ed15159ce50319a105
06d8004898d29a0ff0bce70ccca275a34b8c87cedc8dd90458fe82869308f91d
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92044
Date: Fri, 24 Mar 2023 09:44:18 GMT
Etag: "641c279d-1d7"
Expires: Sat, 25 Mar 2023 11:18:22 GMT
Last-Modified: Thu, 23 Mar 2023 10:19:09 GMT
Server: ECAcc (nya/1C1E)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0DwLSM1OvxHA5HgWE6Jpaj1kkxVU7bEcnq5Rqi_M35ChvnlbmEjOwQ==
Age: 3553
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 5e8704a12f07410f765f73bae0a091a5
d92791a047258ff29137c7ed15159ce50319a105
06d8004898d29a0ff0bce70ccca275a34b8c87cedc8dd90458fe82869308f91d
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94435
Date: Fri, 24 Mar 2023 09:44:18 GMT
Etag: "641c279d-1d7"
Expires: Sat, 25 Mar 2023 11:58:13 GMT
Last-Modified: Thu, 23 Mar 2023 10:19:09 GMT
Server: ECAcc (nya/79F3)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WtunYkJ0oNznHr1uGipjQvsS3iErqiHBqOND_CUr4nqj-9Bxl0_FFg==
Age: 5944
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9729c913e387cc5cc54e05625f5cbea6
4ace3c47b9999658bc7018e940df5c72b3942f17
19946517f8ed1a0931cca69ad96b334031d2aabd31425c16a2bcac0b1e346239
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
9915903.fls.doubleclick.net/activityi;src=9915903;type=pagev0;cat=pagev0;ord=1679651069002.ypr5pp2n;gtm=45Fe33m0;auiddc=1583720000.1679651069;u4=livecasino;~oref=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012?
216.58.211.6200 OK 344 B URL HTTP/2 9915903.fls.doubleclick.net/activityi;src=9915903;type=pagev0;cat=pagev0;ord=1679651069002.ypr5pp2n;gtm=45Fe33m0;auiddc=1583720000.1679651069;u4=livecasino;~oref=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012?
IP 216.58.211.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (600), with no line terminators
Hash 02644477f856c35b03186e7830b91b07
dc647a172e6843706f356253fb147ba2e9ce3af3
3e85740a68e78b1f7d6acbf66f021553453dbf36137ccdb6e116e4b43b67dfc9
GET /activityi;src=9915903;type=pagev0;cat=pagev0;ord=1679651069002.ypr5pp2n;gtm=45Fe33m0;auiddc=1583720000.1679651069;u4=livecasino;~oref=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012? HTTP/1.1
Host: 9915903.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 344
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 24-Mar-2023 09:59:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/E1c_Kpl_syM
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E1c_Kpl_syM
IP 216.58.211.3:0
Hash 2d39940671474792d944bd57942c3ea0
d3ae6ff8eb533140467b008b23005323132f6027
ab9c5f6211edd83c476ee8774f297bda8172a216cc490b03d928322c12839b7b
POST /s/gts1d4/E1c_Kpl_syM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
events.launchdarkly.com/events/diagnostic/5b9627a39619fd15611a390c
50.16.0.31204 No Content 0 B URL HTTP/2 events.launchdarkly.com/events/diagnostic/5b9627a39619fd15611a390c
IP 50.16.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /events/diagnostic/5b9627a39619fd15611a390c HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Referer: https://www.leovegas.com/
Origin: https://www.leovegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 09:44:18 GMT
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tgtag.io/tg.js?pid=tg-g-002415-002
34.120.230.83200 OK 32 kB URL HTTP/2 tgtag.io/tg.js?pid=tg-g-002415-002
IP 34.120.230.83:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 4c66aa306a70777aff929a9feb617c0b
a49d86c14a56772188b9c70241903f670ffa4f96
45a9ac978ff4c4129f708f4ce497cebf8c8cb9e1d6b0529beedac020970d3f8b
GET /tg.js?pid=tg-g-002415-002 HTTP/1.1
Host: tgtag.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdttNO_yzwyrZzAYyrEff0TZxBLCX2i2ah8BzvopP8UgzWB_n6vEExFAmnI7oo1in230ude2zKb-3H7cDXOXyRbXeQ
x-goog-generation: 1678364290895724
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 32088
content-encoding: gzip
x-goog-hash: crc32c=i1Dhig==, md5=TGaqMGpwd3r/kpqf62F8Cw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 32088
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
server: UploadServer
date: Thu, 23 Mar 2023 12:06:20 GMT
expires: Fri, 24 Mar 2023 12:06:20 GMT
cache-control: public, no-transform, max-age=86400, s-maxage=86400
age: 77878
last-modified: Thu, 09 Mar 2023 12:18:10 GMT
etag: "4c66aa306a70777aff929a9feb617c0b"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9729c913e387cc5cc54e05625f5cbea6
4ace3c47b9999658bc7018e940df5c72b3942f17
19946517f8ed1a0931cca69ad96b334031d2aabd31425c16a2bcac0b1e346239
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
usage.trackjs.com/usage.gif?token=c7755ba8906e4776818012e627c020ba&correlationId=13dd6dd4-4e56-4d74-85c6-61325a03a55a&application=fulcrum-mobile&x=9acdaf01-2521-4059-8e9b-2e74e4c62c08&
167.114.119.127200 OK 43 B URL HTTP/1.1 usage.trackjs.com/usage.gif?token=c7755ba8906e4776818012e627c020ba&correlationId=13dd6dd4-4e56-4d74-85c6-61325a03a55a&application=fulcrum-mobile&x=9acdaf01-2521-4059-8e9b-2e74e4c62c08&
IP 167.114.119.127:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /usage.gif?token=c7755ba8906e4776818012e627c020ba&correlationId=13dd6dd4-4e56-4d74-85c6-61325a03a55a&application=fulcrum-mobile&x=9acdaf01-2521-4059-8e9b-2e74e4c62c08& HTTP/1.1
Host: usage.trackjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 09:44:18 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/E1c_Kpl_syM
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E1c_Kpl_syM
IP 216.58.211.3:0
Hash 2d39940671474792d944bd57942c3ea0
d3ae6ff8eb533140467b008b23005323132f6027
ab9c5f6211edd83c476ee8774f297bda8172a216cc490b03d928322c12839b7b
POST /s/gts1d4/E1c_Kpl_syM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c1bec9941c82e2a75f433a9989ff131d
f362aafde39e53e6c85aed88514e7d9272d8b099
693fe25761b15b3f663bb491a3cad382f1bb0a60083375b6aec21af2fdddb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
events.launchdarkly.com/events/diagnostic/5b9627a39619fd15611a390c
50.16.0.31202 Accepted 0 B URL HTTP/2 events.launchdarkly.com/events/diagnostic/5b9627a39619fd15611a390c
IP 50.16.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events/diagnostic/5b9627a39619fd15611a390c HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-LaunchDarkly-User-Agent: JSClient/2.24.2
Content-Length: 797
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 24 Mar 2023 09:44:18 GMT
content-type: application/json
content-length: 0
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=9915903;type=pagev0;cat=pagev0;ord=1679651069002.ypr5pp2n;gtm=45Fe33m0;auiddc=1583720000.1679651069;u4=livecasino;~oref=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012
216.58.207.194200 OK 346 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9915903;type=pagev0;cat=pagev0;ord=1679651069002.ypr5pp2n;gtm=45Fe33m0;auiddc=1583720000.1679651069;u4=livecasino;~oref=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (599), with no line terminators
Hash 1cd1e3bb6b63b1273767d32d9a7822a9
204097ef77286c8db013240c6a6ba7ded8a6b84b
