1463.info Open in urlscan Pro
194.182.174.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/478WCKs
Effective URL:
https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe1324...
Submission: On September 16 via manual (September 16th 2024, 7:49:02 pm UTC) from NL — Scanned from US

Summary HTTP 186 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 42 IPs in 8 countries across 29 domains to perform 186 HTTP transactions. The main IP is 194.182.174.60, located in Vienna, Austria and belongs to EXOSCALE, CH. The main domain is 1463.info.
TLS certificate: Issued by R11 on August 17th 2024. Valid for: 3 months.

This is the only time 1463.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.38.138.84 54.38.138.84	16276 (OVH) (OVH)
18	194.182.174.60 194.182.174.60	61098 (EXOSCALE) (EXOSCALE)
89	2a03:90c0:999... 2a03:90c0:9996::9996	199524 (GCORE) (GCORE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
4	2600:141b:1c0... 2600:141b:1c00:2e::17d1:48c7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 6	35.211.233.246 35.211.233.246	19527 (GOOGLE-2) (GOOGLE-2)
4	88.214.195.101 88.214.195.101	46636 (NATCOWEB) (NATCOWEB)
1	2600:9000:24f... 2600:9000:24f1:fa00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.167.164.45 185.167.164.45	198622 (ADFORM) (ADFORM)
1	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 _) (CDN77 _)
1 2	2620:116:800b... 2620:116:800b:21:a021:b886:81cc:55cf	14618 (AMAZON-AES) (AMAZON-AES)
1 6	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	2600:9000:21d... 2600:9000:21dd:9600:16:3a8f:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	109.169.10.207 109.169.10.207	20860 (IOMART-AS) (IOMART-AS)
6	142.251.41.3 142.251.41.3	15169 (GOOGLE) (GOOGLE)
1	142.251.40.136 142.251.40.136	15169 (GOOGLE) (GOOGLE)
2 4	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	68.67.161.208 68.67.161.208	29990 (ASN-APPNEX) (ASN-APPNEX)
1	188.42.63.49 188.42.63.49	7979 (SERVERS-COM) (SERVERS-COM)
1	188.42.63.48 188.42.63.48	7979 (SERVERS-COM) (SERVERS-COM)
1	2600:9000:21d... 2600:9000:21dd:8200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f0:6c00:5:e0f4:e840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1 2	185.167.164.42 185.167.164.42	198622 (ADFORM) (ADFORM)
9 11	35.211.202.130 35.211.202.130	15169 (GOOGLE) (GOOGLE)
9	3.81.174.250 3.81.174.250	14618 (AMAZON-AES) (AMAZON-AES)
1 2	142.250.80.102 142.250.80.102	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
1	192.184.68.228 192.184.68.228	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.206.140.87 35.206.140.87	15169 (GOOGLE) (GOOGLE)
1	185.167.164.52 185.167.164.52	198622 (ADFORM) (ADFORM)
1	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1	13.226.34.20 13.226.34.20	16509 (AMAZON-02) (AMAZON-02)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	108.139.47.108 108.139.47.108	16509 (AMAZON-02) (AMAZON-02)
1	34.227.128.226 34.227.128.226	14618 (AMAZON-AES) (AMAZON-AES)
1	15.197.143.135 15.197.143.135	16509 (AMAZON-02) (AMAZON-02)
1	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
186	42

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.138.84 (Warsaw, Poland) 1 redirects

ASN16276 (OVH, FR)

minilinked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 194.182.174.60 (Vienna, Austria)

ASN61098 (EXOSCALE, CH)

1463.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

89 2a03:90c0:9996::9996 (United States)

ASN199524 (GCORE, LU)

leoncasino.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnimages3.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnimages2.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:1c00:2e::17d1:48c7 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

tm.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.211.233.246 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.214.195.101 (United Kingdom)

ASN46636 (NATCOWEB, US)

pixel-us.r2drtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:fa00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.45 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)

dsp-media.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:a021:b886:81cc:55cf (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.179.166 (North Bergen, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:9600:16:3a8f:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

pj.l.liftdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.169.10.207 (United Kingdom)

ASN20860 (IOMART-AS, GB)

leoncas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.136 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::200e (United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

20828756p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.161.208 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.63.49 (Luxembourg)

ASN7979 (SERVERS-COM, US)

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.63.48 (Luxembourg)

ASN7979 (SERVERS-COM, US)

dsp-ap.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:8200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f0:6c00:5:e0f4:e840:93a1 (United States)

ASN16509 (AMAZON-02, US)

ps.l.liftdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.42 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.211.202.130 (North Charleston, United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.81.174.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-174-250.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.102 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f6.1e100.net

11843672.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.38 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.184.68.228 (United States)

ASN14618 (AMAZON-AES, US)

pixel-ssn.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.206.140.87 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 87.140.206.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.52 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-20.ewr53.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.139.47.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.227.128.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-128-226.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.143.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: a69d63ecdf0f33068.awsglobalaccelerator.com

downloads.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
89	gcdn.co leoncasino.gcdn.co cdnimages3.gcdn.co cdnimages2.gcdn.co	4 MB
18	1463.info 1463.info	380 KB
11	bidswitch.net 9 redirects x.bidswitch.net — Cisco Umbrella Rank: 402	939 B
9	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 527	3 KB
8	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 479 acdn.adnxs.com — Cisco Umbrella Rank: 638 ib.adnxs.com — Cisco Umbrella Rank: 270	13 KB
8	gstatic.com fonts.gstatic.com	108 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8922	2 KB
6	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 7642 track.adform.net — Cisco Umbrella Rank: 5611 a1.adform.net — Cisco Umbrella Rank: 13468 c1.adform.net — Cisco Umbrella Rank: 635	36 KB
6	sportradarserving.com 3 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2552	7 KB
5	google-analytics.com 2 redirects www.google-analytics.com — Cisco Umbrella Rank: 33	2 KB
4	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2984 downloads.intercomcdn.com — Cisco Umbrella Rank: 12023	296 KB
4	doubleclick.net 1 redirects 11843672.fls.doubleclick.net td.doubleclick.net — Cisco Umbrella Rank: 189 ad.doubleclick.net — Cisco Umbrella Rank: 153	844 B
4	r2drtb.com pixel-us.r2drtb.com	2 KB
4	sportradar.com tm.ads.sportradar.com — Cisco Umbrella Rank: 44061 tracker.ads.sportradar.com — Cisco Umbrella Rank: 46397	62 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4140	72 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1497 pixel.quantserve.com — Cisco Umbrella Rank: 1058 pixel-ssn.quantserve.com — Cisco Umbrella Rank: 50099	11 KB
3	eskimi.com dsp-media.eskimi.com — Cisco Umbrella Rank: 58902 dsp-trk.eskimi.com — Cisco Umbrella Rank: 53389 dsp-ap.eskimi.com — Cisco Umbrella Rank: 13500	4 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	252 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2157 api-iam.intercom.io — Cisco Umbrella Rank: 2617	6 KB
2	admedo.com 1 redirects pool.admedo.com — Cisco Umbrella Rank: 5871	595 B
2	leoncas.com leoncas.com	572 B
2	liftdsp.com pj.l.liftdsp.com ps.l.liftdsp.com	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 26333	458 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1541	705 B
1	rfihub.com 1 redirects 20828756p.rfihub.com	756 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5251	6 KB
1	minilinked.com 1 redirects minilinked.com	229 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 6954	677 B
186	29

	Domain	Requested by
40	cdnimages3.gcdn.co
30	leoncasino.gcdn.co	leoncasino.gcdn.co
19	cdnimages2.gcdn.co
18	1463.info	leoncasino.gcdn.co
11	x.bidswitch.net	9 redirects
9	match.sharethrough.com
8	fonts.gstatic.com	fonts.googleapis.com
6	mc.yandex.com	2 redirects mc.yandex.ru
6	a.sportradarserving.com	3 redirects
5	www.google-analytics.com	2 redirects www.googletagmanager.com
5	secure.adnxs.com	1 redirects c1.rfihub.net www.googletagmanager.com
4	pixel-us.r2drtb.com	www.googletagmanager.com
3	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com
3	mc.yandex.ru	1 redirects leoncasino.gcdn.co
3	www.googletagmanager.com	1463.info www.googletagmanager.com
2	pool.admedo.com	1 redirects
2	11843672.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	a1.adform.net	1 redirects
2	track.adform.net	s2.adform.net
2	ib.adnxs.com	acdn.adnxs.com
2	leoncas.com	leoncasino.gcdn.co
2	tracker.ads.sportradar.com	tm.ads.sportradar.com tracker.ads.sportradar.com
2	tm.ads.sportradar.com	1463.info
2	fonts.googleapis.com	leoncasino.gcdn.co
1	downloads.intercomcdn.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	1463.info
1	a1.seadform.net
1	c1.adform.net	a1.adform.net
1	pixel-ssn.quantserve.com
1	pixel.quantserve.com	1 redirects
1	ad.doubleclick.net
1	td.doubleclick.net	www.googletagmanager.com
1	ps.l.liftdsp.com	pj.l.liftdsp.com
1	rules.quantcount.com	secure.quantserve.com
1	dsp-ap.eskimi.com	dsp-media.eskimi.com
1	dsp-trk.eskimi.com	dsp-media.eskimi.com
1	20828756p.rfihub.com	1 redirects
1	pj.l.liftdsp.com	1463.info
1	acdn.adnxs.com	1463.info
1	secure.quantserve.com	1463.info
1	dsp-media.eskimi.com	1463.info
1	s2.adform.net	1463.info
1	c1.rfihub.net	1463.info
1	minilinked.com	1 redirects
1	bit.ly	1 redirects
186	46

This site contains links to these domains. Also see Links.

Domain
r2d.partners
lbaffiliates.com
t.me
sigma.world
policies.google.com

Subject Issuer	Validity	Valid
1463.info R11	`2024-08-17` - `2024-11-15`	3 months	crt.sh
*.gcdn.co DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-03` - `2025-08-03`	a year	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
tracker.ads.sportradar.com R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh
*.r2drtb.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-08` - `2025-07-08`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-24`	a year	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh
quantserve.com R11	`2024-08-23` - `2024-11-21`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh
pj.l.liftdsp.com Amazon RSA 2048 M03	`2024-03-22` - `2025-04-20`	a year	crt.sh
leoncas.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-02` - `2025-01-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
ps.l.liftdsp.com Amazon RSA 2048 M03	`2024-03-22` - `2025-04-20`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-16` - `2024-10-16`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh
intercom-attachments-10.com Amazon RSA 2048 M03	`2024-06-08` - `2025-07-06`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
Frame ID: BB23CFD7B4E68DDDB4C002724CB2E295
Requests: 179 HTTP requests in this frame

Frame: https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&pf=
Frame ID: 23BBEA87B22D5B359054BF42DCF59179
Requests: 1 HTTP requests in this frame

Frame: https://11843672.fls.doubleclick.net/activityi;dc_pre=CPnJp-idyIgDFYUk0AQdNqk9qg;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9190706784za200zb871047016;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia
Frame ID: 3396F4CC7AEACD6879657290FF176D09
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9190706784za200zb871047016;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia
Frame ID: C22F7D2E32669417FE05F44A0CBCDC3D
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=8758425274906730177&agencyId=9040&advertiserId=2176059&src=tp&rnd=466007
Frame ID: 5D74AB285B0CEA88E8E712370828D82E
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e1c621b6.js
Frame ID: CF875DA9BD16457049AD417BE38162C3
Requests: 4 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 8C87ED401F648EBD2C65EAE2855AB10F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/478WCKs HTTP 301
http://minilinked.com/Z0VieGI0?utm_source=russia&path=registration&retentionId=dcfb2915-2a83-4043-... HTTP 307
https://minilinked.com/Z0VieGI0?utm_source=russia&path=registration&retentionId=dcfb2915-2a83-4043-... HTTP 302
https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

186
Requests

89 %
HTTPS

32 %
IPv6

29
Domains

46
Subdomains

42
IPs

8
Countries

5867 kB
Transfer

12774 kB
Size

125
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://r2d.partners/
Title: Партнерская программа

Search URL Search Domain Scan URL

URL: https://lbaffiliates.com/
Title: Партнерская программа

Search URL Search Domain Scan URL

URL: https://t.me/+8kTi8kuioek2YjVk

Search URL Search Domain Scan URL

URL: https://sigma.world/

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=ru
Title: Условия

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=ru
Title: Правила

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/478WCKs HTTP 301
http://minilinked.com/Z0VieGI0?utm_source=russia&path=registration&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&qtag=a29654_t33047_c242_sMisterDaxxx HTTP 307
https://minilinked.com/Z0VieGI0?utm_source=russia&path=registration&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&qtag=a29654_t33047_c242_sMisterDaxxx HTTP 302
https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235 HTTP 302
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235

Request Chain 94

https://secure.adnxs.com/seg?add=37094577&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1

Request Chain 98

https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1231 HTTP 302
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1231

Request Chain 133

https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235 HTTP 302
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235

Request Chain 135

https://www.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je4990v871047016z8890860847za200zb890860847&_p=1726516134406&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=150718858.1726516136&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726516136&sct=1&seg=0&dl=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9B%D0%B5%D0%BE%D0%BD&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=5690 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=150718858.1726516136&dbk=3706141428339462767&dma=0&en=page_view&gtm=45je4990v871047016z8890860847za200zb890860847&npa=0&tid=G-JZZNGY93CC&dl=https%3A%2F%2F1463.info%3F

Request Chain 136

https://www.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je4990v871047016z8890860847za200zb890860847&_p=1726516134406&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=150718858.1726516136&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1726516136&sct=1&seg=0&dl=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9B%D0%B5%D0%BE%D0%BD&en=customerRegistrationStart&_c=1&ep.event_name=customerRegistrationStart&_et=3&tfd=5694 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=150718858.1726516136&dbk=17924658267669985917&dma=0&en=customerRegistrationStart&gtm=45je4990v871047016z8890860847za200zb890860847&npa=0&tid=G-JZZNGY93CC&dl=https%3A%2F%2F1463.info%3F

Request Chain 139

https://20828756p.rfihub.com/ca.html?ver=9&rb=43197&ca=20828756&_o=43197&_t=20828756&pe=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&pf=&ra=5144302602410202 HTTP 302
https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&pf=

Request Chain 148

https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=595977977682&ADFtpmode=2&loc=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=595977977682&ADFtpmode=2&loc=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 149

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=848c05f3-c5c5-4f7d-b169-3a126ce99fd4 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 150

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=47b5ed0e-6354-457b-a919-106b0f59ae52 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 151

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=de50eb37-1164-4681-beb1-f997634f66e5 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 154

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=57388de4-0414-4dd7-8769-c136d358867a HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 155

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=4ff701c8-8b95-4cf5-a342-852cc93f70d0 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 156

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=1cdf6945-2c4f-436c-bbf2-61cc42e21daf HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 159

https://11843672.fls.doubleclick.net/activityi;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9190706784za200zb871047016;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia HTTP 302
https://11843672.fls.doubleclick.net/activityi;dc_pre=CPnJp-idyIgDFYUk0AQdNqk9qg;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9190706784za200zb871047016;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia

Request Chain 162

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=172baf93-1894-4d01-b65f-2533d691e7d4&cb=2e0cc210-d817-4062-b7b7-085dd3d1ae04 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 163

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=172baf93-1894-4d01-b65f-2533d691e7d4&cb=fd85a00f-2159-4c61-8652-39ae67a97fa9 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 164

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=172baf93-1894-4d01-b65f-2533d691e7d4&cb=b45e3bc2-d3c2-4c3b-93ce-ecc3c59b4426 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 166

https://pixel.quantserve.com/pixel;r=1332854515;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia;uht=2;fpan=1;fpa=P0-689353410-1726516136177;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=1463.info;dst=0;et=1726516136611;tzo=600;ogl=image.https%3A%2F%2Fleonbets3%252Egcdn%252Eco%2FHRJLWPLB%2Fimages%2Fog%2Fleon%252Epng;ses=6965ba18-3e28-4ac0-8826-318a595fb5f6;mdl= HTTP 302
https://pixel-ssn.quantserve.com/pixel;r=1332854515;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia;uht=2;fpan=1;fpa=P0-689353410-1726516136177;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=1463.info;dst=0;et=1726516136611;tzo=600;ogl=image.https%3A%2F%2Fleonbets3%252Egcdn%252Eco%2FHRJLWPLB%2Fimages%2Fog%2Fleon%252Epng;ses=6965ba18-3e28-4ac0-8826-318a595fb5f6;mdl=;dip=f7c37bb6-d6c0-4686-af50-38f2450cb347

Request Chain 167

https://pool.admedo.com/pixel?id=154038&t=js HTTP 302
https://pool.admedo.com/ul_cb/pixel?id=154038&t=js

Request Chain 179

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10494.PhMvYLvY5bWThvWkRwHO4Ex3vpFfCKLJDcQretuV9CbsBFPIUKXowQzdRd6B1jnN.sIVnpP_8ppZ4H0Ig5tby1YZNXhQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10494.mqyEVlPUVayOKAXV_Aw3o6hI-wz62Qo-R4xifsUdOe69oRhEBMUHLQvHCGzJNvA6Z5-gqqueAP0z4iv8mjEakd3n4C7bj3P7M2_dpQnfSRT-BHcjWGYO04QM_eZhzFDKm0bQmJLx59B904oCgrnrr94rJe8awWBJ3eFe_jE-0I7V4BXuhKGgXHJBd_tcnwqCSCx4vncBGa-PjUWm_zzFoWwPhyQrF9nYuWbJL5wbnrI%2C.BqDkACgg8t9lAT4vlI7IgOYsEws%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10494.oGU8xByjhdFlMVo7-T0h_4uH4hvaXIZMgtOkT-suqsyLi_kCfFKzcNcO3qxJUyX9i-Z7Sj-kdmkLv90VO2RiicHfxS9QzECOFeBC5HJ7K3xJbfk8YJnZw9jI4hkT9QpL2vZUHmHi4E9INIDApv0otKMqIW4WBb5JHRColHBpuKsjed190r_doByJnhjwLfMPihxG2gVgEQ_FYVWKk0lZyA%2C%2C.AahliEN2L9LZIKNrrFZzbebvEXo%2C

Request Chain 184

https://mc.yandex.com/watch/71598811?wmode=7&page-url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1450%3Acn%3A1%3Adp%3A0%3Als%3A1666827470902%3Ahid%3A759236923%3Az%3A-600%3Ai%3A20240916094859%3Aet%3A1726516140%3Ac%3A1%3Arn%3A548212448%3Arqn%3A1%3Au%3A1726516140398068516%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2130%3Awv%3A2%3Ads%3A14%2C456%2C453%2C2%2C1132%2C0%2C%2C59%2C1%2C3356%2C3356%2C0%2C2559%3Aco%3A0%3Acpf%3A1%3Ans%3A1726516130358%3Agi%3AR0ExLjEuMTUwNzE4ODU4LjE3MjY1MTYxMzY%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1726516141%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9B%D0%B5%D0%BE%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1450%3Acn%3A1%3Adp%3A0%3Als%3A1666827470902%3Ahid%3A759236923%3Az%3A-600%3Ai%3A20240916094859%3Aet%3A1726516140%3Ac%3A1%3Arn%3A548212448%3Arqn%3A1%3Au%3A1726516140398068516%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2130%3Awv%3A2%3Ads%3A14%2C456%2C453%2C2%2C1132%2C0%2C%2C59%2C1%2C3356%2C3356%2C0%2C2559%3Aco%3A0%3Acpf%3A1%3Ans%3A1726516130358%3Agi%3AR0ExLjEuMTUwNzE4ODU4LjE3MjY1MTYxMzY%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1726516141%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9B%D0%B5%D0%BE%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

186 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request registration Show response
1463.info/
Redirect Chain

https://bit.ly/478WCKs
http://minilinked.com/Z0VieGI0?utm_source=russia&path=registration&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&qtag=a29654_t33047_c242_sMisterDaxxx
https://minilinked.com/Z0VieGI0?utm_source=russia&path=registration&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&qtag=a29654_t33047_c242_sMisterDaxxx
https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia

23 KB
10 KB

923ms
453ms

Document
text/html

194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

8875e2f140ef97308bb81d86cca7b80a6ef9e22fabc3c86a1cf3153f88489221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 16 Sep 2024 19:48:52 GMT
expires: 0
link: <https://leoncasino.gcdn.co/js/webpack.d.m.c8380709.js>; rel=preload; as=script; crossorigin=anonymous, <https://leoncasino.gcdn.co/js/vendors.d.m.39326546.js>; rel=preload; as=script; crossorigin=anonymous, <https://leoncasino.gcdn.co/js/app.5b3b8c041693.js>; rel=preload; as=script; crossorigin=anonymous
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

content-length: 0
date: Mon, 16 Sep 2024 19:48:51 GMT
location: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 webpack.d.m.c8380709.js Show response
leoncasino.gcdn.co/js/ 148 KB
26 KB 389ms
217ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/webpack.d.m.c8380709.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9f4266d64c10e61f4b0a90d71e799b8785fb5b9f30242bb453cc79312f468ac6

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: gzip
age: 1142662
x-cached-since: 2024-09-03T14:24:30+00:00
x-id-fe: la2-hw-edge-canary-gc10
last-modified: Mon, 02 Sep 2024 15:56:55 GMT
server: nginx
traceparent: 00-8d66844a4aaa157693d3c72829e8a792-66f0e8486dd54817-01
etag: W/"66d5e047-24fc1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors.d.m.39326546.js Show response
leoncasino.gcdn.co/js/ 201 KB
57 KB 399ms
228ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/vendors.d.m.39326546.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3f844c029cb8c81b4b13581b6524278216060f1f6be99a4583f4ef04fdd3707c

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: br
age: 1579376
x-cached-since: 2024-08-29T13:05:56+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 58238
last-modified: Thu, 29 Aug 2024 09:11:33 GMT
server: nginx
traceparent: 00-ec6714979e1ad4ff622a189627dded31-40895afbb4c3510d-01
etag: "66d03b45-e37e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.5b3b8c041693.js Show response
leoncasino.gcdn.co/js/ 408 KB
111 KB 251ms
80ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ccda10eb1453ce77248d404670ceca0e6f2be27c57dcf43015975883111ae1ce

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: gzip
age: 531219
x-cached-since: 2024-09-10T16:15:13+00:00
x-id-fe: la2-hw-edge-canary-gc10
last-modified: Tue, 10 Sep 2024 12:28:38 GMT
server: nginx
traceparent: 00-804d47f06234eb4df927c25f7cc72739-2c7ea8c1127e9f6d-01
etag: W/"66e03b76-660cd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-vendor-lodash.d.m.c5c9b8a1.js Show response
leoncasino.gcdn.co/js/ 73 KB
30 KB 82ms
81ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-vendor-lodash.d.m.c5c9b8a1.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 35b428209dc64b4d1df164854a05d0992739434ef734689e41fa1c5834074092

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: gzip
age: 1579374
x-cached-since: 2024-08-29T13:05:58+00:00
x-id-fe: la2-hw-edge-canary-gc10
last-modified: Thu, 29 Aug 2024 09:11:33 GMT
server: nginx
traceparent: 00-dfbb93fe4f2dbe4b7453d7ae22b30b28-9f2f4e7bd7af3834-01
etag: W/"66d03b45-122f1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-vendor-vue-router.d.m.63dedac1.js Show response
leoncasino.gcdn.co/js/ 23 KB
10 KB 75ms
74ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-vendor-vue-router.d.m.63dedac1.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d3184dfa0fcf994a19e5a40487055636f8eed1202abcb1a246b5091f81accd07

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: gzip
age: 1579374
x-cached-since: 2024-08-29T13:05:58+00:00
x-id-fe: la2-hw-edge-canary-gc10
last-modified: Thu, 29 Aug 2024 09:11:33 GMT
server: nginx
traceparent: 00-bd81d9d8f79ff28a157b47c9bf493c4f-8ebf0357dd882c2d-01
etag: W/"66d03b45-5b06"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-vendor-vue.d.m.69d8efb7.js Show response
leoncasino.gcdn.co/js/ 143 KB
47 KB 100ms
99ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-vendor-vue.d.m.69d8efb7.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: eeb5bc607c2966bc9ad457771f59b8cbf3449df5f9fecf3a38de63def9803d7e

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: br
age: 1579374
x-cached-since: 2024-08-29T13:05:58+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 48043
last-modified: Thu, 29 Aug 2024 09:11:33 GMT
server: nginx
traceparent: 00-f075d228656b42fc163bd906d25ff29e-36325fd4ec3d36b6-01
etag: "66d03b45-bbab"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-route-modules-core.d.m.b556ab2a.js Show response
leoncasino.gcdn.co/js/ 74 KB
15 KB 90ms
89ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-route-modules-core.d.m.b556ab2a.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da7a3939609b79975f0e64253b6af0b7e0286e186315809a414d3dfa2503aab6

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: br
age: 531217
x-cached-since: 2024-09-10T16:15:15+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 15281
last-modified: Tue, 10 Sep 2024 12:28:38 GMT
server: nginx
traceparent: 00-bb54840526da1b5f8b4334deb52745eb-24059534b1ace658-01
etag: "66e03b76-3bb1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-sportline.d.m.c64a5eee.js Show response
leoncasino.gcdn.co/js/ 37 KB
13 KB 94ms
93ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-module-sportline.d.m.c64a5eee.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1f28af3591e1aea0f7ca20c726084389c352a37e20ab9a8a3847125583a18027

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: gzip
age: 629759
x-cached-since: 2024-09-09T12:52:53+00:00
x-id-fe: la2-hw-edge-canary-gc10
last-modified: Sat, 07 Sep 2024 15:37:20 GMT
server: nginx
traceparent: 00-806e3999414604b1e774853bb9606c24-0e827e45621d4a6b-01
etag: W/"66dc7330-95e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-profile.d.m.426b827c.js Show response
leoncasino.gcdn.co/js/ 29 KB
8 KB 119ms
118ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-module-profile.d.m.426b827c.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 42afec984285c7ec1e7f2bd4650dde534d9201641d50f599163c7b4b7e7441c6

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: br
age: 629759
x-cached-since: 2024-09-09T12:52:53+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 7628
last-modified: Sat, 07 Sep 2024 15:37:20 GMT
server: nginx
traceparent: 00-23249828676afec88ccb092a0d2c275a-0b4d15c60ff1dd2e-01
etag: "66dc7330-1dcc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-core.d.m.41cdfd39.js Show response
leoncasino.gcdn.co/js/ 145 KB
35 KB 114ms
113ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-module-core.d.m.41cdfd39.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: dbc7f2e47564ff7fc9d932921f30e4ccab688131631e37543c00e53306946494

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: br
age: 531217
x-cached-since: 2024-09-10T16:15:15+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 35897
last-modified: Tue, 10 Sep 2024 12:28:38 GMT
server: nginx
traceparent: 00-ed938d85ff1a6927aae87ca7480e4c15-9af265f0ebdd89ab-01
etag: "66e03b76-8c39"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-referral-program.d.m.cd9b0471.js Show response
leoncasino.gcdn.co/js/ 27 KB
6 KB 119ms
117ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-module-referral-program.d.m.cd9b0471.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 75be6e5e0eee00fba0cab9eb08c1c182afc78a7b8e0e01d5e180a3584ce5c9cf

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: br
age: 531217
x-cached-since: 2024-09-10T16:15:15+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 6063
last-modified: Tue, 10 Sep 2024 12:28:38 GMT
server: nginx
traceparent: 00-477e1c39fa6fc1d2b70ab32cdfafdf12-15b10d884301b86d-01
etag: "66e03b76-17af"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-errors.d.m.c699f2d2.js Show response
leoncasino.gcdn.co/js/ 16 KB
4 KB 118ms
117ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-module-errors.d.m.c699f2d2.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 70037b34a19a143f7e1706cbcf4164777b6e57fa554939d14f3eded57f7047bd

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: br
age: 1579374
x-cached-since: 2024-08-29T13:05:58+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 4409
last-modified: Thu, 29 Aug 2024 09:11:33 GMT
server: nginx
traceparent: 00-29a83150b9e52ffe027a973494bc018c-91d8d84370d9644c-01
etag: "66d03b45-1139"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-pin-code.d.m.3714197e.js Show response
leoncasino.gcdn.co/js/ 29 KB
8 KB 118ms
117ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-module-pin-code.d.m.3714197e.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: dcec385e2fd5e751ec4af4ec1302d9db34305aa61515702cda972882d869efcf

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:52 GMT
content-encoding: br
age: 1579374
x-cached-since: 2024-08-29T13:05:58+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 7642
last-modified: Thu, 29 Aug 2024 09:11:33 GMT
server: nginx
traceparent: 00-005715668388f995af661c76caaee51d-8c5304e8cc6f33ab-01
etag: "66d03b45-1dda"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-dialogs.d.m.18b101fa.js Show response
leoncasino.gcdn.co/js/ 22 KB
7 KB 144ms
143ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-module-dialogs.d.m.18b101fa.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 62ec2289475fc937179158916e0e4fc1a30a8ed0eddf8c749d2a417a72e39339

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: gzip
age: 1579375
x-cached-since: 2024-08-29T13:05:58+00:00
x-id-fe: la2-hw-edge-canary-gc10
last-modified: Thu, 29 Aug 2024 09:11:33 GMT
server: nginx
traceparent: 00-dd9d1a3b4842ad82b5ed13bcf5345f47-42e58162e7838c85-01
etag: W/"66d03b45-580c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-registration.d.m.83fc8361.js Show response
leoncasino.gcdn.co/js/ 22 KB
9 KB 150ms
149ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-module-registration.d.m.83fc8361.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4a7583555e56798beac5aa12bec85db284596d9570af676961da24ec0a098dd9