3d09a7481cf47971d4b4414cc572ed3d680258f38cca643e0d51b1949a19cba8
GET /ddm/fls/i/src=9915903;type=pagev0;cat=pagev0;ord=1679651069002.ypr5pp2n;gtm=45Fe33m0;auiddc=1583720000.1679651069;u4=livecasino;~oref=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9915903.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9915903;type=pagev0;cat=pagev0;ord=1679651069002.ypr5pp2n;gtm=45Fe33m0;auiddc=1583720000.1679651069;u4=livecasino;~oref=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9915903;type=pagev0;cat=pagev0;ord=1679651069002.ypr5pp2n;gtm=45Fe33m0;auiddc=1583720000.1679651069;u4=livecasino;~oref=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=9915903;type=pagev0;cat=pagev0;ord=1679651069002.ypr5pp2n;gtm=45Fe33m0;auiddc=1583720000.1679651069;u4=livecasino;~oref=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:44:19 GMT
expires: Fri, 24 Mar 2023 09:44:19 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
websdk.appsflyer.com/?st=pba&
95.101.10.67200 OK 9.6 kB URL HTTP/1.1 websdk.appsflyer.com/?st=pba&
IP 95.101.10.67:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21856)
Hash 1214b03c1da1942cfdd2183b216ba3c8
1a46d03ac7bd9bae1b849b610918d1fbe18efe76
ba7e3eba24eaccfae9be9adda9397b5a1692da83bddc9b1e08e2d9700ac271f0
GET /?st=pba& HTTP/1.1
Host: websdk.appsflyer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: M44pSGH6vcjNlP5UaqybVYuuWdAAnTeV9hRgNPOK/tpE3okTq2NYkjNTtxo9PK8D2YrCkCdNTsE=
x-amz-request-id: DAGQS2QYCYYEYGCY
Last-Modified: Thu, 26 Jan 2023 08:01:30 GMT
ETag: "3f70a47c03cc36fb3ee43dea835e4d0d"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2612
Expires: Fri, 24 Mar 2023 10:27:51 GMT
Date: Fri, 24 Mar 2023 09:44:19 GMT
Content-Length: 9578
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4885
Cache-Control: max-age=123256
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:19 GMT
Etag: "641c9c56-1d7"
Expires: Sat, 25 Mar 2023 19:58:35 GMT
Last-Modified: Thu, 23 Mar 2023 18:37:10 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash e5f5bf796d91f271e383cf1ff3ee5af4
70ead02da19095ca752d55e89a48fcdf59d44d33
247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: mDH6l07vwyxPqV+S98uA9rL+ixy+c3qpoOmR7XwU7qfS+h/NqTJ2vZVM3JRASkw91539ExZZ0cO0+geNwViY2A==
content-length: 27907
x-fb-trip-id: 1679558926
date: Fri, 24 Mar 2023 09:44:19 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/4hZIA1P-PfE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/4hZIA1P-PfE
IP 216.58.211.3:0
Hash c9e6bb84f639c5a4149384e338e03675
040e398cb65c7188a57540e21b56a35dec77ee91
5bdbceda35dfcde4762368f4c9364424f2ed3d5619fd6b2dd8f798e34ea652ac
POST /s/gts1d4/4hZIA1P-PfE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4885
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:19 GMT
Last-Modified: Fri, 24 Mar 2023 08:22:54 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 76caf48500b2e23ec86a529265e1bbd1
abbc7fe06ebdb6debb7135b0466557a68f2e8ad4
2c70695a16ad42342043d1ea5c2454130962215713a8917276203d32d7252097
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98910
Date: Fri, 24 Mar 2023 09:44:19 GMT
Etag: "641c4395-1d7"
Expires: Sat, 25 Mar 2023 13:12:49 GMT
Last-Modified: Thu, 23 Mar 2023 12:18:29 GMT
Server: ECAcc (bsa/EB4C)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: b_2rQsTL8UNNYd0eXytc9lcN_QyQAvj24Q9w0jrPxfVoSzSReJZKdA==
Age: 3260
api.trafficguard.ai/tg-g-002415-002/api/v4/client-side/validate/event
34.120.121.20200 OK 61 B URL HTTP/2 api.trafficguard.ai/tg-g-002415-002/api/v4/client-side/validate/event
IP 34.120.121.20:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1ee7cd02b35c7097455eca23d537d40b
f95ae0ab0201aaef86698c9ac66d680fd4e046a0
18cccf9f3ae615df065ef20111e050bb202254d4cf780c150927f51d00d6bffc
POST /tg-g-002415-002/api/v4/client-side/validate/event HTTP/1.1
Host: api.trafficguard.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 2200
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
x-xss-protection: 0
x-content-type-options: nosniff
access-control-allow-origin: https://www.leovegas.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
set-cookie: geid=0101003f-d8cd-45e7-8c00-1682641d70f3; Domain=.trafficguard.ai; Path=/; Expires=Sat, 23 Mar 2024 09:44:19 GMT; HttpOnly; Secure; SameSite=None
geid-legacy=0101003f-d8cd-45e7-8c00-1682641d70f3; Domain=.trafficguard.ai; Path=/; Expires=Sat, 23 Mar 2024 09:44:19 GMT; HttpOnly
content-type: application/json; charset=utf-8
content-length: 61
etag: W/"3d-+VrgqwIBqu+GaYyaxm1oD9TgRqA"
date: Fri, 24 Mar 2023 09:44:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash cfded0ebff82be4d70def06debd1cc78
d2f5e81ae2bf9037bb8671619deefa5e38728edb
bcfd0f99bd793a4e183fe5c7134c28e0573a125ba6986df54ac9ecfdf3a3e0d0
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 24 Mar 2023 09:44:19 GMT
Last-Modified: Fri, 24 Mar 2023 08:52:08 GMT
Server: ECAcc (nya/7919)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: izOWYuijeXCyGg6Ih4TOhjjbPllXUBDCVMuoNRZt09LM_fpr9X0srw==
Age: 3131
ocsp.pki.goog/s/gts1d4/4hZIA1P-PfE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/4hZIA1P-PfE
IP 216.58.211.3:0
Hash c9e6bb84f639c5a4149384e338e03675
040e398cb65c7188a57540e21b56a35dec77ee91
5bdbceda35dfcde4762368f4c9364424f2ed3d5619fd6b2dd8f798e34ea652ac
POST /s/gts1d4/4hZIA1P-PfE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wa.onelink.me/v1/onelink
52.19.40.55200 OK 13 B IP 52.19.40.55:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 593e8538d63f30de24fbb439dd424870
f838a78077c6d023e0d0bca95f0f335df4b8b468
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
GET /v1/onelink HTTP/1.1
Host: wa.onelink.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Origin: https://www.leovegas.com
Content-Type: application/json
Date: Fri, 24 Mar 2023 09:44:19 GMT
Content-Length: 13
Connection: keep-alive
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 7de203dfbcc79531d9d33bab1db7e4e9
b7853f45319ca3a4766e632d225ed363d034ea44
0a849f69934296b9710088488291f42022efff439d11a1f98e843f79c38494f6
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142857
Date: Fri, 24 Mar 2023 09:44:19 GMT
Etag: "641ce575-1d7"
Expires: Sun, 26 Mar 2023 01:25:16 GMT
Last-Modified: Thu, 23 Mar 2023 23:49:09 GMT
Server: ECAcc (nya/78C0)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wW9865_T7fw_OIzuimDiFgiiG2J5X4e62b-WtlOz2CReWyqZxH5mqw==
Age: 5767
wa.appsflyer.com/events?site-id=6d3a3941-6835-4f61-8644-5e8746828ef8
52.212.190.143200 OK 76 B URL HTTP/1.1 wa.appsflyer.com/events?site-id=6d3a3941-6835-4f61-8644-5e8746828ef8
IP 52.212.190.143:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7a3536a4b6d4fe24caa083b84b6fe15
5d562f217ac3c527f47a07824ebfbd950185e48f
128694c73c27568f3482fc65e5bed2d04f4873fbeb000d981fa25afef9a370b2
POST /events?site-id=6d3a3941-6835-4f61-8644-5e8746828ef8 HTTP/1.1
Host: wa.appsflyer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 1575
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Origin: https://www.leovegas.com