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: gzip
age: 629759
x-cached-since: 2024-09-09T12:52:54+00:00
x-id-fe: la2-hw-edge-canary-gc10
last-modified: Sat, 07 Sep 2024 15:37:20 GMT
server: nginx
traceparent: 00-c96535bc81624a7828ea306bbbe89c70-39d1e3379e3a0323-01
etag: W/"66dc7330-57e6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-customer-notifications.d.m.94252f01.js Show response
leoncasino.gcdn.co/js/ 17 KB
4 KB 141ms
140ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-module-customer-notifications.d.m.94252f01.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: afa4da24786a20ad3c263a84b7c5ea2ed3c91549c0b8de02d4720cc7fcfa0bdb

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: br
age: 1579375
x-cached-since: 2024-08-29T13:05:58+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 4304
last-modified: Thu, 29 Aug 2024 09:11:33 GMT
server: nginx
traceparent: 00-3ca67c01e700eb1ae05afb2270a7bb86-533c70dacc64f0a5-01
etag: "66d03b45-10d0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-analytics.d.m.d9f1ff02.js Show response
leoncasino.gcdn.co/js/ 26 KB
10 KB 146ms
145ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-module-analytics.d.m.d9f1ff02.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 08b59ad5981f5f3fa1555a3e204d965c4bb60e5ae083ae32a4e4443c3ebdb914

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: gzip
age: 531218
x-cached-since: 2024-09-10T16:15:15+00:00
x-id-fe: la2-hw-edge-canary-gc10
last-modified: Tue, 10 Sep 2024 12:28:38 GMT
server: nginx
traceparent: 00-b0bb77cf67a219b16fcb5fdc24df7b5a-10fb04082dc19a88-01
etag: W/"66e03b76-6885"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-app.d.m.ec1696ec.js Show response
leoncasino.gcdn.co/js/ 2 MB
427 KB 193ms
193ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-app.d.m.ec1696ec.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 06961e2702d948be0751cc4ed1546e167e181546f3ba3fd1b630d9ec8f4d3c74

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: br
age: 531218
x-cached-since: 2024-09-10T16:15:15+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 436853
last-modified: Tue, 10 Sep 2024 12:28:38 GMT
server: nginx
traceparent: 00-cdd372c6e4049ec0d70d5599709d1621-e73665dbae22e8e9-01
etag: "66e03b76-6aa75"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-vendors.d.m.73532d15.js Show response
leoncasino.gcdn.co/js/ 483 KB
129 KB 154ms
154ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-vendors.d.m.73532d15.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a52e787e96bc15f5f143be46b0d58dc220b49871af2422f6fd5523129f5516b2

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: br
age: 1579375
x-cached-since: 2024-08-29T13:05:58+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 132327
last-modified: Thu, 29 Aug 2024 09:11:33 GMT
server: nginx
traceparent: 00-90cbed640de42d27dbf1b9ca91f0dad9-7ec5f3940a6af5de-01
etag: "66d03b45-204e7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 api-1 Show response
1463.info/ 323 KB
70 KB 1233ms
1001ms Fetch
application/json 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0030dc4477f4627ba3dad7864eff5556ef746e61fbc504592bea763e3774904d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-browser: chrome
x-retention-id: dcfb2915-2a83-4043-989e-2f09fe13244c
x-app-platform: web
x-app-env: prod
x-requested-uri: /registration
x-app-skin: leoncasino
x-qtag: a29654_t33047_c242_sMisterDaxxx
x-app-version: 6.95.3
x-app-os: linux
x-utm-source: russia
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json
x-utm-medium: MisterDaxxx
Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
x-app-modernity: modern
x-app-rendering: csr

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 468ms
178ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-core.d.m.41cdfd39.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1334009059de0bfdd2e69b8428bb1234a8ada5a0f2225f6271bddb39610578d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 19:48:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Sep 2024 19:48:53 GMT

POST
H2 200 api-1 Show response
1463.info/ 455 B
699 B 388ms
387ms Fetch
application/json 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

47719a22559a4db7e9f7a801d41b3277b7c5c2977664f09b8e9d4262c1cd165e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-browser: chrome
x-app-version: 6.95.3
x-app-os: linux
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
x-app-modernity: modern
x-requested-uri: /registration
x-app-skin: leoncasino
x-app-rendering: csr

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 430ms
138ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 16:08:21 GMT
x-content-type-options: nosniff
age: 445233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Sep 2025 16:08:21 GMT

POST
H2 200 api-1 Show response
1463.info/ 707 B
864 B 660ms
658ms Fetch
application/json 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

04d8a016e58c402134f5ed12f4f09251b36344358d2e7eaa27143b2cb7a2628c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
x-app-version: 6.95.3
x-app-os: linux
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
x-app-modernity: modern
x-requested-uri: /registration
x-app-skin: leoncasino
x-app-rendering: csr

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 favicon.ico
1463.info/ 1 KB
417 B 658ms
658ms Other
image/x-icon 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL: https://1463.info/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e8ceb48efc3ae43c8756f9d57267ddbf0676c1951cacb0928b7d4e538e40688d

Request headers

Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2024 12:29:46 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"66e03bba-47e"
content-type: image/x-icon

GET
H2 200 css2
fonts.googleapis.com/ 31 KB
1 KB 173ms
172ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;900&display=swap&family=Prompt:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-core.d.m.41cdfd39.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9779b67b80402c9aeb04fdc67ac74673660c046de8e2c6cc748692529bdb9bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 19:48:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Sep 2024 19:48:54 GMT

GET
H2 200 favicon-32.png
1463.info/favicon/ 551 B
788 B 312ms
311ms Other
image/png 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL: https://1463.info/favicon/favicon-32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d892d3e4052fa9f44e2dae665dfa59dd6de5af6a5f143fca6c34b5a468886f88

Request headers

Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2024 12:28:39 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"66e03b77-227"
content-type: image/png
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 253 KB
77 KB 467ms
176ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Requested by

Host: 1463.info
URL: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecd8810c4ab52927b77e463ad35c10cd914684733bf21d3b06994a12cb7fc43f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78322
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Sep 2024 19:48:54 GMT

GET
H2 200 tag-manager.js Show response
tm.ads.sportradar.com/dist/ 304 KB
31 KB 609ms
283ms Script
application/javascript 2600:141b:1c00:2e::17d1:48c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Requested by: Host: 1463.info
URL: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2e::17d1:48c7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 78b98b6ab63aab0fc7779b127b944569a8cd685720e090cf86390ad2c0206f2e

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
content-disposition: inline
content-length: 32047
apigw-requestid: eNrCHhFyjoEEMEg=

GET
H2 200 async-route-modules-casino.d.m.542e366e.js Show response
leoncasino.gcdn.co/js/ 128 KB
26 KB 73ms
73ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-route-modules-casino.d.m.542e366e.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b9c231dcb7c0b5ab937aae8fdd5012037627fe214676775ac1c878544c472f7a

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: br
age: 531215
x-cached-since: 2024-09-10T16:15:19+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 26644
last-modified: Tue, 10 Sep 2024 12:28:38 GMT
server: nginx
traceparent: 00-4a359b9eceee2814e0a4e4952fc81b33-9059a4e1c5a298c7-01
etag: "66e03b76-6814"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 api-1 Show response
1463.info/ 20 KB
6 KB 326ms
325ms Fetch
application/json 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e4b370176004ec5a1a9da60c20b5055fce78fb3f77c9059a418265dc504a5fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
x-retention-id: dcfb2915-2a83-4043-989e-2f09fe13244c
x-app-platform: web
x-app-env: prod
x-requested-uri: /registration
x-app-skin: leoncasino
x-qtag: a29654_t33047_c242_sMisterDaxxx
x-app-version: 6.95.3
x-app-os: linux
x-utm-source: russia
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json
x-utm-medium: MisterDaxxx
Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
x-app-language: ru_RU
x-app-modernity: modern
x-app-rendering: csr

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

POST
H2 200 api-1 Show response
1463.info/ 631 B
725 B 328ms
326ms Fetch
application/json 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ff42401717596f8f0ca5b633e9fe076d695cee4f02dc167b995e61e45e4160a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
x-app-version: 6.95.3
x-app-os: linux
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /registration
x-app-skin: leoncasino
x-app-rendering: csr

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 async-module-lobby.d.m.e8cf51bb.js Show response
leoncasino.gcdn.co/js/ 131 KB
21 KB 74ms
73ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-module-lobby.d.m.e8cf51bb.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1c268965cc3e118257875397d109b8c2f0117cc82db74edcd7f5b983bbae5ce7

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: br
age: 1579364
x-cached-since: 2024-08-29T13:06:10+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 21579
last-modified: Thu, 29 Aug 2024 09:11:33 GMT
server: nginx
traceparent: 00-6890850de878e162cf5d2e6f6b91e2b7-8c72f40b47db8d30-01
etag: "66d03b45-544b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 api-1 Show response
1463.info/ 599 KB
41 KB 489ms
488ms Fetch
application/json 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

89d2ae90c9c16d8b36fb59d507e5fc3d2612407ec20d9cc47fa15f29295dc168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
x-app-version: 6.95.3
x-app-os: linux
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /registration
x-app-skin: leoncasino
x-app-rendering: csr

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 sprite.svg
1463.info/ 707 KB
240 KB 358ms
357ms Other
image/svg+xml 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL: https://1463.info/sprite.svg
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-vendor-vue.d.m.69d8efb7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a0c5dd95d029676d6f367a1e2aca29deed9a5ca9f408c739a734f2c470a8aa18

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2024 12:28:39 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"66e03b77-b0b83"
content-type: image/svg+xml
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.79938eaf.svg
leoncasino.gcdn.co/img/ 1 KB
906 B 220ms
73ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leoncasino.gcdn.co/img/logo.79938eaf.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: bb0581de4c73e0dc2cc1522b7876e8d5a5f2415e2bfb648e480d6dfb812bb00f

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: br
age: 4168837
x-cached-since: 2024-07-30T13:48:17+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 561
last-modified: Thu, 25 Jul 2024 08:47:26 GMT
server: nginx
traceparent: 00-0017cdacd900c48323980d46a6d081f4-58fc5ccd6f1ba958-01
etag: "66a2111e-231"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vip-ic.svg
cdnimages3.gcdn.co/HRJLWPLB/files/top-nav/ 4 KB
4 KB 244ms
77ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/top-nav/vip-ic.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 155705ad90a321b396a52fbab695bc92f9a2046aac18371fb9a172657e97c2a6

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:54 GMT
last-modified: Mon, 29 Jul 2024 11:38:11 GMT
server: nginx
traceparent: 00-0497bee2c633b4f5c2905ae5420e953c-ad1b67a86b464985-01
age: 3304025
etag: "66a77f23-106a"
x-cached-since: 2024-08-09T14:01:49+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 4202
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mascot.489c5ee3.svg
leoncasino.gcdn.co/img/ 6 KB
3 KB 158ms
75ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leoncasino.gcdn.co/img/mascot.489c5ee3.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5f60ba2783fe1359d0ea58a96615b3e85756a33b0ea7d9cc5d20845128980a8c

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
age: 4177019
x-cached-since: 2024-07-30T11:31:55+00:00
x-id-fe: la2-hw-edge-canary-gc8
last-modified: Thu, 25 Jul 2024 08:47:26 GMT
server: nginx
traceparent: 00-f075555201728075b922e4cfc55586ec-9ffc87e814e195c9-01
etag: W/"66a2111e-17ab"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-route-modules-registration.d.m.191c4b84.js Show response
leoncasino.gcdn.co/js/ 41 KB
11 KB 74ms
73ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-route-modules-registration.d.m.191c4b84.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3e4e0b007397d9e61547e1f61d24632852a65e70ce69aa4b0d37158c26691cb2

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: br
age: 1579360
x-cached-since: 2024-08-29T13:06:14+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 10675
last-modified: Thu, 29 Aug 2024 09:11:33 GMT
server: nginx
traceparent: 00-e71161134e38d5c28d77248f6453cb82-890c2b0f08aa0afa-01
etag: "66d03b45-29b3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 favicon.ico
1463.info/ 1 KB
0 0ms
0ms Other
image/x-icon 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL: https://1463.info/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e8ceb48efc3ae43c8756f9d57267ddbf0676c1951cacb0928b7d4e538e40688d

Request headers

Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2024 12:29:46 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"66e03bba-47e"
content-type: image/x-icon

GET
H2 200 favicon.ico
1463.info/ 1 KB
0 0ms
0ms Other
image/x-icon 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL: https://1463.info/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e8ceb48efc3ae43c8756f9d57267ddbf0676c1951cacb0928b7d4e538e40688d

Request headers

Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:53 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2024 12:29:46 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"66e03bba-47e"
content-type: image/x-icon

POST
H2 200 api-1 Show response
1463.info/ 8 KB
3 KB 480ms
479ms Fetch
application/json 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

9e75b33213a21f8795a08f675e832c8658d8784bdac8fad1d51d4d09d14f0c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
x-app-version: 6.95.3
x-app-os: linux
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /registration
x-app-skin: leoncasino
x-app-rendering: csr

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

POST
H2 200 api-1 Show response
1463.info/ 24 KB
5 KB 478ms
477ms Fetch
application/json 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

96e614a47532daef50f7b288e1b0741076e0c8f2b76ab5a82c2646a930bcfc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
x-app-version: 6.95.3
x-app-os: linux
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /registration
x-app-skin: leoncasino
x-app-rendering: csr

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 10 KB
10 KB 140ms
138ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec999ab71cbb6beb7e10406b0d6910c32b5079b7def5722662d2915cf3a54677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 16:05:27 GMT
x-content-type-options: nosniff
age: 445407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9964
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Sep 2025 16:05:27 GMT

GET
H2 200 favicon-32.png
1463.info/favicon/ 551 B
0 0ms
0ms Other
image/png 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL: https://1463.info/favicon/favicon-32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d892d3e4052fa9f44e2dae665dfa59dd6de5af6a5f143fca6c34b5a468886f88

Request headers

Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2024 12:28:39 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"66e03b77-227"
content-type: image/png
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 api-1 Show response
1463.info/ 131 B
450 B 388ms
387ms Fetch
application/json 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5938abde88b34d9b8e4da4c61ff5cdda4d3b897704606ff7c339732e02e1237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
x-app-version: 6.95.3
x-app-os: linux
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /registration
x-app-skin: leoncasino
x-app-rendering: csr

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 mascot.489c5ee3.svg
leoncasino.gcdn.co/img/ 6 KB
0 0ms
0ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leoncasino.gcdn.co/img/mascot.489c5ee3.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5f60ba2783fe1359d0ea58a96615b3e85756a33b0ea7d9cc5d20845128980a8c

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
age: 4177019
x-cached-since: 2024-07-30T11:31:55+00:00
x-id-fe: la2-hw-edge-canary-gc8
last-modified: Thu, 25 Jul 2024 08:47:26 GMT
server: nginx
traceparent: 00-f075555201728075b922e4cfc55586ec-9ffc87e814e195c9-01
etag: W/"66a2111e-17ab"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 winners.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 6 KB
6 KB 91ms
77ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/winners.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 25d002e623903b320eb203f271ef153ee2df8a51e2aed4878c7598d9f6a6ca6d

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1745456
x-cached-since: 2024-08-27T14:57:59+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 5772
pragma: public
last-modified: Fri, 28 Jun 2024 13:43:26 GMT
server: nginx
traceparent: 00-03998d6c1dba50ece297a8c19b33ce2f-0146393ba686afb7-01
etag: "168c-61bf36e9740bf"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 14:24:24 GMT

GET
H2 200 leon-jackpot-1.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 7 KB
7 KB 94ms
79ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/leon-jackpot-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fe94ea56b20d7c1b1f1822d1f8c4033e576bc98c886881a51a52e6b5601b2cc1

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 495866
x-cached-since: 2024-09-11T02:04:29+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 7254
pragma: public
last-modified: Fri, 03 May 2024 13:47:51 GMT
server: nginx
traceparent: 00-c6fd30eb858dee0eff609996d64b942c-33a5e7e23f1ac0e6-01
etag: "1c56-6178cf7491cfe"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Wed, 12 Jun 2024 13:42:00 GMT

GET
H2 200 other.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 1 KB
1 KB 89ms
75ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/other.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3c584108e1d8685d12332171f34879003c01a21d55ae5bf753b8e034bc020e2c

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1748004
x-cached-since: 2024-08-27T14:15:31+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 1220
pragma: public
last-modified: Fri, 28 Jun 2024 13:41:21 GMT
server: nginx
traceparent: 00-0d360484357defc7835913cf8fbee7d9-2d8d0326501b32d7-01
etag: "4c4-61bf367262f3c"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 13:51:01 GMT

GET
H2 200 video_poker.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 88ms
74ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/video_poker.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 13b710020acb4a4914b3773ceee2b981f8c96e443e66616feb8c449825aa0992

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1745456
x-cached-since: 2024-08-27T14:57:59+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 2137
pragma: public
last-modified: Fri, 28 Jun 2024 13:45:12 GMT
server: nginx
traceparent: 00-1ce8d0943333aac8552270beca775644-ffaa6348c7d9df67-01
etag: "859-61bf374e1215d"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 14:24:24 GMT

GET
H2 200 scratchcards.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 96ms
82ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/scratchcards.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9bb2c583bfe0cfe4ce25dcad5944668b5da72f52f04163654804a03238897b42

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1745456
x-cached-since: 2024-08-27T14:57:59+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 2305
pragma: public
last-modified: Fri, 28 Jun 2024 13:42:25 GMT
server: nginx
traceparent: 00-794c5210f2e7b30ee35af4141de16141-6e243495e7cae43c-01
etag: "901-61bf36af57c9c"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 14:24:24 GMT

GET
H2 200 slots-4.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 86ms
73ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/slots-4.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1ae73f949ce1ca94b58f32ac5fab711d948e93073d8432e06228d5dc3a69321a

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1745456
x-cached-since: 2024-08-27T14:57:59+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 1832
pragma: public
last-modified: Fri, 28 Jun 2024 13:41:39 GMT
server: nginx
traceparent: 00-49d5f10bdcdd024955297d384a02e139-6358059f2255c0c3-01
etag: "728-61bf3682e8cd6"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 14:24:24 GMT

GET
H2 200 jackpots.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 86ms
85ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/jackpots.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fd1792c86362ee56c8ca9479b4bf023862faec59991939d1a4e8d568877df028

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1748004
x-cached-since: 2024-08-27T14:15:31+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 1666
pragma: public
last-modified: Fri, 28 Jun 2024 13:41:33 GMT
server: nginx
traceparent: 00-4b9673d10c56b8318c1c3a6bc036369a-d29a55d070969194-01
etag: "682-61bf367d55ec8"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 13:51:01 GMT

GET
H2 200 table.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 87ms
87ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/table.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 533cc1795d0f8c05ba575368c4a1d156021e74d1e72c1e48f6a54c1f9c8c7b06

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1748004
x-cached-since: 2024-08-27T14:15:31+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 2051
pragma: public
last-modified: Fri, 28 Jun 2024 13:41:09 GMT
server: nginx
traceparent: 00-6754d5000019603aa00612f1d05357d6-35da84f4728e6fbb-01
etag: "803-61bf3666cddb9"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 13:51:01 GMT

GET
H2 200 instant_win-1.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 413 B
551 B 87ms
87ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/instant_win-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9e8fadb0932ffc1f1a4937d9ab37505a34a35b6d0c05fdcb7f00f8290934c9d6

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1745456
x-cached-since: 2024-08-27T14:57:59+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 413
pragma: public
last-modified: Fri, 28 Jun 2024 13:42:59 GMT
server: nginx
traceparent: 00-e158f3ed9cb814880a73db503c0fd396-1173f2c545660001-01
etag: "19d-61bf36cf7dfa0"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 14:24:24 GMT

GET
H2 200 books-5.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 82ms
81ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/books-5.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 049e51bec3a57f5d4f4ff4d0a592ce5a25e418fa08841f345cc7b7ba2e6b1581

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1745456
x-cached-since: 2024-08-27T14:57:59+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 1804
pragma: public
last-modified: Fri, 28 Jun 2024 13:42:41 GMT
server: nginx
traceparent: 00-064faebb83af88148a12423365d5a833-583d5d225f4f83c5-01
etag: "70c-61bf36bec16f3"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 14:24:24 GMT

GET
H2 200 megaways-8.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 1021 B
1 KB 81ms
80ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/megaways-8.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9f37e4d79b64613286fbf83e86ba1a2e41279be0c2ccbd076ca5b50f9386a8b5

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1745456
x-cached-since: 2024-08-27T14:57:59+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 1021
pragma: public
last-modified: Fri, 28 Jun 2024 13:42:33 GMT
server: nginx
traceparent: 00-dbbae61bbb94fa579d6cbde58d55673a-93bcbf33ee4fc8a3-01
etag: "3fd-61bf36b728ef1"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 14:24:24 GMT

GET
H2 200 bonus_buy.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 1 KB
2 KB 78ms
77ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/bonus_buy.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 22eb05f821c7cc95e715dc17de449edd34c22e15cd62eeb916824dc6b87b31aa

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1748004
x-cached-since: 2024-08-27T14:15:31+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 1496
pragma: public
last-modified: Fri, 28 Jun 2024 13:40:52 GMT
server: nginx
traceparent: 00-b8abe3f64e0f7beb5f1e7b8bfab87710-43efa1f4421c8296-01
etag: "5d8-61bf3656318b7"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 13:51:01 GMT

GET
H2 200 sevens-1.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 3 KB
4 KB 88ms
87ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/sevens-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 046036e7f874f492979b65f952a66e194b8f1739f24a64d40b2052f944114bc5

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 624353
x-cached-since: 2024-09-09T14:23:02+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 3508
pragma: public
last-modified: Thu, 11 Jul 2024 12:31:11 GMT
server: nginx
traceparent: 00-4e513a38adc7dd548a740522c3947389-dd7be5de74c29df8-01
etag: "db4-61cf7f01e8600"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sat, 10 Aug 2024 12:33:18 GMT

GET
H2 200 exclusive.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 5 KB
6 KB 83ms
82ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/exclusive.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7fed836409217f5ac8eddc5f8193b5c0c5e4e02bc3af1d18b4bc00287b8cfa33

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1184746
x-cached-since: 2024-09-03T02:43:09+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 5618
pragma: public
last-modified: Fri, 05 Apr 2024 10:28:02 GMT
server: nginx
traceparent: 00-0ffa4f4ae4c1098d8f43569164bbc840-7b99de7aa71b3856-01
etag: "15f2-61556e915c6e7"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 05 May 2024 11:41:38 GMT

GET
H2 200 new_slots.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 84ms
83ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/new_slots.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 98596f703ec5e76243f01c178e27e944f494fbda0e8e4dacd6291739b078ac8b

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1748004
x-cached-since: 2024-08-27T14:15:31+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 1699
pragma: public
last-modified: Fri, 28 Jun 2024 13:40:41 GMT
server: nginx
traceparent: 00-fb162ffe2dce388d707bed1fe37f83a7-6542de8074e86037-01
etag: "6a3-61bf364b9c54c"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 13:51:01 GMT

GET
H2 200 top-5.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 697 B
847 B 83ms
82ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/top-5.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7e3f1836401d8d45ae3f406467c7bc7b78193dc00028d63d7659a7809bc4c083

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 1748004
x-cached-since: 2024-08-27T14:15:31+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 697
pragma: public
last-modified: Fri, 28 Jun 2024 13:40:31 GMT
server: nginx
traceparent: 00-a422bc16b386cf3a6fa0c12a4812b285-4f01e7658dfe3981-01
etag: "2b9-61bf36429d66e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sun, 28 Jul 2024 13:51:01 GMT

GET
H2 200 1-167@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 88 KB
88 KB 234ms
230ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/1-167@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 968ad3c148342a0c1613a0628afa5d07e18e690066b2a17c5e3b3912811f0ef4

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Tue, 27 Aug 2024 07:05:20 GMT
server: nginx
traceparent: 00-07e17c1e94410c6739f6288bece38e63-50731099fee04f13-01
age: 1650575
etag: "66cd7ab0-15ef6"
x-cached-since: 2024-08-28T17:19:20+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 89846
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720_%23ba2575@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 85 KB
85 KB 86ms
82ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%23ba2575@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: cbaffb0dcb22021278f94094e1bc93fd915c4211b989b7355880aa5d196da2a5

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Mon, 09 Sep 2024 11:06:26 GMT
server: nginx
traceparent: 00-38070ce5f04d05dbb05fb49d40fa6578-c56175883cc55ddc-01
age: 43479
etag: "66ded6b2-153ce"
x-cached-since: 2024-09-16T07:44:16+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 86990
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720_%230c1c5a@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 75 KB
75 KB 167ms
163ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%230c1c5a@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b9a8251732d83c1d99b6b8c684cf2618502d186ed64fe800a602c2b64575f89a

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Mon, 09 Sep 2024 14:31:23 GMT
server: nginx
traceparent: 00-a1f7318d7df259d5358072f9b106a694-2bb97c8f8f82cde6-01
age: 338811
etag: "66df06bb-12c24"
x-cached-since: 2024-09-12T21:42:04+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 76836
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720_%233b0800@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 111 KB
111 KB 241ms
237ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%233b0800@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: cf8159320c9adf5a39d7e4b15460172cddddd084652126ee1ba4de3610bbff43

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Tue, 03 Sep 2024 16:12:26 GMT
server: nginx
traceparent: 00-5b51d9da9228ba28f6f16af2f9f5ce70-2d5d823b41c86c9c-01
age: 604306
etag: "66d7356a-1bbb4"
x-cached-since: 2024-09-09T19:57:09+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 113588
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720_alfa+%281%29@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 98 KB
98 KB 241ms
238ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_alfa+%281%29@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1c45be6fd86b3fd02cdf904fd4e60217278a3556e9b02914b39bbb863f6d5dbf

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Mon, 26 Aug 2024 09:55:53 GMT
server: nginx
traceparent: 00-ac6f0173c8f7f535a44af8a38787244c-268ac13ef3eea745-01
age: 1621899
etag: "66cc5129-186d8"
x-cached-since: 2024-08-29T01:17:16+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 100056
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720+%282%29-5@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 85 KB
86 KB 241ms
238ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720+%282%29-5@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 186734b055060f2663c641332989af33e73e9190f0636384d6b540764f6e426a

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Fri, 30 Aug 2024 12:08:32 GMT
server: nginx
traceparent: 00-e8864aeed275500657a87a1263d21735-c3201e32c41efb84-01
age: 22281
etag: "66d1b640-155ea"
x-cached-since: 2024-09-16T13:37:34+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 87530
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720-1887@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 112 KB
112 KB 241ms
238ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720-1887@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 39704adc61f2739ef597fc3382e97a2a839c41059dcb02d740ff0db80492486d

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Tue, 06 Aug 2024 13:04:29 GMT
server: nginx
traceparent: 00-1cbbfbeecd66e012bbb6fa773e6046cc-1039927e1f94673c-01
age: 3560073
etag: "66b21f5d-1beda"
x-cached-since: 2024-08-06T14:54:22+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 114394
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720_%230032e6@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 87 KB
87 KB 241ms
238ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%230032e6@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 75f7189a52997aca5b3d8c2b9442e1eeccc73be2012331cf9382b28b73e91b52

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Sat, 03 Aug 2024 08:11:48 GMT
server: nginx
traceparent: 00-48fb02224aeef0f5fc198f173c0e3779-f9c00d3c9cd306d1-01
age: 3703762
etag: "66ade644-15cc8"
x-cached-since: 2024-08-04T22:59:33+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 89288
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720_%237a501d-1@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 88 KB
88 KB 241ms
238ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%237a501d-1@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 511ad4b904f2bbf13a19f1444bcef8efc47ead84fc8411f76f6a9c0bdc75e986

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Fri, 02 Aug 2024 20:35:16 GMT
server: nginx
traceparent: 00-61abda07aec0ccb8618851c1252cec71-c94313eb4182754a-01
age: 3703763
etag: "66ad4304-15e8c"
x-cached-since: 2024-08-04T22:59:32+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 89740
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720-1872@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 76 KB
76 KB 970ms
967ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720-1872@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2b8aeb36c838c2e76b19d62662368365102c2c12a9868f49fe64188919f00730

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Mon, 08 Jul 2024 09:22:14 GMT
server: nginx
traceparent: 00-80fc6c6e2c484710644cd0884ce4d31e-bd14a3be689b0b41-01
etag: "668bafc6-12f54"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 77652
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720_%23da5400@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 87 KB
87 KB 1014ms
1011ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%23da5400@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f2a376e000dc2fc057e8421917b58a97b933b4bf755e27f4df6a699eb14da0c5

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Mon, 01 Jul 2024 10:41:40 GMT
server: nginx
traceparent: 00-17828d9a80f2ddb41065a7e19397fb2e-06a05d1de28588fe-01
etag: "668287e4-15aa2"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 88738
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720-1868@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 88 KB
88 KB 1033ms
1031ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720-1868@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f2f3b32a31a2d4c9d2a25998c84f51bd200cd616a4aa4ec0e5dc189b327b0512

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Mon, 01 Jul 2024 09:01:10 GMT
server: nginx
traceparent: 00-078a056186f6ca4ced660102cb1454ac-d206746e740b4972-01
etag: "66827056-15e0e"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 89614
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720-1806@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 91 KB
91 KB 241ms
239ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720-1806@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ed1bc7d13053d088f8964c1250cddebddbe714562e3c4f37c6eb7f3ab622ab3c

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Tue, 04 Jun 2024 15:00:49 GMT
server: nginx
traceparent: 00-d7138a87097d34244df3367be24c2ba0-b8b142bd17b3ad0a-01
age: 5316107
etag: "665f2c21-16b12"
x-cached-since: 2024-07-17T07:07:08+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 92946
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720-1700@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 63 KB
63 KB 241ms
239ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720-1700@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3101913da741c6abe51dbd06fdbb8e9da521d4f61de5c6590fe8e8c00dfed876