Content-Type: application/json
Date: Fri, 24 Mar 2023 09:44:19 GMT
Set-Cookie: af_id=0b92a9fc-10bd-43a2-94a9-6d8e8d067ae4-p; Domain=appsflyer.com; Expires=Sun, 23 Mar 2025 09:44:19 GMT
Content-Length: 76
Connection: keep-alive
wa.onelink.me/v1/onelink?af_id=0b92a9fc-10bd-43a2-94a9-6d8e8d067ae4-p
52.19.40.55200 OK 51 B URL HTTP/1.1 wa.onelink.me/v1/onelink?af_id=0b92a9fc-10bd-43a2-94a9-6d8e8d067ae4-p
IP 52.19.40.55:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 822d99b67d6ab920ed95d1303d4f0ce2
fa923a0474c22e489e29e7a879b4608a49a74d3c
e7d735abd48d24ecfd41075819f2eff34fa7f92ab6d7710c5ab888ad67a7126f
GET /v1/onelink?af_id=0b92a9fc-10bd-43a2-94a9-6d8e8d067ae4-p HTTP/1.1
Host: wa.onelink.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Origin: https://www.leovegas.com
Content-Type: application/json
Date: Fri, 24 Mar 2023 09:44:19 GMT
Set-Cookie: af_id=0b92a9fc-10bd-43a2-94a9-6d8e8d067ae4-p; Path=/; Domain=onelink.me; Expires=Sun, 23 Mar 2025 09:44:19 GMT
Content-Length: 51
Connection: keep-alive
clicks.pipaffiliates.com/c?c=629444&l=en&p=0
23.38.200.104307 Temporary Redirect 0 B URL HTTP/2 clicks.pipaffiliates.com/c?c=629444&l=en&p=0
IP 23.38.200.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c?c=629444&l=en&p=0 HTTP/1.1
Host: clicks.pipaffiliates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://products.admaxium.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store, must-revalidate
location: https://www.xm.com/affiliate_tracking?affid=1065878&clickid=4dfb8877-b176-46c9-bfa0-23f254bdf6fc&oldid=&campaigntype=1&url=https%3A%2F%2Fwww.xm.com%2F%3Futm_source%3Dproducts.admaxium.com%26utm_content%3D1065878%26utm_medium%3Daffiliate
content-security-policy: default-src 'self' *.xm.com data: 'unsafe-inline' 'unsafe-eval' *.akamaihd.net *.hotjar.com *.google-analytics.com *.hotjar.io wss://*.hotjar.com bam.nr-data.net bam.eu01.nr-data.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.akamaihd.net *.googletagmanager.com *.google-analytics.com *.hotjar.com *.newrelic.com bam.nr-data.net bam.eu01.nr-data.net; img-src * data:; media-src * data:; frame-src youtube.com www.youtube.com videos.sproutvideo.com;
x-content-type-options: nosniff
content-length: 0
date: Fri, 24 Mar 2023 09:44:20 GMT
set-cookie: JSESSIONID=rxR1hZsbGgtpaY-7r85ZiwuEpJyLBRats1tYDdyI.823502-affsrv2; path=/Tracking
server-timing: cdn-cache; desc=MISS, edge; dur=43, origin; dur=16, ak_p; desc="466569_388255508_78958053_5935_7071_3_0";dur=1
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
products.admaxium.com/product/24d39239f479b56000dbbc4a6b01054520df8360cca1f0982f8d2aa280dd4fef
172.67.193.247200 OK 130 B URL HTTP/2 products.admaxium.com/product/24d39239f479b56000dbbc4a6b01054520df8360cca1f0982f8d2aa280dd4fef
IP 172.67.193.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 225147456a5ec23c276974f038093490
6c6729532fb20a83fa9ec39c109b298035433ca8
3e393bc45aed46bd20cf910e62abe6b169aac9d926f7eca4f93de9bdbc1ef959
GET /product/24d39239f479b56000dbbc4a6b01054520df8360cca1f0982f8d2aa280dd4fef HTTP/1.1
Host: products.admaxium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 09:44:19 GMT
content-type: text/html;charset=utf-8
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BJdfCX2MKzi0JC0VRfdri1%2FN%2Bw8zy%2Fsfv6dvwlkQvPYOQ%2Bb7L1bVY34Wu0hlihtiO2ZFhS7jLSamuqv1fsghxI788EjPdedQpYPLRl0j4vgWszv1Qvfu2V1u6o7%2B7dOeVa47Hsc2PQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7acdf9934c29067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01089727&enableDeviceDetection=1&prdid=1&platform=0&rurl=https%3A%2F%2Fmembers.bet365.com%2FMembers%2FHelpers%2FDefaultAff.aspx%3Faffiliate%3D365_01089727%26BCTID%3D1560100313%26enableDeviceDetection%3D1%26prdid%3D1%26platform%3D0&DisplayMode=Desktop
5.226.179.10200 OK 177 B URL HTTP/1.1 members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01089727&enableDeviceDetection=1&prdid=1&platform=0&rurl=https%3A%2F%2Fmembers.bet365.com%2FMembers%2FHelpers%2FDefaultAff.aspx%3Faffiliate%3D365_01089727%26BCTID%3D1560100313%26enableDeviceDetection%3D1%26prdid%3D1%26platform%3D0&DisplayMode=Desktop
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 475774a26d4f30240a3534bcbd2fd161
9fd7b986673786b4fc80943b330bd1c03256049e
f7541d6ca43b4da74a89ec05885dceabf1a4af132d36326cf7974a47c904c811
GET /Members/Helpers/DefaultAff.aspx?affiliate=365_01089727&enableDeviceDetection=1&prdid=1&platform=0&rurl=https%3A%2F%2Fmembers.bet365.com%2FMembers%2FHelpers%2FDefaultAff.aspx%3Faffiliate%3D365_01089727%26BCTID%3D1560100313%26enableDeviceDetection%3D1%26prdid%3D1%26platform%3D0&DisplayMode=Desktop HTTP/1.1
Host: members.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://products.admaxium.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 09:44:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 177
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
ME-Redirect: PQB
CF-Cache-Status: DYNAMIC
Set-Cookie: Affiliates=Code=365_01089727%2f170209912312&prd=Sports; domain=.bet365.com; expires=Mon, 08-May-2023 08:44:19 GMT; path=/; secure
session=processform=0; path=/; secure
pstk=7017A05793A94F1EA6347F1BA96AACE1000003; domain=.bet365.com; path=/; secure
__cf_bm=_bZm5jQ74ays0zq1vR22qb9uRtt9WyoB7ZoVdsLjf.E-1679651060-0-ARjBmlfPbAXEF8eR9pJ4OBTrLkreggVWkU4F0qDtp0M6ZiNtuuRvAtLe1+C2QMVp3IrdkY0hFcxEpbqbg2xvBZY=; path=/; expires=Fri, 24-Mar-23 10:14:20 GMT; domain=.bet365.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 7acdf9947f6cb50b-OSL
www.xm.com/affiliate_tracking?affid=1065878&clickid=4dfb8877-b176-46c9-bfa0-23f254bdf6fc&oldid=&campaigntype=1&url=https%3A%2F%2Fwww.xm.com%2F%3Futm_source%3Dproducts.admaxium.com%26utm_content%3D1065878%26utm_medium%3Daffiliate
23.38.200.104302 Found 0 B URL HTTP/2 www.xm.com/affiliate_tracking?affid=1065878&clickid=4dfb8877-b176-46c9-bfa0-23f254bdf6fc&oldid=&campaigntype=1&url=https%3A%2F%2Fwww.xm.com%2F%3Futm_source%3Dproducts.admaxium.com%26utm_content%3D1065878%26utm_medium%3Daffiliate
IP 23.38.200.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /affiliate_tracking?affid=1065878&clickid=4dfb8877-b176-46c9-bfa0-23f254bdf6fc&oldid=&campaigntype=1&url=https%3A%2F%2Fwww.xm.com%2F%3Futm_source%3Dproducts.admaxium.com%26utm_content%3D1065878%26utm_medium%3Daffiliate HTTP/1.1
Host: www.xm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://products.admaxium.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: AkamaiGHost
content-length: 0
location: https://www.xm.com/?utm_source=products.admaxium.com&utm_content=1065878&utm_medium=affiliate
date: Fri, 24 Mar 2023 09:44:20 GMT
set-cookie: affid=1065878; expires=Sat, 08-Apr-2023 09:44:20 GMT; path=/; domain=.xm.com; secure; SameSite=None
affidts=1679651060; expires=Sat, 08-Apr-2023 09:44:20 GMT; path=/; domain=.xm.com; secure; SameSite=None
clickid=4dfb8877-b176-46c9-bfa0-23f254bdf6fc; expires=Sat, 08-Apr-2023 09:44:20 GMT; path=/; domain=.xm.com; secure; SameSite=None
clickidts=1679651060; expires=Sat, 08-Apr-2023 09:44:20 GMT; path=/; domain=.xm.com; secure; SameSite=None
_abck=FF89EE1BC00941CEAA5D32D613AAAC96~-1~YAAQFE8kF+tzRRKHAQAA5zkBEwm6DbhKMw8VkY5a+IlCMYcI4vLbvQ6DC43AXDW/VvfaS9tikYgC9BG9mzOf6VbvISG4pEVHFWO/wYAczVx89tBevBt96ePAkU7OwZb0peC0snDOeMs7nkBhbZmZ5VjWJRx3wFJu10C/FX3TehyzX3UWsGTPNVA0+/N5hI+b3CMkJQHtdU3+dbVDDJ1k3IE3OBRik+6NCtDg0hxXkDiYfiU3AxBW4YQNbQjbthK7lSeBEKXcBaZi/ajqbOj1yYS/i19WThmoxvAF7Ff54rGG7GAumAi32jfeveotnlNh85dbE12Hy1F1CVC/S/xlhGhHn7LDmqDH+omX6OAc89HodEdpKHp00q4=~-1~-1~-1; Domain=.xm.com; Path=/; Expires=Sat, 23 Mar 2024 09:44:20 GMT; Max-Age=31536000; Secure
bm_sz=0F473F900C1E4147D2B6646302A13A0B~YAAQFE8kF+xzRRKHAQAA5zkBExNosLatTOdKxV3PI7AgQk/zOiHaYjOBOvzYhHtjCdXA4UVCbtzCxLirLMeN5Rk6cFXRLV+o+Uyl7isqaJTRI4HnMmLLqjv9nZMWuk3XCL5O3vZ9mhC1cjI69t62Vt5TPDu3AlKCccyu209E1KSGN+fokx65jLPSJkkQ5Ki0M5AhH7lfwhSKuXGo7f+5CTVMZMihzt6JTQdbf1hDAROrpoSMLGeya88Z9yNvSrUt1bb8mzd/aHvajUSY4OZBp7RO99n0Y5Qj5MKRsmqUkg==~4408119~4273733; Domain=.xm.com; Path=/; Expires=Fri, 24 Mar 2023 13:44:20 GMT; Max-Age=14400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466569_388255508_78959263_16_9938_8_0";dur=1
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
widget.getblue.io/event/?cId=EBE153EE-C698-E7C5-E36E718C2AA5C605&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&v=13072020-1328&if=0&nocache=7067509867360.728
52.67.255.69200 OK 402 B URL HTTP/2 widget.getblue.io/event/?cId=EBE153EE-C698-E7C5-E36E718C2AA5C605&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&v=13072020-1328&if=0&nocache=7067509867360.728
IP 52.67.255.69:0
File type exported SGML document, ASCII text
Hash f73f5c13d3830de39395c94c9fc1d409
4809207cbb65d0af1bc1bdb8dcc9926f84d2ab53
3b1fd83dfc72a94922273b5109502fd18f10956a8430d0b9ae3460fbc5fac8f2
GET /event/?cId=EBE153EE-C698-E7C5-E36E718C2AA5C605&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&v=13072020-1328&if=0&nocache=7067509867360.728 HTTP/1.1
Host: widget.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 09:44:19 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
script.hotjar.com/modules.6af44455668b675aade1.js
54.230.111.44200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.6af44455668b675aade1.js
IP 54.230.111.44:0
File type Unicode text, UTF-8 text, with very long lines (50842)
Hash 77f3f89a0a86a9ed3647edf2670ebff3
53016e740b30c545ea018af0d2412d1ddf80ad18
c82b9db33bfaa349a2a8bc520787f21f5d2519307404e02df877ddf5cb0bdb30
GET /modules.6af44455668b675aade1.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 69096
date: Thu, 23 Mar 2023 14:31:09 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "77f3f89a0a86a9ed3647edf2670ebff3"
last-modified: Thu, 23 Mar 2023 14:31:08 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BsBKPoh9X2svPGFkLq6gIuIe58IDOCXOfX0xm6UEaLnD5Sit1sbyOA==
age: 69191
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?CC=1&pm=497538&ADFPageName=pageview&ADFdivider=%7C&ord=177837143024&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiJsaXZlY2FzaW5vIn1dfQ&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.6.254200 OK 701 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=497538&ADFPageName=pageview&ADFdivider=%7C&ord=177837143024&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiJsaXZlY2FzaW5vIn1dfQ&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.6.254:0
File type HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ee3d6dc4ff74dc0af805ba9cdc341812
4cee760b391a9c99555c8b21af8ebb8fb1404701
b3a06976769de16535b78d0f363ccffa8e040e436964609f594465ea933ab692
GET /Serving/TrackPoint/?CC=1&pm=497538&ADFPageName=pageview&ADFdivider=%7C&ord=177837143024&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiJsaXZlY2FzaW5vIn1dfQ&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.leovegas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 09:44:20 GMT
content-type: text/javascript; charset=utf-8
content-length: 701
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
event.getblue.io/p/?cId=EBE153EE-C698-E7C5-E36E718C2AA5C605&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&v=13072020-1328&nocache=1229263368120.609
52.67.255.69200 OK 908 B URL HTTP/2 event.getblue.io/p/?cId=EBE153EE-C698-E7C5-E36E718C2AA5C605&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&v=13072020-1328&nocache=1229263368120.609
IP 52.67.255.69:0
Hash c204667c03fe42b11d9d91a4f219d4c9
95bd9eb81458cdceaf39b9356bc91b50ce460acc
5d302490a445a1b0d3e9547a0dbbd3b2bce0c66e39bd4e702cc600e4ad1796fa
GET /p/?cId=EBE153EE-C698-E7C5-E36E718C2AA5C605&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&v=13072020-1328&nocache=1229263368120.609 HTTP/1.1
Host: event.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 09:44:20 GMT
content-type: text/html;charset=UTF-8
tagcontainer-version: 1185-25112022-1130
cache-control: no-cache
set-cookie: ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786; expires=Sat, 23 Mar 2024 09:44:19 -0000; domain=.getblue.io; path=/; secure; samesite=None
JSESSIONID=84F94FB60B64F58793EF91DC612C2D37; Path=/; HttpOnly
hash=92a099c0fe63805a86321aa248931b4626a7ba7c84d0e5b27ce5432ced7c1ada5a80620978547b2632|EBE153EE-C698-E7C5-E36E718C2AA5C605|10450; expires=Sun, 26 Mar 2023 09:44:20 -0000; domain=.getblue.io; path=/; secure; samesite=None
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm&&google_sc&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&google_ula=6572934421&ula=6572934421&google_hm=RjE5REZDM0YtODc0QS00NDUyLTlEMkZFNTA0MUUwQjE3ODY&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04
142.250.74.130302 Found 546 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm&&google_sc&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&google_ula=6572934421&ula=6572934421&google_hm=RjE5REZDM0YtODc0QS00NDUyLTlEMkZFNTA0MUUwQjE3ODY&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (369), with CRLF, LF line terminators
Hash 22e5804757f7f74afd1bde3cb8530a53
2f5291cd5ef4f2a91f2b5647864aa6c69ebb00da
96b8cc427d77d26f0a1ae6376bed70cd6322bb974a6248fb856e0d947f3aeace
GET /pixel?google_nid=coveny_limited&google_cm&&google_sc&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&google_ula=6572934421&ula=6572934421&google_hm=RjE5REZDM0YtODc0QS00NDUyLTlEMkZFNTA0MUUwQjE3ODY&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm=&google_sc=&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&google_ula=6572934421&ula=6572934421&google_hm=RjE5REZDM0YtODc0QS00NDUyLTlEMkZFNTA0MUUwQjE3ODY&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&google_tc=
date: Fri, 24 Mar 2023 09:44:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 546
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 24-Mar-2023 09:59:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm=&google_sc=&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&google_ula=6572934421&ula=6572934421&google_hm=RjE5REZDM0YtODc0QS00NDUyLTlEMkZFNTA0MUUwQjE3ODY&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&google_tc=