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Fri, 26 Apr 2024 12:09:42 GMT
server: nginx
traceparent: 00-bf68f1451618f5a525f29e132907fe2c-7aecf7549f19e7e1-01
age: 1356354
etag: "662b9986-faf2"
x-cached-since: 2024-09-01T03:03:01+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 64242
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720_%232447cf@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 91 KB
91 KB 241ms
239ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%232447cf@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a937b78365cd53aa0f94e4ba350c890db8fec4bc9a5af6a03f6618a70df88687

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Fri, 26 Apr 2024 10:10:19 GMT
server: nginx
traceparent: 00-7235901435734633ab4cd08a6043d28b-d18ebc2fd4db7126-01
age: 2389118
etag: "662b7d8b-16a3e"
x-cached-since: 2024-08-20T04:10:17+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 92734
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720-1665@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 70 KB
70 KB 241ms
239ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720-1665@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c3b97b4a0032010f3f395bd43b5cae6282107e1f81e1a97844a1bdae4cc370f8

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Fri, 15 Mar 2024 14:27:03 GMT
server: nginx
traceparent: 00-6c10b79117829d25f6f44c9c1e582b71-5df710f4d319bf81-01
age: 5316107
etag: "65f45ab7-11910"
x-cached-since: 2024-07-17T07:07:08+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 71952
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720_%23375200-12@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 76 KB
77 KB 241ms
239ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%23375200-12@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7f989c83968e264297452a69bc42c7903f59fdc4eea0bcd0286dbe4848418e18

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Thu, 25 Jul 2024 11:25:29 GMT
server: nginx
traceparent: 00-ece90e15abbe7e106f329b1339587e9e-1b928a5411243cd1-01
age: 4587997
etag: "66a23629-13174"
x-cached-since: 2024-07-25T17:22:18+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 78196
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978720fc6d8b-1@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 41 KB
41 KB 1032ms
1030ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978720fc6d8b-1@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8ea45050499c5f73f33502fb30dad78e585074a0498bc86cc7abef6c36593ca5

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Thu, 16 Mar 2023 15:15:49 GMT
server: nginx
traceparent: 00-e873b46b61c7fc53352094d246b59798-8a17e5f362e3b720-01
etag: "641332a5-a3a0"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 41888
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 978x720-1752@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 75 KB
75 KB 1006ms
1005ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720-1752@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 362c77f0c36c56a42c21e44c66f2512386a669fea63f1335ddfe2d477d3efae9

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Tue, 07 May 2024 14:17:44 GMT
server: nginx
traceparent: 00-3ceab94d17da965f28bf0e53150250d1-87c371000708e172-01
etag: "663a3808-12ba2"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 76706
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tracker.js Show response
tracker.ads.sportradar.com/dist/ 27 KB
7 KB 430ms
413ms Script
application/javascript 2600:141b:1c00:2e::17d1:48c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist/tracker.js
Requested by: Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2e::17d1:48c7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:55 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 08:33:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "235331a0761142ae4fd345cdf7c7f9ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
x-amz-cf-id: x-DCxr2vdnH7CalWPX8joIZ16w5n9i1udkzfgAnEvlRLpvlFCGYRfA==
content-length: 6405

GET
H2

200

pixel Show response
a.sportradarserving.com/ul_cb/
Redirect Chain

https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235

1 KB
2 KB

158ms
157ms

Script
text/javascript

35.211.233.246
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
Protocol: H2
Server: 35.211.233.246 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 246.233.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 9dd3150efb7c67121d9105fdf70a6040b713fe00824e9dcc560de5fd364cfa40

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1528
content-type: text/javascript; charset=UTF-8

Redirect headers

location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
date: Mon, 16 Sep 2024 19:48:55 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
98 KB 179ms
178ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4072e002df42fb2f729775643365bf323b22fe6b1a590faef5c71422fdeb70c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 16 Sep 2024 19:48:55 GMT

GET
H/1.1 200
OK js Show response
pixel-us.r2drtb.com/pixel/ 474 B
808 B 639ms
139ms Script
text/javascript 88.214.195.101
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-us.r2drtb.com/pixel/js?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.101 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ca66f8a77b03fd9838cbc5ece0536f51d1e8c8a3d1face8ea1c57e8c06b22b51

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2024 19:48:56 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 474
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 465ms
141ms Script
application/x-javascript 2600:9000:24f1:fa00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: 1463.info
URL: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:fa00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:13:18 GMT
content-encoding: gzip
via: 1.1 fcce23e7f4e791fa67223a305c4debb8.cloudfront.net (CloudFront)
last-modified: Mon, 16 Sep 2024 19:13:08 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: JFK50-P4
age: 2137
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: ZucQTI8nM3a5qANrj6XUwIpkPXv7PTEDMTI6DMS1Ir0s5e72mxU93w==
expires: Mon, 16 Sep 2024 20:13:18 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 80 KB
31 KB 599ms
292ms Script
application/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: 1463.info
URL: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:55 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2024 07:02:31 GMT
server: nginx
x-amz-request-id: tx00000a762dbecf9209264-006657c4e1-329875c8-default
etag: W/"1c188eabf1f0749a0cffb2c108473370"
x-cache-status: HIT, BYPASS, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 tag-manager.js Show response
tm.ads.sportradar.com/dist/ 304 KB
0 0ms
0ms Script
application/javascript 2600:141b:1c00:2e::17d1:48c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Requested by: Host: 1463.info
URL: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2e::17d1:48c7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 78b98b6ab63aab0fc7779b127b944569a8cd685720e090cf86390ad2c0206f2e

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:54 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
content-disposition: inline
content-length: 32047
apigw-requestid: eNrCHhFyjoEEMEg=

GET
H2 200 gtr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ 5 KB
3 KB 433ms
136ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4

Requested by

Host: 1463.info
URL: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 16 Sep 2024 19:48:55 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 755
cdn-cachedat: 08/30/2024 07:20:23
cdn-pullzone: 692289
last-modified: Thu, 29 Aug 2024 14:04:29 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"66d07fed-1353"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 97ce687c6ef25e0c3809ded32f14d4bc
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
expires: Sat, 30 Aug 2025 07:20:23 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 429ms
130ms Script
application/javascript 2620:116:800b:21:a021:b886:81cc:55cf
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 1463.info
URL: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:56 GMT
content-encoding: gzip
etag: "tIg8n6xaLBY4WwNLLw9OGA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 23 Sep 2024 19:48:56 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=37094577&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1

0
1 KB

238ms
238ms

Script
application/javascript

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
an-x-request-uuid: 1d97cd74-73a2-48b7-9396-8a23ef862237
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.247; 162.245.206.247; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
an-x-request-uuid: f2b187ee-11f6-4677-bc58-1a7ba91ecc38
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1
x-proxy-origin: 162.245.206.247; 162.245.206.247; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 22 KB
8 KB 221ms
71ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: 1463.info
URL: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Cache-Hits: 17138, 1807
Date: Mon, 16 Sep 2024 19:48:55 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 11615
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 7929
X-Served-By: cache-lga21930-LGA, cache-bur-kbur8200065-BUR
Last-Modified: Wed, 19 Jun 2024 17:09:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1726516136.853600,VS0,VE0
ETag: W/"667310b3-587e"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
Expires: Wed, 04 Sep 2024 09:16:49 GMT

GET
H2 200 admtracker.lib.min.js Show response
pj.l.liftdsp.com/ 7 KB
3 KB 490ms
139ms Script
application/javascript 2600:9000:21dd:9600:16:3a8f:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pj.l.liftdsp.com/admtracker.lib.min.js
Requested by: Host: 1463.info
URL: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:9600:16:3a8f:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e231ad4957b413aaef88dd602f78a6b38d22750f39eb98a61fc345645512bab

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:44:15 GMT
content-encoding: br
via: 1.1 c5b9a0c64a4bfd127a52280a230003d2.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2024 11:47:16 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 312
x-amz-server-side-encryption: AES256
etag: W/"589ae1c612af869f5dc381ed3ef52717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=900
x-amz-cf-id: qWg8FW4614YIo9yYS2nKeQTbrr-ZKk9x-KArl9V3QIIi9gZ05EkKpQ==

GET
H/1.1 200
OK js Show response
pixel-us.r2drtb.com/pixel/ 465 B
799 B 410ms
143ms Script
text/javascript 88.214.195.101
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-us.r2drtb.com/pixel/js?auth=d796s9&event=regstarted&uid=undefined&tid=undefined&amount=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.101 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 977c2c301aa75f155cbcdac3453024320daec24ae369b3a75aeb069cc29b1ee9

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2024 19:48:56 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 465
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel Show response
a.sportradarserving.com/ul_cb/
Redirect Chain

https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1231
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1231

1 KB
2 KB

159ms
158ms

Script
text/javascript

35.211.233.246
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1231
Protocol: H2
Server: 35.211.233.246 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 246.233.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 0c3521ad8f3f3fb51d29d672affd2ee683e1b53668e01758a2579dea128a50aa

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1528
content-type: text/javascript; charset=UTF-8

Redirect headers

location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1231
date: Mon, 16 Sep 2024 19:48:55 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 200 /
leoncas.com/rest/auth/saved-passwords/ Frame 0
0 659ms
218ms Preflight 109.169.10.207
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncas.com/rest/auth/saved-passwords/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.169.10.207 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-app-layout,x-app-os,x-app-platform
Access-Control-Request-Method: GET
Origin: https://1463.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, x-app-layout, x-app-browser, x-app-version, x-app-os, x-requested-uri, x-app-skin, x-app-rendering, x-app-platform, x-app-env, x-app-modernity, user-agent, cookie
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin: https://1463.info
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 16 Sep 2024 19:48:56 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 1710x696-3205@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 117 KB
117 KB 1017ms
1015ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/1710x696-3205@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 26d169ac447fd76d108e3bf35896d6dd13557a1f11de5614129425fa38ccf333

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Thu, 29 Aug 2024 16:30:28 GMT
server: nginx
traceparent: 00-8fe98b7640b50fe91c8d7f67d7651489-6f8c2fa9cc7f8e3f-01
etag: "66d0a224-1d4c8"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 120008
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1710x696+%2860%29-2@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 82 KB
82 KB 943ms
941ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/1710x696+%2860%29-2@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f2f6af26e862ddb8b2b6cb81e3a3d88afbfa87469cd93e1c0bb6792554fb07f3

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Mon, 15 Jul 2024 12:39:30 GMT
server: nginx
traceparent: 00-21078927411cd441396d218a3b32432c-fae96bfc2c5f2a6b-01
etag: "66951882-14878"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 84088
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1710x696-ru_RU-14@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 169 KB
169 KB 923ms
922ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/1710x696-ru_RU-14@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f32a366965f0fc5a7d0655f2b25c1a5d8352d09bf7a4c4a79a4cf8396e0342da

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Fri, 30 Aug 2024 09:15:12 GMT
server: nginx
traceparent: 00-e391efd2edc88caef3568a2a7cc6f295-6a640961fd0d75e2-01
etag: "66d18da0-2a3ae"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 172974
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1710x696-3260@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 121 KB
121 KB 938ms
936ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/1710x696-3260@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 80852fc495931f3012ec4360e49e1757f6375aa5edddb39df61c30dc1bdbfe34

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Tue, 03 Sep 2024 17:25:23 GMT
server: nginx
traceparent: 00-42dde995d62f32182a4862637f90e6fe-ec89d4802704762e-01
etag: "66d74683-1e462"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 124002
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 137ms
137ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 16:15:15 GMT
x-content-type-options: nosniff
age: 444820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Sep 2025 16:15:15 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 10 KB
10 KB 145ms
144ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 20:46:30 GMT
x-content-type-options: nosniff
age: 342145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9852
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 20:46:30 GMT

GET
H2 200 981x411.png
cdnimages2.gcdn.co/SC/Leonbets/registrationBanner/ 556 KB
557 KB 997ms
996ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/registrationBanner/981x411.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2cae2cf9e144e8f28c963ef16067a3c04031aea0e2354b7b59a5ba04071586a5

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: public
date: Mon, 16 Sep 2024 19:48:56 GMT
x-id: la2-hw-edge-canary-gc8
last-modified: Thu, 05 Sep 2024 08:25:37 GMT
server: nginx
traceparent: 00-1c35a6d65de95d5a0e5888dcaeee2043-f88083e2a8411dee-01
etag: "8b04a-6215b0904b34c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc8
accept-ranges: bytes
content-length: 569418
expires: Wed, 16 Oct 2024 19:48:56 GMT

GET
H2 200 / Show response
leoncas.com/rest/auth/saved-passwords/ 34 B
572 B 625ms
215ms Fetch
application/json 109.169.10.207
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncas.com/rest/auth/saved-passwords/
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.169.10.207 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e19237af2d984f7b772577bee8f16b86c42e21212c0f9cb0fb17762cc2de04e4

Request headers

x-app-layout: desktop
Referer: https://1463.info/
x-app-os: linux
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-app-platform: web

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://1463.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, x-app-layout, x-app-browser, x-app-version, x-app-os, x-requested-uri, x-app-skin, x-app-rendering, x-app-platform, x-app-env, x-app-modernity, user-agent, cookie
expires: 0

GET
H2 200 sunSw.ed0b29cf.svg
leoncasino.gcdn.co/img/ 447 B
439 B 74ms
73ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leoncasino.gcdn.co/img/sunSw.ed0b29cf.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 775042c1fe9439c9066a6d08cb873a8be580b1f68bc1d0cec530291043fe3bd5

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
content-encoding: br
age: 6067990
x-cached-since: 2024-07-08T14:15:45+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 274
last-modified: Wed, 03 Jul 2024 12:31:14 GMT
server: nginx
traceparent: 00-cd6e86e7de13e2a2aee30e3b8647ce9a-42389e0b24b20d68-01
etag: "66854492-112"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 moonSw.42d77c61.svg
leoncasino.gcdn.co/img/ 382 B
358 B 75ms
75ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leoncasino.gcdn.co/img/moonSw.42d77c61.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c020aa5e9eb7aac89747e8a51508d90351d160dfe83e4b0a21dbbb0f05be0f9c

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
content-encoding: br
age: 6067990
x-cached-since: 2024-07-08T14:15:45+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 241
last-modified: Wed, 03 Jul 2024 12:31:14 GMT
server: nginx
traceparent: 00-a3a33eae73c473260d109890a77890bf-8ae1871ec40bd8ab-01
etag: "66854492-f1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 us.7ec112b1.svg
leoncasino.gcdn.co/img/ 6 KB
831 B 85ms
84ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leoncasino.gcdn.co/img/us.7ec112b1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 987c4c2b1d2840ec880d484af7f42d28403da21070484bed30fc45a629ce197c

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
content-encoding: br
age: 465974
x-cached-since: 2024-09-11T10:22:41+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 518
last-modified: Tue, 10 Sep 2024 12:28:38 GMT
server: nginx
traceparent: 00-8463716e1963f1b296d96849c16b7249-bc612baffda32b55-01
etag: "66e03b76-206"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 183ms
183ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