142.250.74.130302 Found 423 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm=&google_sc=&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&google_ula=6572934421&ula=6572934421&google_hm=RjE5REZDM0YtODc0QS00NDUyLTlEMkZFNTA0MUUwQjE3ODY&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&google_tc=
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f8f4434d4fbd693132a592ffc121f608
2def3448cae814b37846ad7adbaa6d6c1f06c652
232b488668875f02464427c8960cbc89c8daaa99309ba2ee8f008bd5ede906cd
GET /pixel?google_nid=coveny_limited&google_cm=&google_sc=&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&google_ula=6572934421&ula=6572934421&google_hm=RjE5REZDM0YtODc0QS00NDUyLTlEMkZFNTA0MUUwQjE3ODY&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://cms.getblue.io/cm/?src=adx&child=europe&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&ula=6572934421&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&google_error=3
date: Fri, 24 Mar 2023 09:44:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/setuid?entity=449&code=F19DFC3F-874A-4452-9D2FE5041E0B1786
37.252.171.52307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=449&code=F19DFC3F-874A-4452-9D2FE5041E0B1786
IP 37.252.171.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=449&code=F19DFC3F-874A-4452-9D2FE5041E0B1786 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 24 Mar 2023 09:44:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3DF19DFC3F-874A-4452-9D2FE5041E0B1786
AN-X-Request-Uuid: 8a564573-6dfa-48a8-b5af-a8478c9b1ba1
Set-Cookie: uuid2=9081022428439909549; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 22-Jun-2023 09:44:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1d3dcf9723865c5e2ed30f84aa78c473
d17e499234c5ffca6691657cda4a476b70158812
0e0a6935498a81269d453b2b2d3f953fa57e4a4bb7f21f0a0862e535f31258fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 09:44:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&appnexusid=$UID
37.252.171.52307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&appnexusid=$UID
IP 37.252.171.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&appnexusid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 24 Mar 2023 09:44:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3DF19DFC3F-874A-4452-9D2FE5041E0B1786%26cid%3DEBE153EE-C698-E7C5-E36E718C2AA5C605%26blueID%3Dc9df8868-23d9-49a2-85d0-cad9b0297a04%26appnexusid%3D%24UID
AN-X-Request-Uuid: 279fe01d-f9d1-4c15-994a-13b22b29910d
Set-Cookie: uuid2=2231605268592904726; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 22-Jun-2023 09:44:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3DF19DFC3F-874A-4452-9D2FE5041E0B1786%26cid%3DEBE153EE-C698-E7C5-E36E718C2AA5C605%26blueID%3Dc9df8868-23d9-49a2-85d0-cad9b0297a04%26appnexusid%3D%24UID
37.252.171.52302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3DF19DFC3F-874A-4452-9D2FE5041E0B1786%26cid%3DEBE153EE-C698-E7C5-E36E718C2AA5C605%26blueID%3Dc9df8868-23d9-49a2-85d0-cad9b0297a04%26appnexusid%3D%24UID
IP 37.252.171.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3DF19DFC3F-874A-4452-9D2FE5041E0B1786%26cid%3DEBE153EE-C698-E7C5-E36E718C2AA5C605%26blueID%3Dc9df8868-23d9-49a2-85d0-cad9b0297a04%26appnexusid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 24 Mar 2023 09:44:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://cms.getblue.io/cm/?src=appnexus&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&appnexusid=0
AN-X-Request-Uuid: b8b535d7-858c-43dc-acff-af9dc3ff4c89
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
products.admaxium.com/product/80708042dab1c007e72a2a98133631be9120d36f4a1353f74ffcaad143a7c1b2
172.67.193.247200 OK 173 B URL HTTP/2 products.admaxium.com/product/80708042dab1c007e72a2a98133631be9120d36f4a1353f74ffcaad143a7c1b2
IP 172.67.193.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b75eae03ff411e51c216fb932648a991
24b9b934657b50b4e740b597f86fb37ef4c23c9b
ce3f36c8677cb8819ace1db7a7d9f62827c2ef5b41ef71f8f4527d799592686b
GET /product/80708042dab1c007e72a2a98133631be9120d36f4a1353f74ffcaad143a7c1b2 HTTP/1.1
Host: products.admaxium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 09:44:19 GMT
content-type: text/html;charset=utf-8
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XhF2Rb0nC3pKsgodrULwDN%2FmkiYM5thtXe%2BE9AxbteeXROsHrhY0JoLxxBVYpzA%2F34RqXFgdJ%2FTEFO%2FpdHu%2Fpvr3zW4K1A8%2B2QGff%2FFPcPL0am7Kdqq9HkWzSe%2BgtG0gVtGRfxgYmg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7acdf9935c2c067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
events.launchdarkly.com/events/bulk/5b9627a39619fd15611a390c
50.16.0.31204 No Content 0 B URL HTTP/2 events.launchdarkly.com/events/bulk/5b9627a39619fd15611a390c
IP 50.16.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /events/bulk/5b9627a39619fd15611a390c HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Referer: https://www.leovegas.com/
Origin: https://www.leovegas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 09:44:20 GMT
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1403116046706561&ev=PageView&dl=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&rl=&if=false&ts=1679651070577&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679651070576.156264266&it=1679651069611&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1403116046706561&ev=PageView&dl=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&rl=&if=false&ts=1679651070577&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679651070576.156264266&it=1679651069611&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1403116046706561&ev=PageView&dl=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&rl=&if=false&ts=1679651070577&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679651070576.156264266&it=1679651069611&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 24 Mar 2023 09:44:20 GMT
X-Firefox-Spdy: h2
events.launchdarkly.com/events/bulk/5b9627a39619fd15611a390c
50.16.0.31202 Accepted 0 B URL HTTP/2 events.launchdarkly.com/events/bulk/5b9627a39619fd15611a390c
IP 50.16.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events/bulk/5b9627a39619fd15611a390c HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-LaunchDarkly-User-Agent: JSClient/2.24.2
X-LaunchDarkly-Event-Schema: 3
X-LaunchDarkly-Payload-ID: 79a67c90-ca28-11ed-947f-19d24584c92d
Content-Length: 2340
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 24 Mar 2023 09:44:20 GMT
content-type: application/json
content-length: 0
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=Sc_Ret&ADFdivider=%7C&ord=951107897608&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.6.254302 Found 1.0 kB URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=Sc_Ret&ADFdivider=%7C&ord=951107897608&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.6.254:0
Hash af6f9071e5982c3b1a3fead129af571f
6460abefb0988f45f1fe8094ed96b5484b8c2187
af6f4f7571d21e800e5160e56c61ec608b832244e27401c9f6ed348a580cb9b9
GET /Serving/TrackPoint/?pm=497538&ADFPageName=Sc_Ret&ADFdivider=%7C&ord=951107897608&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 24 Mar 2023 09:44:20 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=497538&ADFPageName=Sc_Ret&ADFdivider=%7C&ord=951107897608&ADFtpmode=2&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
set-cookie: C=1; domain=adform.net; expires=Mon, 24-Apr-2023 08:44:20 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cms.getblue.io/cm/?src=appnexus&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&appnexusid=0
54.94.107.113200 OK 2 B URL HTTP/2 cms.getblue.io/cm/?src=appnexus&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&appnexusid=0
IP 54.94.107.113:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /cm/?src=appnexus&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&appnexusid=0 HTTP/1.1
Host: cms.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786; hash=92a099c0fe63805a86321aa248931b4626a7ba7c84d0e5b27ce5432ced7c1ada5a80620978547b2632|EBE153EE-C698-E7C5-E36E718C2AA5C605|10450
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 09:44:21 GMT
content-type: application/json; charset=utf-8
content-length: 2
x-powered-by: Express
X-Firefox-Spdy: h2
cms.getblue.io/cm/?src=adx&child=europe&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&ula=6572934421&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&google_error=3
54.94.107.113200 OK 2 B URL HTTP/2 cms.getblue.io/cm/?src=adx&child=europe&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&ula=6572934421&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&google_error=3
IP 54.94.107.113:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /cm/?src=adx&child=europe&ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786&cid=EBE153EE-C698-E7C5-E36E718C2AA5C605&ula=6572934421&blueID=c9df8868-23d9-49a2-85d0-cad9b0297a04&google_error=3 HTTP/1.1
Host: cms.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ckid=F19DFC3F-874A-4452-9D2FE5041E0B1786; hash=92a099c0fe63805a86321aa248931b4626a7ba7c84d0e5b27ce5432ced7c1ada5a80620978547b2632|EBE153EE-C698-E7C5-E36E718C2AA5C605|10450
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 09:44:21 GMT
content-type: application/json; charset=utf-8
content-length: 2
x-powered-by: Express
X-Firefox-Spdy: h2
sgtm.leovegas.com/gtm.js?id=GTM-PNLF5QG
34.107.236.224200 OK 0 B URL HTTP/2 sgtm.leovegas.com/gtm.js?id=GTM-PNLF5QG
IP 34.107.236.224:0
GET /gtm.js?id=GTM-PNLF5QG HTTP/1.1
Host: sgtm.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222861626250%7c1%22%7d%5d; visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==; leobtag=667909_ED179FB202074EE6A185D27C8D404C26; leonrpid=3747044; leonrbid=15012; leonrmeta=[{"value":"wch3gd1nerjlgpgni2nrrhak","key":"c"}]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx/1.23.3
date: Fri, 24 Mar 2023 09:44:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=900
expires: Fri, 24 Mar 2023 09:58:41 GMT
last-modified: Fri, 24 Mar 2023 09:00:00 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.xm.com/?utm_source=products.admaxium.com&utm_content=1065878&utm_medium=affiliate
23.38.200.104200 OK 0 B URL HTTP/2 www.xm.com/?utm_source=products.admaxium.com&utm_content=1065878&utm_medium=affiliate
IP 23.38.200.104:0
GET /?utm_source=products.admaxium.com&utm_content=1065878&utm_medium=affiliate HTTP/1.1
Host: www.xm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://products.admaxium.com/
Connection: keep-alive
Cookie: affid=1065878; affidts=1679651060; clickid=511f01a7-5bff-433d-83c7-2e57643edcb8; clickidts=1679651060
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
link: <https://www.xm.com/wp-json/>; rel="https://api.w.org/"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: Authorization, X-Requested-With, Content-Type, Origin, Accept, Cookie
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-akamai-transformed: 9 - 0 pmb=mTOE,5mRUM,2
vary: Accept-Encoding
content-encoding: gzip
expires: Fri, 24 Mar 2023 09:44:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Mar 2023 09:44:20 GMT
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=249, origin; dur=435, ak_p; desc="466569_388255508_78959873_68274_7204_7_0";dur=1
strict-transport-security: max-age=15768000
set-cookie: APPSESSID=rhrddv1ehf1qgdfnfb371b2d6fu06uv9an3fatulfeg5ahnpc4ct826m5292mh1gjtnovehr1fon0oo9jl597csil8qdrfj7kpo96n5; expires=Fri, 24-Mar-2023 17:44:20 GMT; Max-Age=28800; path=/; domain=.xm.com; secure; HttpOnly; SameSite=None
_abck=314D9CBC707B044D0256B0853FEB4F3A~-1~YAAQFE8kFwF0RRKHAQAA9DwBEwlc4Y8N/pbFPaBBENapUgsuwe2RfP3v+n08DRn/bIgooG32zzwGOLkzWRdRRYe7MmXBsVbvFapcXOiSr1tlomG42EhXLOxEbsoWK7Jy5/zbsU1ZufjprSDjo5cJ0r7PEtQk+Znt0FaJY1S4gwBjKUtYj2fJcENu+p+YPoy7azv+nyvk78pMXdh7Y7faUXX2I/hRwafEvnUaC9w+K9Qm3cLx27cIu6R3JJRHYyLjs8x+g9S5W+CuNSAz2pZyFkU+w0CW3xTsuil1X5OCLoSrGcCRT02ESt7Iu5htvzKi4WdPlc27mj4K/1CMBayrHH7V6qfVVUD7dA3SBaYiRIx5V2xo8EGQ1Rk=~-1~-1~-1; Domain=.xm.com; Path=/; Expires=Sat, 23 Mar 2024 09:44:20 GMT; Max-Age=31536000; Secure
ak_bmsc=EA70C3E694469C2ECC76600320FEDF0C~000000000000000000000000000000~YAAQFE8kFwJ0RRKHAQAA9DwBExOW+NCPcNLYTFzlfXVNntne9AD/9ABJgM8Eu6FJlb6UOIphqy7Qhb/wRPB8jckozSdRCM1BJCV8lVywLalXBhgYsHYfjgBezLpzFBNdHOXAQ/F2kmYrBnFOHTYUdMnUzXk5IzBzj267lTjmDJEazJ7bgP5e+vhgXszjnwlmYk6M7dst3Fbw/Wjiz1gC+Y6IU01TL/3tMV/1jz18Wz5+CzFU7r48scqZgw5jJPCcuPVrXEvB+2XV9rurNSPJetq3Fir2Pe3onC8B4A4gKZ1vB2MLmPBvsqWcNn6zT/DUKD6tKprl2+VCUuvFV5CwPUvKQFAS+r3UvRmYPv1YDKKF4TJ7msH0D6qJ7ewVDZeKXSYSV68=; Domain=.xm.com; Path=/; Expires=Fri, 24 Mar 2023 11:44:20 GMT; Max-Age=7200; HttpOnly
bm_mi=3E99CACF0E0C93DCD4B8CB55A4AD32E1~YAAQFE8kFwN0RRKHAQAA9DwBExOSNEebbGlmuvtzlgdR4tvJRO9h7w1D/e65BjKUGf9CxT4VSph+Ox2zPOHnzUhP1Qp+sSUQmo1Z1ZADogPy9toGmeND9904GMlOIlfOsmNqKEibFqgXPvpd1+94f8XkK3pnGWklPIces7n9/Z/nay+egi18tv2d/fcKNCsmHsbJLUqYvk4KKHdPesAPuDZWUiMpyAgQU/Zze6dfKHCOIjL6rI/2sOQk8Flx3f+Gw2RsC44sL6KSSJaSi5C9Tkgh9zh9bVHYS1L7mTJNzjX7iZCDZcwagzrS~1; Domain=.xm.com; Path=/; Expires=Fri, 24 Mar 2023 09:44:20 GMT; Max-Age=0; Secure
bm_sz=61C3E3C4FE5DEDF8F1EC099AB8471DBD~YAAQFE8kFwR0RRKHAQAA9DwBExPVwysL6PKYj8GrYV8MpvDTx3CPAMfLTO+HUjm4Nlb5UphV3cGS5iVjdyGES4n9/nfyBJQIWX6VBYQOO+cgGXqG+YE1C/TPf1Sd5KiWejSChq+N+lzGEexA4cOjNTpP0OYcAPMnzqq3OrxeIHuyhKxLPRQJvMh40a/y3N9nSBFNyN3ZsUSTh6jUSTlM2rKW5gR02B4wDIIhkZ4yNIzuZ4BBbgZs5W8ODltp0ZEMArqAIdkrXZemqzXmOrgLiTOSUDgzNAFzYdRW8RiWPQ==~4408119~4273733; Domain=.xm.com; Path=/; Expires=Fri, 24 Mar 2023 13:44:20 GMT; Max-Age=14400
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.AndroidAppScreen~BankID~BlogPostScreen~BlogPostsScreen~BonusInfoScreen~BonusTermsScreen~CampaignList~c348699f.3db54c25f1c72b548e67.chunk.js?e=p
34.107.241.180200 OK 0 B URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.AndroidAppScreen~BankID~BlogPostScreen~BlogPostsScreen~BonusInfoScreen~BonusTermsScreen~CampaignList~c348699f.3db54c25f1c72b548e67.chunk.js?e=p