3e8f8a1d4f1a37245c6b7acbaa44a6c04975d1e21b038f7128be586482ffe4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 16:40:52 GMT
x-content-type-options: nosniff
age: 443283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12280
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Sep 2025 16:40:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 219ms
219ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 16:13:15 GMT
x-content-type-options: nosniff
age: 444940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12456
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Sep 2025 16:13:15 GMT

GET
H2 200 VIKINGSTHESAGAOFFENRIR%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 44 KB
45 KB 112ms
111ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/VIKINGSTHESAGAOFFENRIR%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d25f1a90706054363b083e0be238dc86e46c1ca8ae2a7cc2903c9cd88e43522c

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Mon, 16 Sep 2024 10:30:22 GMT
server: nginx
traceparent: 00-6d3f040d006d29a27f6f60e0c2820221-e318a0255776e12a-01
age: 20811
etag: "66e808be-b1c2"
x-cached-since: 2024-09-16T14:02:04+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 45506
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 WolfsMoon%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 38 KB
38 KB 938ms
937ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/WolfsMoon%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d6e17c6e0d622f4c9a1cf2fbbe6e59df503c15739d2c7a40f68acfbfeffca2b7

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Fri, 17 May 2024 13:26:50 GMT
server: nginx
traceparent: 00-c9fde06c639c2f95dbd38082aed438e1-12395591e442a398-01
etag: "66475b1a-9782"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 38786
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mascot-animated.0c5935de.svg
leoncasino.gcdn.co/img/ 7 KB
3 KB 74ms
73ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leoncasino.gcdn.co/img/mascot-animated.0c5935de.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0e0595b209c0920455aa9e86e46910a98b96ae779437170f0afd6e4bee543be4

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
content-encoding: br
age: 4711350
x-cached-since: 2024-07-24T07:06:25+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 2834
last-modified: Thu, 18 Jul 2024 11:44:00 GMT
server: nginx
traceparent: 00-2b578ed59d1f058519f04e1b3ab73acc-ac6d76d6d759347e-01
etag: "66990000-b12"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 RoyalFruits5HoldnLink%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 79 KB
80 KB 109ms
109ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/RoyalFruits5HoldnLink%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fefa4164c727d5aa371bb460463b8cc96102621656aa2aeaaf6ec288fdeb4458

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Mon, 19 Jun 2023 14:08:34 GMT
server: nginx
traceparent: 00-56c8e19b9b68896b34652a12feeba167-92cef6e0e3c9aff5-01
age: 1154467
etag: "64906162-13d66"
x-cached-since: 2024-09-03T11:07:48+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 81254
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 MidasGoldenTouch@513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 42 KB
42 KB 106ms
103ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/MidasGoldenTouch@513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e06029b0d3c28a635bb048b485c3ef3134485fdaf21ae1ae551f1fb0d1aa67ee

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Wed, 19 May 2021 12:21:30 GMT
server: nginx
traceparent: 00-8e9ede52b2580d742e35d3cbaf229640-1a94e651f240193f-01
age: 47409
etag: "60a502ca-a73c"
x-cached-since: 2024-09-16T06:38:46+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 42812
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Outsourced%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 57 KB
58 KB 106ms
103ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/Outsourced%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f34e547dc28a8800b0416dfd5a78a1eb68f11c193c032acdbaa0646990586f58

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Tue, 06 Aug 2024 10:11:11 GMT
server: nginx
traceparent: 00-b8e054b39745b515070aa3639b6ecde8-ac7b06f3d74e5baa-01
age: 565239
etag: "66b1f6bf-e558"
x-cached-since: 2024-09-10T06:48:16+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 58712
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 secretsofalchemy@3x.jpg
cdnimages2.gcdn.co/SC/Leonbets/egs_image/ 69 KB
69 KB 82ms
82ms Image
image/jpeg 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs_image/secretsofalchemy@3x.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d5b94e3df4b3117cf13b467262ee1f1c68c7497fc600e70a2017cd66c1f8254d

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 104356
x-cached-since: 2024-09-15T14:49:39+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 70272
pragma: public
last-modified: Mon, 06 Apr 2020 19:23:59 GMT
server: nginx
traceparent: 00-c6aec74ffc8482b09d9fd9ae074a18ab-336898a6a9effc83-01
etag: "11280-5a2a43585d548"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Tue, 15 Oct 2024 14:49:38 GMT

GET
H2 200 CloverIslands%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 56 KB
56 KB 93ms
91ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/CloverIslands%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: cf5b5beaeca11f477aaa8726a1e8f1944c94fe42b95b1573801280cb71cabf1d

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Tue, 26 Mar 2024 13:31:42 GMT
server: nginx
traceparent: 00-0e85228239e65d3fe4cbb711d26e663a-144555103d3b954e-01
age: 298686
etag: "6602ce3e-dec0"
x-cached-since: 2024-09-13T08:50:49+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 57024
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3CoinTreasures%40513x767-2@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 42 KB
43 KB 92ms
90ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/3CoinTreasures%40513x767-2@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 717368ebb38cb4979e8e938a39593c8563b87b0a9d5d0fb4a1f436a3d7b90927

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Mon, 13 May 2024 09:49:51 GMT
server: nginx
traceparent: 00-45ad13abb3ee72c352060d2dbc498f47-bdc6adb7dfafda6a-01
age: 90626
etag: "6641e23f-a9ea"
x-cached-since: 2024-09-15T18:38:29+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 43498
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 blueheart@3x.jpg
cdnimages2.gcdn.co/SC/Leonbets/egs_image/ 46 KB
46 KB 147ms
145ms Image
image/jpeg 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs_image/blueheart@3x.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d9eeb7ba3e7bf1a27c1c08ce515b397d5e7e3a248b2a017e1320e0fe5f69440c

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc8
date: Mon, 16 Sep 2024 19:48:55 GMT
age: 353505
x-cached-since: 2024-09-12T17:37:10+00:00
x-id-fe: la2-hw-edge-canary-gc8
content-length: 46925
pragma: public
last-modified: Fri, 10 Apr 2020 18:54:15 GMT
server: nginx
traceparent: 00-5e33b28b1c0bca9f0d909f43bb47e8e8-b7cd3dddd3bb7c3e-01
etag: "b74d-5a2f4428b02fb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
cache: HIT
accept-ranges: bytes
expires: Sat, 12 Oct 2024 17:37:10 GMT

GET
H2 200 HellHot100-min@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 24 KB
25 KB 91ms
90ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/HellHot100-min@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e6aeeea628581a08ddd5eda862babc0910dbbac4647b1e0e7b41957061d77172

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Wed, 19 Apr 2023 14:15:16 GMT
server: nginx
traceparent: 00-078df11f68b30eb5ed36dff8c19c9942-8decb2796cec51e8-01
age: 510162
etag: "643ff774-61e2"
x-cached-since: 2024-09-10T22:06:13+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 25058
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 EvilDevil%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 53 KB
53 KB 92ms
91ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/EvilDevil%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 75ff476769446ac931b9dc5022f5ebd8a6db2b612c832401b16486f5a960bb42

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Thu, 05 Sep 2024 11:54:49 GMT
server: nginx
traceparent: 00-68c712faf7a8d5cfd67a7fd6ee4cd2b6-f42d35e6a29889d3-01
age: 633923
etag: "66d99c09-d2c2"
x-cached-since: 2024-09-09T11:43:32+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 53954
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 RichPiggiesBonusCombo%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 43 KB
44 KB 90ms
89ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/RichPiggiesBonusCombo%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 83c302850560a242fff7aa61ee72b4d2e45b487de9c6ae25d6fde38fce8aa571

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Thu, 07 Dec 2023 14:41:20 GMT
server: nginx
traceparent: 00-4a5ae04c6aedc1c6253027cb825e3947-73c2dbd4b6a2004f-01
age: 1236462
etag: "6571d990-add8"
x-cached-since: 2024-09-02T12:21:13+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 44504
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 LuckyTwins5X4TuneReels%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 52 KB
52 KB 90ms
89ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/LuckyTwins5X4TuneReels%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2f33f539fe3b782fd2f3d3d8b72d6acd02d9d782dd3e1b4ccda4ea62867b3abf

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Mon, 16 Sep 2024 10:28:17 GMT
server: nginx
traceparent: 00-fd4624f3739a496652233d9c94492cb3-8db4ceeca5bcbc69-01
age: 20811
etag: "66e80841-d098"
x-cached-since: 2024-09-16T14:02:04+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 53400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 WildHeat40%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 50 KB
51 KB 969ms
968ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/WildHeat40%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e976650c3f22bcc9097f8ffc1caeadad08b83288ec50f8e1713a13e8ce23149f

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Mon, 16 Sep 2024 10:20:40 GMT
server: nginx
traceparent: 00-7e08df48e38a08d0d2f04f82c263d575-bab06cf6de26558a-01
etag: "66e80678-c984"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 51588
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 WildWestTrueways%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 46 KB
46 KB 966ms
965ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/WildWestTrueways%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3ccf73fa3ebb885e02c6f83128d973360f161fbf758d765e3444c423ec1e3495

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Tue, 30 Jul 2024 10:22:56 GMT
server: nginx
traceparent: 00-02c1afd4b355238eb52599678c514a5b-a12522d699aaceca-01
etag: "66a8bf00-b8dc"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 47324
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 MardiGrasQueen%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 63 KB
64 KB 139ms
138ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/MardiGrasQueen%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ee15cde279d28ca3919cae92820eaa8cef68d9023de05805b93a04db39e58e32

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Fri, 13 Sep 2024 09:53:30 GMT
server: nginx
traceparent: 00-3c899090201884c4a03793de1f8a3f4a-3fe482fd0d85940f-01
age: 291920
etag: "66e40b9a-fdc0"
x-cached-since: 2024-09-13T10:43:35+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 64960
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Maxzilla%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 30 KB
30 KB 138ms
138ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/Maxzilla%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 34e61d8f8812296f5f046b75e73d9b14a6a83bac50836f52345b6c0cf51138f0

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:55 GMT
last-modified: Mon, 16 Sep 2024 10:22:44 GMT
server: nginx
traceparent: 00-d3dc0df055bdbc680ccf6a83b2eef638-160ae0d9c4f43ce5-01
age: 20811
etag: "66e806f4-7610"
x-cached-since: 2024-09-16T14:02:04+00:00
content-type: image/webp
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 30224
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 StickyCoinHoldTheSpin%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 44 KB
45 KB 1000ms
1000ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/StickyCoinHoldTheSpin%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: df5a58befa5a4171c238223e1df85a8c90b504fc952e419472cb71ba242f2501

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc7
date: Mon, 16 Sep 2024 19:48:56 GMT
last-modified: Thu, 18 Jul 2024 06:03:06 GMT
server: nginx
traceparent: 00-ff3e4f49ca16976ba21c44a57a9c3318-c358fa2f8477f145-01
etag: "6698b01a-b1e2"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: la2-hw-edge-canary-gc7
accept-ranges: bytes
content-length: 45538
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 api-1 Show response
1463.info/ 939 B
937 B 318ms
317ms Fetch
application/json 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b398361d5b6a8817cfbbb6b5ef241ca7ebd0993492353366e5e22c210fdda9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
x-app-version: 6.95.3
x-app-os: linux
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /registration
x-app-skin: leoncasino
x-app-rendering: csr

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2

200

pixel Show response
a.sportradarserving.com/ul_cb/
Redirect Chain

https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235

1 KB
2 KB

269ms
151ms

Script
text/javascript

35.211.233.246
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
Protocol: H2
Server: 35.211.233.246 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 246.233.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 2deba3ea457d595fdb3f820ce78042b3ec27f0fd3e854b40348bcc5a940f4362

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1528
content-type: text/javascript; charset=UTF-8

Redirect headers

location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 179ms
177ms Script
application/javascript 142.251.40.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-11843672&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8e7f565919f14fc775e059f527bcaffab97599dff6e5f7f6fefa49f2ba5af96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78967
x-xss-protection: 0
last-modified: Mon, 16 Sep 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Sep 2024 19:48:56 GMT

GET
H2

204

https://www.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je4990v871047016z8890860847za200zb890860847&_p=1726516134406&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=150718858.1726516136&ul...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=150718858.1726516136&dbk=3706141428339462767&dma=0&en=page_view&gtm=45je4990v871047016z8890860847za200zb890860847&npa=0...

0
0

184ms
184ms

Fetch
text/plain

2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=150718858.1726516136&dbk=3706141428339462767&dma=0&en=page_view&gtm=45je4990v871047016z8890860847za200zb890860847&npa=0&tid=G-JZZNGY93CC&dl=https%3A%2F%2F1463.info%3F
Protocol: H2
Server: 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=150718858.1726516136&dbk=3706141428339462767&dma=0&en=page_view&gtm=45je4990v871047016z8890860847za200zb890860847&npa=0&tid=G-JZZNGY93CC&dl=https%3A%2F%2F1463.info%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 473
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://www.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je4990v871047016z8890860847za200zb890860847&_p=1726516134406&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=150718858.1726516136&ul...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=150718858.1726516136&dbk=17924658267669985917&dma=0&en=customerRegistrationStart&gtm=45je4990v871047016z8890860847za200...

0
0

166ms
165ms

Fetch
text/plain

2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=150718858.1726516136&dbk=17924658267669985917&dma=0&en=customerRegistrationStart&gtm=45je4990v871047016z8890860847za200zb890860847&npa=0&tid=G-JZZNGY93CC&dl=https%3A%2F%2F1463.info%3F
Protocol: H2
Server: 2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=150718858.1726516136&dbk=17924658267669985917&dma=0&en=customerRegistrationStart&gtm=45je4990v871047016z8890860847za200zb890860847&npa=0&tid=G-JZZNGY93CC&dl=https%3A%2F%2F1463.info%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 490
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
ib.adnxs.com/pixie/ 9 B
308 B 143ms
142ms Fetch
application/xml 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.adnxs.com/pixie/up?pi=66898741-acbc-4c6d-8ae8-3d320a7a8cf7
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/up/pixie.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:56 GMT
server: nginx/1.23.4
access-control-max-age: 0
access-control-allow-methods: GET, OPTIONS
content-type: application/xml
access-control-allow-origin: https://1463.info
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.247; 162.245.206.247; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
access-control-allow-headers: Content-Type
content-length: 9

GET
H2 200 sp-3.8.0.js Show response
tracker.ads.sportradar.com/dist// 73 KB
24 KB 480ms
480ms Script
application/javascript 2600:141b:1c00:2e::17d1:48c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by: Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2e::17d1:48c7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:56 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 08:33:18 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "143272dddc33395008a84a86ac9c2e96"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
x-amz-cf-id: nPyjkvlDwH61KBCkD8mZbaYQp92GxmPyG3q16R_23F3_NsDO9Sh0hQ==
content-length: 24162

GET
H2

200

seg
secure.adnxs.com/ Frame 23BB
Redirect Chain

https://20828756p.rfihub.com/ca.html?ver=9&rb=43197&ca=20828756&_o=43197&_t=20828756&pe=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83...
https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_med...

0
0

414ms
140ms

Document
image/gif

68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&pf=

Requested by

Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.208 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 7bc07bbf-d85a-4aae-803a-a03483a74e1e
cache-control: no-store, no-cache, private
content-length: 43
content-type: image/gif
date: Mon, 16 Sep 2024 19:48:57 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 162.245.206.247; 162.245.206.247; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

Redirect headers

Content-Length: 0
Date: Mon, 16 Sep 2024 19:48:56 GMT
Location: https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&pf=
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK cssession Show response
dsp-trk.eskimi.com/tracking/ 2 B
448 B 699ms
229ms XHR
text/plain 188.42.63.49
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-trk.eskimi.com/tracking/cssession?tst&id=28935&url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&t=1726516136172
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.42.63.49 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://1463.info
Date: Mon, 16 Sep 2024 19:48:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK gtr Show response
dsp-ap.eskimi.com/v2/ 116 B
1002 B 685ms
225ms XHR
application/json 188.42.63.48
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-ap.eskimi.com/v2/gtr?id=28935&aid=564894&url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&t=1726516136173
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.42.63.48 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 3af923975e265732b01d1fa478ece243e9e17c52b6a2f01272c12fdd41d48902

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 16 Sep 2024 19:48:56 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://1463.info
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 rules-p-C_a3_CVaT9dWt.js Show response
rules.quantcount.com/ 222 B
705 B 431ms
136ms Script
application/javascript 2600:9000:21dd:8200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-C_a3_CVaT9dWt.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:8200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a789b44412d2879eaf23bdec3da4f565594749435f436640a8f9bb35477fd10

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:29:25 GMT
via: 1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 1267
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 222
last-modified: Wed, 02 Aug 2023 13:00:19 GMT
server: AmazonS3
etag: "834f5ada9a90a08951234afdc6ad228e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 6LnzApoLY0TsyNaH64lg4R4OzIrfzrEfnt6B_yGDyln3X16SEIvdgQ==

GET
H/1.1 200
OK pixel
pixel-us.r2drtb.com/ 0
301 B 142ms
141ms Image
text/plain 88.214.195.101
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us.r2drtb.com/pixel?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined&site=1463.info&ln=en-US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.101 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2024 19:48:56 GMT
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 10 KB
10 KB 138ms
138ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 20:46:32 GMT
x-content-type-options: nosniff
age: 342144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9780
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 20:46:32 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 136ms
136ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 20:46:33 GMT
x-content-type-options: nosniff
age: 342143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 20:46:33 GMT

GET
H2 200 ac786b28-283a-4d76-a40b-23e03f94ae14.json Show response
ps.l.liftdsp.com/ 50 B
519 B 457ms
136ms XHR
application/json 2600:9000:24f0:6c00:5:e0f4:e840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.l.liftdsp.com/ac786b28-283a-4d76-a40b-23e03f94ae14.json
Requested by: Host: pj.l.liftdsp.com
URL: https://pj.l.liftdsp.com/admtracker.lib.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:6c00:5:e0f4:e840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88c38dd5fd1531be2d044c85bfd00517c41ce29b03c514d620d80a80241a1f11

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:38:17 GMT
via: 1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 673
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 50
last-modified: Wed, 07 Aug 2024 15:08:37 GMT
server: AmazonS3
etag: "e96cd5af6f065e5048b3ddd2913dac50"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=900
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: QJhsVU6HvmtK3DM6e-EPisCI3D5NELf0tjVcowYtflQTgSzcCu128g==

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 940 B
1 KB 871ms
230ms Script
text/javascript 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=3024289&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=418384832093&ADFtpmode=2&loc=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a9b47bb93470efd715a4d1dc5443472476349c33db63adb55aa98d6e6506bdb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 565
expires: -1

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=595977977682&ADFtpmode=2&loc=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sM...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=595977977682&ADFtpmode=2&loc=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c2...

842 B
1 KB

139ms
138ms

Script
text/javascript

185.167.164.42
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=595977977682&ADFtpmode=2&loc=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8a8db738f4f67bb914194a8dfca987ef396a2dfd386881504c1b0c3753925952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 691
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=595977977682&ADFtpmode=2&loc=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=848c05f3-c5c5-4f7d-b169-3a126ce99fd4
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

68 B
323 B

935ms
129ms

Image
image/png

3.81.174.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Protocol

Server

3.81.174.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-81-174-250.compute-1.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=47b5ed0e-6354-457b-a919-106b0f59ae52
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

68 B
323 B

542ms
130ms

Image
image/png

3.81.174.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Protocol

Server

3.81.174.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-81-174-250.compute-1.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=de50eb37-1164-4681-beb1-f997634f66e5
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

68 B
324 B

411ms
131ms

Image
image/png

3.81.174.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Protocol

Server

3.81.174.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-81-174-250.compute-1.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncd
x.bidswitch.net/ 43 B
183 B 481ms
145ms Image
image/gif 35.211.202.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/syncd?dsp_id=409&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&user_group=3&redir=%2F%2Fuse.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 130.202.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 pixie
ib.adnxs.com/ 42 B
227 B 145ms
144ms Image
image/gif 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=66898741-acbc-4c6d-8ae8-3d320a7a8cf7&it=1726516136147&v=0.0.38&u=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&st=1726516136147&et=1726516136312&if=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.23.4
x-proxy-origin: 162.245.206.247; 162.245.206.247; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 42
content-type: image/gif

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=57388de4-0414-4dd7-8769-c136d358867a
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

68 B
323 B

806ms
130ms

Image
image/png

3.81.174.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Protocol

Server

3.81.174.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-81-174-250.compute-1.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=4ff701c8-8b95-4cf5-a342-852cc93f70d0
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

68 B
323 B

675ms
130ms

Image
image/png

3.81.174.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Protocol

Server

3.81.174.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-81-174-250.compute-1.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&cb=1cdf6945-2c4f-436c-bbf2-61cc42e21daf
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

68 B
323 B

1048ms
133ms

Image
image/png

3.81.174.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Protocol

Server

3.81.174.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-81-174-250.compute-1.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=5d97dcbe-6448-4f62-901a-1bfef9722cb2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 seg Show response
secure.adnxs.com/ 0
1 KB 202ms
201ms Script
application/javascript 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=37094584&t=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
an-x-request-uuid: 0a02073d-c8c6-4c67-a801-e643113bb286
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.247; 162.245.206.247; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK pixel
pixel-us.r2drtb.com/ 0
301 B 140ms
139ms Image
text/plain 88.214.195.101
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us.r2drtb.com/pixel?auth=d796s9&event=regstarted&uid=undefined&tid=undefined&amount=undefined&site=1463.info&ln=en-US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.101 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Sep 2024 19:48:56 GMT
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CPnJp-idyIgDFYUk0AQdNqk9qg;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
11843672.fls.doubleclick.net/ Frame 3396
Redirect Chain

https://11843672.fls.doubleclick.net/activityi;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
https://11843672.fls.doubleclick.net/activityi;dc_pre=CPnJp-idyIgDFYUk0AQdNqk9qg;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=...

0
0

166ms
165ms

Document
text/html

142.250.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11843672.fls.doubleclick.net/activityi;dc_pre=CPnJp-idyIgDFYUk0AQdNqk9qg;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9190706784za200zb871047016;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11843672&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 432
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Sep 2024 19:48:57 GMT
expires: Mon, 16 Sep 2024 19:48:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Sep 2024 19:48:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11843672.fls.doubleclick.net/activityi;dc_pre=CPnJp-idyIgDFYUk0AQdNqk9qg;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9190706784za200zb871047016;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gt...
td.doubleclick.net/td/fls/rul/ Frame C22F 0
0 458ms
169ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9190706784za200zb871047016;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11843672&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Sep 2024 19:48:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=no...
ad.doubleclick.net/ 0
23 B 426ms
167ms Image
image/png 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=11843672;type=safev0;cat=safeg000;ord=2720704426880;npa=0;auiddc=1332668617.1726516136;ps=1;pcor=2043814190;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9190706784za200zb871047016;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:57 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"1993893530131069876"}],"aggregatable_trigger_data":[{"filters":[{"14":["12519804"]}],"key_piece":"0xece70df204730595","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x68275a3cb67e84a9","not_filters":{"14":["12519804"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"7839876965879856330","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"1993893530131069876","filters":[{"14":["12519804"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"1993893530131069876","filters":[{"14":["12519804"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"1993893530131069876","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"1993893530131069876","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11843672"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=172baf93-1894-4d01-b65f-2533d691e7d4&cb=2e0cc210-d817-4062-b7b7-085dd3d1ae04
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

68 B
323 B

372ms
131ms

Image
image/png

3.81.174.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Protocol

Server

3.81.174.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-81-174-250.compute-1.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=172baf93-1894-4d01-b65f-2533d691e7d4&cb=fd85a00f-2159-4c61-8652-39ae67a97fa9
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

68 B
323 B

528ms
130ms

Image
image/png

3.81.174.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Protocol

Server

3.81.174.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-81-174-250.compute-1.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=172baf93-1894-4d01-b65f-2533d691e7d4&cb=b45e3bc2-d3c2-4c3b-93ce-ecc3c59b4426
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

68 B
323 B

396ms
131ms

Image
image/png

3.81.174.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Protocol

Server

3.81.174.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-81-174-250.compute-1.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=172baf93-1894-4d01-b65f-2533d691e7d4&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncd
x.bidswitch.net/ 43 B
92 B 245ms
245ms Image
image/gif 35.211.202.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/syncd?dsp_id=409&user_id=172baf93-1894-4d01-b65f-2533d691e7d4&user_group=3&redir=%2F%2Fuse.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 130.202.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:56 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2

200

pixel;r=1332854515;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09f...
pixel-ssn.quantserve.com/
Redirect Chain

https://pixel.quantserve.com/pixel;r=1332854515;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3D...
https://pixel-ssn.quantserve.com/pixel;r=1332854515;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionI...

35 B
356 B

451ms
132ms

Image
image/gif

192.184.68.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel-ssn.quantserve.com/pixel;r=1332854515;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia;uht=2;fpan=1;fpa=P0-689353410-1726516136177;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=1463.info;dst=0;et=1726516136611;tzo=600;ogl=image.https%3A%2F%2Fleonbets3%252Egcdn%252Eco%2FHRJLWPLB%2Fimages%2Fog%2Fleon%252Epng;ses=6965ba18-3e28-4ac0-8826-318a595fb5f6;mdl=;dip=f7c37bb6-d6c0-4686-af50-38f2450cb347

Protocol

Server

192.184.68.228 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:57 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["YSA7yGTOzwNEmvjBdNjlSQ=="],"pcode":["p-C_a3_CVaT9dWt"]}],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["YSA7yGTOzwNEmvjBdNjlSQ=="],"pcode":["p-C_a3_CVaT9dWt"]}],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://pixel-ssn.quantserve.com/pixel;r=1332854515;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia;uht=2;fpan=1;fpa=P0-689353410-1726516136177;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=1463.info;dst=0;et=1726516136611;tzo=600;ogl=image.https%3A%2F%2Fleonbets3%252Egcdn%252Eco%2FHRJLWPLB%2Fimages%2Fog%2Fleon%252Epng;ses=6965ba18-3e28-4ac0-8826-318a595fb5f6;mdl=;dip=f7c37bb6-d6c0-4686-af50-38f2450cb347
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel Show response
pool.admedo.com/ul_cb/
Redirect Chain

https://pool.admedo.com/pixel?id=154038&t=js
https://pool.admedo.com/ul_cb/pixel?id=154038&t=js

0
216 B

229ms
228ms

Script
text/javascript

35.206.140.87
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pool.admedo.com/ul_cb/pixel?id=154038&t=js
Protocol: H2
Server: 35.206.140.87 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS: 87.140.206.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:57 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/javascript; charset=UTF-8

Redirect headers

location: https://pool.admedo.com/ul_cb/pixel?id=154038&t=js
date: Mon, 16 Sep 2024 19:48:57 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 seg Show response
secure.adnxs.com/ 0
1 KB 150ms
149ms Script
application/javascript 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=37094581&t=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:56 GMT
an-x-request-uuid: 8db00ee3-6558-406f-a7e9-ef1b9d465db2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.247; 162.245.206.247; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixels
c1.adform.net/imatch/ Frame 5D74 0
0 431ms
137ms Document
text/html 185.167.164.52
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?bt=0&uid=8758425274906730177&agencyId=9040&advertiserId=2176059&src=tp&rnd=466007

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=595977977682&ADFtpmode=2&loc=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.52 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1463.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 16 Sep 2024 19:48:57 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
458 B 513ms
139ms Image
image/gif 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=8758425274906730177&stamp=Vlv1XY3GE4gDvP-67D9Y4w2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 723 B
1 KB 229ms
229ms Script
text/javascript 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3024289&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=418384832093&ADFtpmode=2&loc=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=5178518338494975787

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cd9aaab337d980bf17709198b414f6a3c3ed46cfc5ca12bd359e09fabdcbacd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 610
expires: -1

GET
H2 200 async-vendor-firebase.d.m.cfba4601.js Show response
leoncasino.gcdn.co/js/ 44 KB
12 KB 75ms
74ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/async-vendor-firebase.d.m.cfba4601.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 423454068c2e5bb08f9053a5ff1d890d05953fd918a12e2a445b9c9886575345

Request headers

Referer: https://1463.info/
Origin: https://1463.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-id: la2-hw-edge-canary-gc10
date: Mon, 16 Sep 2024 19:48:57 GMT
content-encoding: br
age: 184976
x-cached-since: 2024-09-14T16:26:01+00:00
x-id-fe: la2-hw-edge-canary-gc10
content-length: 12361
last-modified: Tue, 10 Sep 2024 12:28:38 GMT
server: nginx
traceparent: 00-34561efed1e583d2965a1aa7fe2a2f0b-3bf686527e50f11f-01
etag: "66e03b76-3049"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 api-1 Show response
1463.info/ 195 B
494 B 323ms
320ms Fetch
application/json 194.182.174.60
EXOSCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://1463.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.5b3b8c041693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.174.60 Vienna, Austria, ASN61098 (EXOSCALE, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

aaeec80281237b16d0e453e78f373eee2b47dc6fc634c4d0b59f835d75c48ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
x-app-version: 6.95.3
x-app-os: linux
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /registration
x-app-skin: leoncasino
x-app-rendering: csr

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 cnjqphyx Show response
widget.intercom.io/widget/ 7 KB
3 KB 457ms
175ms Script
application/javascript 13.226.34.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/cnjqphyx
Requested by: Host: 1463.info
URL: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-20.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28a21034c86df271b6995749fd19760af8bbd615356cd6ec78e94ea4a566d4f0

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: o6voM0voZD9t7KFa7rfhfQyFN3JmFnmj
content-encoding: gzip
via: 1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
date: Mon, 16 Sep 2024 19:44:57 GMT
x-amz-cf-pop: EWR53-C2
age: 267
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2666
last-modified: Mon, 16 Sep 2024 15:19:30 GMT
server: AmazonS3
etag: "cbf4a61ee193ab7e021ed501eb474982"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: sQiEMqZ40ycOIYGrDE3WH_TjcBvuIEBNMPFcJ2EsKpITEApVJrNQDw==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 1046ms
526ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-analytics.d.m.d9f1ff02.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6071fb99e587aa37f08c8f14a5718a3bda75cae32fd1d4ccd0718733a362ab64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:48:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 12 Sep 2024 15:07:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66e303a5-115c6"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71110
expires: Mon, 16 Sep 2024 20:48:59 GMT