IP 34.107.241.180:0
GET /fulcrum/v4/master/dynamic/mobile.AndroidAppScreen~BankID~BlogPostScreen~BlogPostsScreen~BonusInfoScreen~BonusTermsScreen~CampaignList~c348699f.3db54c25f1c72b548e67.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvlcKgj01wLHDJTM3jlYaj1g4xIQJ7rSIYfvdCdcXI4fzG7duJh32KhpsHUaiHaQGGNpFD5k-1mqNZsnInbi3tvmA
x-goog-generation: 1679397623450937
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 18280
content-encoding: gzip
x-goog-hash: crc32c=mhiJwQ==, md5=56JEM+PtIsfM5fc+0jpKYg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 18280
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 21 Mar 2023 11:26:41 GMT
expires: Tue, 18 Apr 2023 11:26:41 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Tue, 21 Mar 2023 11:20:23 GMT
etag: "e7a24433e3ed22c7cce5f73ed23a4a62"
content-type: application/javascript
vary: Origin
age: 253054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.FlowChecker~493df0b3.8aa6d1bc734f3e92266d.chunk.js?e=p
34.107.241.180200 OK 0 B URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.FlowChecker~493df0b3.8aa6d1bc734f3e92266d.chunk.js?e=p
IP 34.107.241.180:0
GET /fulcrum/v4/master/dynamic/mobile.FlowChecker~493df0b3.8aa6d1bc734f3e92266d.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsHBVlc41GLMJwkcVRIedG9g0BIJHtwZII5tkkfHSuPPLvHCCdSapOtk_CTFGL4x-7jRLV2K7XPWxM1aFvLTk0m_A
x-goog-generation: 1679319455641034
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 12493
content-encoding: gzip
x-goog-hash: crc32c=3ZUjLw==, md5=so0DNUgibNzU+DBYcCmdLg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 12493
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:05 GMT
expires: Mon, 17 Apr 2023 13:49:05 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:35 GMT
etag: "b28d033548226cdcd4f8305870299d2e"
content-type: application/javascript
vary: Origin
age: 330910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s2.adform.net/banners/scripts/st/trackpoint-async.js
37.157.2.249200 OK 0 B URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP 37.157.2.249:0
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.leovegas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 09:39:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
x-rgw-object-type: Normal
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-amz-request-id: tx00000bdfae384ccf5a381-006385e0d4-329373d4-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.leovegas.com/static/fulcrum/offline.html?e=p
107.154.248.168200 OK 0 B URL HTTP/2 www.leovegas.com/static/fulcrum/offline.html?e=p
IP 107.154.248.168:0
GET /static/fulcrum/offline.html?e=p HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.leovegas.com/mobile.sw.js?e=p
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222861626250%7c1%22%7d%5d; leo-essentials=%7B%22cid%22%3A%22ce969956-c0fc-402c-a2d2-8112a6bea827%22%7D; visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==; leobtag=667909_ED179FB202074EE6A185D27C8D404C26; leonrpid=3747044; leonrbid=15012; leonrmeta=[{"value":"wch3gd1nerjlgpgni2nrrhak","key":"c"}]; _ga=GA1.1.1578965344.1679651068; _gid=GA1.2.1389938635.1679651068; _gat_leo=1; leo_previous_page=https://www.leovegas.com/en-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012; _ga_R99CHBN90V=GS1.1.1679651068.1.1.1679651068.60.0.0; FPLC=YUpt46GU8LcK5QKP1I%2FwvHvn8qhNrWzxB2j%2B%2FHMjivUIMXFeGULU2RPptS8Q%2BcFFHSUlbFW8zGxDBRlJBk3gjKBE%2BqSrUPMmnzJYXeVY%2B6MFwd4rWtK2m3bCWLYjVg%3D%3D; FPID=FPID2.2.qTTyTmfizIUEjKboq%2BprQ4TzyfQWBma7bLz0raX7Knk%3D.1679651068
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 09:44:18 GMT
content-type: text/html
content-encoding: gzip
cache-control: public, max-age=3600
last-modified: Wed, 22 Mar 2023 10:09:45 GMT
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com webcache.googleusercontent.com
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cdn: Imperva
x-iinfo: 3-5052336-5051586 PNNy RT(1679651053824 4041) q(0 0 0 -1) r(1 1) U12
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~112c8377.7a25fd9ed93fd294b508.chunk.js?e=p
34.107.241.180200 OK 0 B URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~app~112c8377.7a25fd9ed93fd294b508.chunk.js?e=p
IP 34.107.241.180:0
GET /fulcrum/v4/master/dynamic/mobile.vendors~app~112c8377.7a25fd9ed93fd294b508.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu5ZDmuFI0as9iIWhcvhIOt_ko7PpyUyShtbVJ05h6RHn1M5zje1WXJfDy0L4D7-g67_DnidT_ANS8ofSvpSSvWIw
x-goog-generation: 1679319458247598
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 44757
content-encoding: gzip
x-goog-hash: crc32c=cDgEbQ==, md5=vXmgf1UMB6Sq7WaFWtFofw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 44757
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 20 Mar 2023 13:49:04 GMT
expires: Mon, 17 Apr 2023 13:49:04 GMT
cache-control: public, max-age=2419200,no-transform
last-modified: Mon, 20 Mar 2023 13:37:38 GMT
etag: "bd79a07f550c07a4aaed66855ad1687f"
content-type: application/javascript
vary: Origin
age: 330911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=pageview&ADFdivider=%7C&ord=177837143024&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiJsaXZlY2FzaW5vIn1dfQ&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.6.254302 Found 0 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=497538&ADFPageName=pageview&ADFdivider=%7C&ord=177837143024&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiJsaXZlY2FzaW5vIn1dfQ&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.6.254:0
GET /Serving/TrackPoint/?pm=497538&ADFPageName=pageview&ADFdivider=%7C&ord=177837143024&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiJsaXZlY2FzaW5vIn1dfQ&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 24 Mar 2023 09:44:20 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=497538&ADFPageName=pageview&ADFdivider=%7C&ord=177837143024&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiJsaXZlY2FzaW5vIn1dfQ&loc=https%3A%2F%2Fwww.leovegas.com%2Fen-no%2Flivecasino%3Fbtag%3D667909_ED179FB202074EE6A185D27C8D404C26%26c%3Dwch3gd1nerjlgpgni2nrrhak%26pid%3D3747044%26bid%3D15012&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
set-cookie: C=1; domain=adform.net; expires=Mon, 24-Apr-2023 08:44:20 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cdn.seondf.com/js/v4/agent.js
188.114.96.1200 OK 0 B URL HTTP/2 cdn.seondf.com/js/v4/agent.js
IP 188.114.96.1:0
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seondf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 09:44:15 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
x-amz-server-side-encryption: AES256
cache-control: max-age=14400
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9SYjer0vMAoRdSCWo5iwyu5TLdqeRbq-xBSB-fltdaHaFS8p45bvQw==
cf-cache-status: HIT
age: 544
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwLEMM%2BA85zi6GHxEgamSRLP3vJTP1cwegYFDF93GND0STDCUlTqtbr59awAJcs%2F0jB5WSIwk2U%2FxRz83u2QWRSdpOb%2BmYfr2BMQdAq0J88ZBq7W%2FGAZogB%2FQmKWlw4N6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7acdf9791b42b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~BankID~BankingVerification~DEVerification~Deposit~FlowChecker~GameScreen~KYCCheck~LoginScree~046c31a5.ccdcf2e38deb471471d3.chunk.js?e=p
34.107.241.180200 OK 0 B URL HTTP/2 cdn.leovegas.com/fulcrum/v4/master/dynamic/mobile.vendors~BankID~BankingVerification~DEVerification~Deposit~FlowChecker~GameScreen~KYCCheck~LoginScree~046c31a5.ccdcf2e38deb471471d3.chunk.js?e=p
IP 34.107.241.180:0
GET /fulcrum/v4/master/dynamic/mobile.vendors~BankID~BankingVerification~DEVerification~Deposit~FlowChecker~GameScreen~KYCCheck~LoginScree~046c31a5.ccdcf2e38deb471471d3.chunk.js?e=p HTTP/1.1
Host: cdn.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leovegas.com
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsOARJ6WezIq3DW7snlUTQrg4MXS5jZyAZ4N-6WRvq1yaNmSwfOdJlvCJdM36oIqV_2cBW_U-tlslukYWJLhrDqgao_BDK4
x-goog-generation: 1678352180219024
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 41814
content-encoding: gzip
x-goog-hash: crc32c=4t5asw==, md5=t3bZx0VB5Ymu+46e9iLqqQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 41814
access-control-allow-origin: https://www.leovegas.com
access-control-expose-headers: Content-Length, Content-Type, Date, Response-Type, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Thu, 09 Mar 2023 09:03:24 GMT
expires: Thu, 06 Apr 2023 09:03:24 GMT
cache-control: public, max-age=2419200,no-transform
age: 1298451
last-modified: Thu, 09 Mar 2023 08:56:20 GMT
etag: "b776d9c74541e589aefb8e9ef622eaa9"
content-type: application/javascript
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.leovegas.com/api?relay
107.154.248.168200 OK 0 B URL HTTP/2 www.leovegas.com/api?relay
IP 107.154.248.168:0
POST /api?relay HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.leovegas.com/en-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
x-request-id: f48cefab-fc3e-4963-a301-ef541290471c
content-type: application/json
x-leo-locale: en-no
Origin: https://www.leovegas.com
Content-Length: 230
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222861626250%7c1%22%7d%5d; leo-essentials=%7B%22cid%22%3A%22ce969956-c0fc-402c-a2d2-8112a6bea827%22%7D; visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==; leobtag=667909_ED179FB202074EE6A185D27C8D404C26; leonrpid=3747044; leonrbid=15012; leonrmeta=[{"value":"wch3gd1nerjlgpgni2nrrhak","key":"c"}]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 09:44:16 GMT
content-type: application/json
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com webcache.googleusercontent.com
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cdn: Imperva
x-iinfo: 3-5052336-5051567 PNNy RT(1679651053824 2336) q(0 0 0 -1) r(1 1) U6
X-Firefox-Spdy: h2
www.leovegas.com/api?relay
107.154.248.168200 OK 0 B URL HTTP/2 www.leovegas.com/api?relay
IP 107.154.248.168:0
POST /api?relay HTTP/1.1
Host: www.leovegas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.leovegas.com/en-no/livecasino?btag=667909_ED179FB202074EE6A185D27C8D404C26&c=wch3gd1nerjlgpgni2nrrhak&pid=3747044&bid=15012
x-request-id: 31225cf0-573a-42d0-a801-7c84af287228
content-type: application/json
x-leo-locale: en-no
Origin: https://www.leovegas.com
Content-Length: 10899
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a3747044%2c%22BID%22%3a15012%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1679651054432)%5c%2f%22%2c%22CookieTag%22%3a%22150123747044451240919C2023324944%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222861626250%7c1%22%7d%5d; leo-essentials=%7B%22cid%22%3A%22ce969956-c0fc-402c-a2d2-8112a6bea827%22%7D; visid_incap_846569=yCeq3NxBQres0IrMXuMsDe1wHWQAAAAAQUIPAAAAAABzS7XtmhU/TPw4m2fPyOeO; nlbi_846569=snQYVVlO3yJHUXLSTJV9qQAAAADxlt404MrcL+1MPMi2voKB; incap_ses_720_846569=HwFuMd4YHXkOKsVDGPX9Ce1wHWQAAAAAx4cT+a3VCDk1glsWt7TQpQ==; leobtag=667909_ED179FB202074EE6A185D27C8D404C26; leonrpid=3747044; leonrbid=15012; leonrmeta=[{"value":"wch3gd1nerjlgpgni2nrrhak","key":"c"}]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 09:44:17 GMT
content-type: application/json
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com webcache.googleusercontent.com
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cdn: Imperva
x-iinfo: 3-5052336-5051586 PNNy RT(1679651053824 2318) q(0 0 0 -1) r(2 2) U6
X-Firefox-Spdy: h2
event.getblue.io/js/blue-tag.min.js
52.67.255.69200 OK 0 B URL HTTP/2 event.getblue.io/js/blue-tag.min.js
IP 52.67.255.69:0
GET /js/blue-tag.min.js HTTP/1.1
Host: event.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 09:44:19 GMT
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
etag: W/"7716-1679645285184"
last-modified: Fri, 24 Mar 2023 08:08:05 GMT
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
track.adform.net/serving/scripts/trackpoint/async/
37.157.6.254301 Moved Permanently 0 B URL HTTP/2 track.adform.net/serving/scripts/trackpoint/async/
IP 37.157.6.254:0
GET /serving/scripts/trackpoint/async/ HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 24 Mar 2023 09:44:17 GMT
content-type: text/html
location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-380080.js?sv=7
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-380080.js?sv=7
IP 54.230.111.113:0
GET /c/hotjar-380080.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 24 Mar 2023 09:43:29 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/45d9a6e8a3504731bd3de1dabd6f53af
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9S71nnVrDFftp-5XunjBkWUgfnE8K0HdsuhSuCdiIZFi9U9zc_OW3w==
age: 50
X-Firefox-Spdy: h2
dmp.adform.net/serving/cookie/match?CC=1&party=1140&cid=&uid=-5932061713061764574
37.157.2.234200 OK 0 B URL HTTP/2 dmp.adform.net/serving/cookie/match?CC=1&party=1140&cid=&uid=-5932061713061764574
IP 37.157.2.234:0
GET /serving/cookie/match?CC=1&party=1140&cid=&uid=-5932061713061764574 HTTP/1.1
Host: dmp.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.leovegas.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 09:44:18 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
products.admaxium.com/product/67432959b0824044c59622750000dfaa037933929f255aafadbb9b03d8631330
172.67.193.247200 OK 0 B URL HTTP/2 products.admaxium.com/product/67432959b0824044c59622750000dfaa037933929f255aafadbb9b03d8631330
IP 172.67.193.247:0
GET /product/67432959b0824044c59622750000dfaa037933929f255aafadbb9b03d8631330 HTTP/1.1
Host: products.admaxium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.leovegas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 09:44:19 GMT
content-type: text/html;charset=utf-8
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfAlO1VUqLoYayAPleYZURLOoe31qAjmWpsc6Z%2Fu4IEMjUcIa1AMIp7buKtldYwLpbYpdM3arHjrr%2FGUjX54nusX6hgp0gwgxURGPbJ1VwKRGEaW0wyjQ1RMEd4JKGRirN2nx6dBnh8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7acdf9934c22067b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2