GET
H2 200 frame-modern.e1c621b6.js Show response
js.intercomcdn.com/ Frame CF87 461 KB
139 KB 770ms
482ms Script
application/javascript 108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.e1c621b6.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/cnjqphyx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-108.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

35fbf7cdff6f786b21526e5f5ed414d1b89da296b41c4327bfc11860d77e9147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:19:32 GMT
content-encoding: gzip
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
x-amz-version-id: _PiLRl2bXSEsnK9_kajjFuWFURnEUA7L
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P1
age: 1767
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 141968
last-modified: Mon, 16 Sep 2024 15:16:56 GMT
server: AmazonS3
etag: "e66cf0e9ed54b995d7b2d9f368bbf76b"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: ikOuqgq3PYeq0b1yOnVWnKmqL7ADq2641pRjIQB5VMpUhzCp-Q8Jhw==

GET
H2 200 vendor-modern.8b97a971.js Show response
js.intercomcdn.com/ Frame CF87 455 KB
145 KB 446ms
159ms Script
application/javascript 108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.8b97a971.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/cnjqphyx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-108.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 18:52:34 GMT
content-encoding: gzip
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
x-amz-version-id: s.aN4Zh9NZ0fDMayDVozZyZtS3QW4LDb
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P1
age: 3385
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 147289
last-modified: Mon, 16 Sep 2024 15:16:56 GMT
server: AmazonS3
etag: "2406ae0ce4db8aa51ed52dde4792a464"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: jtEw-h1UsV0vqarTN9yhrpwrcZ1uivUTDgdBeXmtRMHdn0GR6g_5kw==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame CF87 7 KB
3 KB 837ms
509ms XHR
application/json 34.227.128.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.e1c621b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.227.128.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-227-128-226.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c71eabddf16d6dec27a563a4e3f4f9b17aab484c4661d5ab3d59587a71f63798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 16 Sep 2024 19:49:00 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0a84313acadc7d6c7
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0004ueefr94448lgm0f0
x-runtime: 0.373573
server: nginx
etag: W/"c71eabddf16d6dec27a563a4e3f4f9b1"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1463.info
x-intercom-version: 18f988358bd376cbc1b00991b93a527cbc339377
access-control-expose-headers: x-request-id
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10494.PhMvYLvY5bWThvWkRwHO4Ex3vpFfCKLJDcQretuV9CbsBFPIUKXowQzdRd6B1jnN.sIVnpP_8ppZ4H0Ig5tby1YZNXhQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10494.mqyEVlPUVayOKAXV_Aw3o6hI-wz62Qo-R4xifsUdOe69oRhEBMUHLQvHCGzJNvA6Z5-gqqueAP0z4iv8mjEakd3n4C7bj3P7M2_dpQnfSRT-BHcjWGYO04QM_eZhzFDKm0bQmJLx59...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10494.oGU8xByjhdFlMVo7-T0h_4uH4hvaXIZMgtOkT-suqsyLi_kCfFKzcNcO3qxJUyX9i-Z7Sj-kdmkLv90VO2RiicHfxS9QzECOFeBC5HJ7K3xJb...

43 B
701 B

276ms
276ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10494.oGU8xByjhdFlMVo7-T0h_4uH4hvaXIZMgtOkT-suqsyLi_kCfFKzcNcO3qxJUyX9i-Z7Sj-kdmkLv90VO2RiicHfxS9QzECOFeBC5HJ7K3xJbfk8YJnZw9jI4hkT9QpL2vZUHmHi4E9INIDApv0otKMqIW4WBb5JHRColHBpuKsjed190r_doByJnhjwLfMPihxG2gVgEQ_FYVWKk0lZyA%2C%2C.AahliEN2L9LZIKNrrFZzbebvEXo%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:49:00 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10494.oGU8xByjhdFlMVo7-T0h_4uH4hvaXIZMgtOkT-suqsyLi_kCfFKzcNcO3qxJUyX9i-Z7Sj-kdmkLv90VO2RiicHfxS9QzECOFeBC5HJ7K3xJbfk8YJnZw9jI4hkT9QpL2vZUHmHi4E9INIDApv0otKMqIW4WBb5JHRColHBpuKsjed190r_doByJnhjwLfMPihxG2gVgEQ_FYVWKk0lZyA%2C%2C.AahliEN2L9LZIKNrrFZzbebvEXo%2C
strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 19:49:00 GMT
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
621 B 270ms
270ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 19:49:00 GMT
last-modified: Thu, 12 Sep 2024 15:07:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66e303a5-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 16 Sep 2024 20:49:00 GMT

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 8C87 0
0 751ms
251ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1463.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Mon, 16 Sep 2024 19:49:00 GMT
etag: "66e303a5-416"
expires: Mon, 16 Sep 2024 20:49:00 GMT
last-modified: Thu, 12 Sep 2024 15:07:17 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2 200 vendors~locale-ru-json-modern.26fe4f33.js Show response
js.intercomcdn.com/ Frame CF87 43 KB
11 KB 142ms
141ms Script
application/javascript 108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~locale-ru-json-modern.26fe4f33.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.e1c621b6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-108.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d0708b95476ef7b9ae665859f283b339a84385d561a6b3eb4e5dfd8d22bb7a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:05:38 GMT
content-encoding: gzip
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
x-amz-version-id: mgI.TziwdW0C04sPgA8fKlpOsvZI5ApE
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: JFK50-P1
age: 2603
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10505
last-modified: Mon, 16 Sep 2024 15:16:58 GMT
server: AmazonS3
etag: "56e5f1c1e21a0eabaebd6ee464cbc0c0"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: vU3MxMvAWNkSNFFhODaPa9DQ9FWih5eq5ecsXUH4srkJgaAh1BduxA==

GET
H2 200 114dcf446f058a01bd3dd81e24e7b02d.png
downloads.intercomcdn.com/i/o/428145/9a41bc05dc8028cfff193a94/ 555 B
1 KB 430ms
210ms Image
image/png 15.197.143.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downloads.intercomcdn.com/i/o/428145/9a41bc05dc8028cfff193a94/114dcf446f058a01bd3dd81e24e7b02d.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.143.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a69d63ecdf0f33068.awsglobalaccelerator.com

Software

nginx /

Resource Hash

076dea4023ede2ff9d9844dd837c09632552efd0b5bf00dd2be6e75cf71d5898

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css static.intercomassets.com
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 19:49:00 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0a84313acadc7d6c7
content-security-policy: default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css static.intercomassets.com
status: 200 OK
content-transfer-encoding: binary
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="114dcf446f058a01bd3dd81e24e7b02d.png"; filename*=UTF-8''114dcf446f058a01bd3dd81e24e7b02d.png
x-xss-protection: 1; mode=block
x-request-id: 00494pn1pukt2d8unbm0
x-runtime: 0.068526
last-modified: Thu, 20 Jul 2023 12:13:33 GMT
server: nginx
x-request-queueing: 0
vary: Accept-Encoding
x-frame-options: deny
content-type: image/png
x-intercom-version: 18f988358bd376cbc1b00991b93a527cbc339377
cache-control: max-age=86400, private

GET

1
mc.yandex.com/watch/71598811/
Redirect Chain

https://mc.yandex.com/watch/71598811?wmode=7&page-url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medi...
https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_me...

0
0

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 99ms
99ms Fetch
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je4990v871047016za200zb890860847&_p=1726516134406&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=150718858.1726516136&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1726516136&sct=1&seg=0&dl=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9B%D0%B5%D0%BE%D0%BD&en=scroll&epn.percent_scrolled=90&_et=89&tfd=10786
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Sep 2024 19:49:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1463.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 71598811 Show response
mc.yandex.com/watch/ 576 B
610 B 263ms
263ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71598811?wmode=7&page-url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1450%3Acn%3A1%3Adp%3A0%3Als%3A1666827470902%3Ahid%3A759236923%3Az%3A-600%3Ai%3A20240916094859%3Aet%3A1726516140%3Ac%3A1%3Arn%3A548212448%3Arqn%3A1%3Au%3A1726516140398068516%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2130%3Awv%3A2%3Ads%3A14%2C456%2C453%2C2%2C1132%2C0%2C%2C59%2C1%2C3356%2C3356%2C0%2C2559%3Aco%3A0%3Acpf%3A1%3Ans%3A1726516130358%3Agi%3AR0ExLjEuMTUwNzE4ODU4LjE3MjY1MTYxMzY%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1726516141%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9B%D0%B5%D0%BE%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

938ef2ac3ddae26a0eaf5d8c5392ddc106e7190894dd27dbae1a4322a7f5a0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 19:49:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 16-Sep-2024 19:49:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1463.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 576
x-xss-protection: 1; mode=block
expires: Mon, 16-Sep-2024 19:49:01 GMT

POST
H2 200 1
mc.yandex.com/watch/71598811/ 43 B
86 B 263ms
262ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71598811/1?page-url=goal%3A%2F%2F1463.info%2FzInit&page-ref=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&charset=utf-8&uah=chm%0A%3F0&hittoken=1726516141_2f011858deb58ca16d13d445b70f41b0488c69b7f9b81cb09d074e9791077750&browser-info=ar%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1450%3Acn%3A1%3Adp%3A1%3Als%3A1666827470902%3Ahid%3A759236923%3Az%3A-600%3Ai%3A20240916094901%3Aet%3A1726516142%3Ac%3A1%3Arn%3A766461513%3Arqn%3A2%3Au%3A1726516140398068516%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1726516130358%3Agi%3AR0ExLjEuMTUwNzE4ODU4LjE3MjY1MTYxMzY%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1726516142%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9B%D0%B5%D0%BE%D0%BD&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(2)lt(106500)aw(1)rcm(1)cdl(na)eco(21037572)ti(0)&force-urlencoded=1&site-info=%7B%22type%22%3A%7B%22web%22%3A%22desktop%22%7D%2C%22webVersion%22%3A%226.95.3%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1463.info/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 16 Sep 2024 19:49:01 GMT
last-modified: Mon, 16-Sep-2024 19:49:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://1463.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 16-Sep-2024 19:49:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2F1463.info%2Fregistration%3Fqtag%3Da29654_t33047_c242_sMisterDaxxx%26retentionId%3Ddcfb2915-2a83-4043-989e-2f09fe13244c%26utm_medium%3DMisterDaxxx%26utm_source%3Drussia&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1450%3Acn%3A1%3Adp%3A0%3Als%3A1666827470902%3Ahid%3A759236923%3Az%3A-600%3Ai%3A20240916094859%3Aet%3A1726516140%3Ac%3A1%3Arn%3A548212448%3Arqn%3A1%3Au%3A1726516140398068516%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2130%3Awv%3A2%3Ads%3A14%2C456%2C453%2C2%2C1132%2C0%2C%2C59%2C1%2C3356%2C3356%2C0%2C2559%3Aco%3A0%3Acpf%3A1%3Ans%3A1726516130358%3Agi%3AR0ExLjEuMTUwNzE4ODU4LjE3MjY1MTYxMzY%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1726516141%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9B%D0%B5%D0%BE%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

125 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-21 03:54:28	Name: _bit Value: o8gjMO-d27f5375901266c3d1-00u
1463.info/	1970-01-21 09:11:16	Name: eua Value: syFTG5xheOkWSiUoL5sV8yfzua4rFB/aCuCGysLEWnDLhyvzlFPnRjTN5vn/cobNDizvsMP6hf+Id8v0fILTdUdnk8we6OLSmoxFdgBNF3a+/PKrNYH0UPxvWL+7d5UFQOFMpVIsVAyZN+Xd3UOW0FkoriRqPc4y1hHiU/FZPRIuW3W9SyX3cf9SBrcML4G/E/niFLwkxEVbk/ldMr+o3somhROVTKYzZ2Mv+q9nDOBmovLILgwRCrvgyFGXrzJz/P3b1A==
1463.info/	1970-01-21 09:11:16	Name: ABTestSeed Value: 49
1463.info/	1970-01-21 00:18:28	Name: qtag Value: a29654_t33047_c242_sMisterDaxxx
1463.info/	1970-01-21 00:18:28	Name: qtag_rfrr Value: a29654_t33047_c242_sMisterDaxxx-null
1463.info/	1970-01-21 08:20:52	Name: ipfrom Value: 162.245.206.247
1463.info/	1970-01-20 23:39:35	Name: utm_source Value: russia
1463.info/	1970-01-20 23:39:35	Name: utm_medium Value: MisterDaxxx
1463.info/	1970-01-20 23:39:35	Name: retentionId Value: dcfb2915-2a83-4043-989e-2f09fe13244c
1463.info/	1970-01-21 09:11:16	Name: x-app-language Value: ru_RU
1463.info/	1970-01-21 09:11:16	Name: firstTheme Value: DARK
.1463.info/	1970-01-21 09:11:16	Name: _ga Value: GA1.1.150718858.1726516136
.adnxs.com/	1970-01-21 01:44:52	Name: XANDR_PANID Value: MtSwq5OAJH74S5gk7z48gMiq05IXcYg_hhGpKCzmzlLSuU5YCfVNxWajovfTp86AWBnwDMX7mtNm9jOH1pxVDthNwsBgFljIWo9QzN_YrHs.
.adnxs.com/	1970-01-21 09:11:16	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 01:44:52	Name: uuid2 Value: 2569711918007247009
.1463.info/	1970-01-21 09:11:16	Name: _ga_JZZNGY93CC Value: GS1.1.1726516136.1.0.1726516136.0.0.0
.sportradarserving.com/	1970-01-21 08:19:25	Name: c Value: 1726516136
.sportradarserving.com/	1970-01-21 08:19:25	Name: zuuid_lu Value: 1726516136
.sportradarserving.com/	1970-01-21 08:19:25	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 08:19:25	Name: zuuid_k_lu Value: 1726516136
.sportradarserving.com/	1970-01-21 08:19:25	Name: cm4 Value: !bidswitch=495845336
.sportradarserving.com/	1970-01-21 08:19:25	Name: bss Value: !bidswitch=495773336
.sportradarserving.com/	1970-01-21 08:19:25	Name: zuuid Value: 172baf93-1894-4d01-b65f-2533d691e7d4
.1463.info/	1970-01-21 01:44:52	Name: _gcl_au Value: 1.1.1332668617.1726516136
.1463.info/	1970-01-20 23:35:17	Name: _sp_srt_ses.8066 Value: *
.1463.info/	1970-01-21 09:11:16	Name: _sp_srt_id.8066 Value: de8f1d80-48ab-4890-a9dd-bd68abe2ff7a.1726516137.1.1726516137..7beea42f-157a-4711-9c18-dc73f87cdacc....0
.rfihub.com/	1970-01-21 08:56:52	Name: rud Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2NjOxNDQyMjayMBTiM9Q1yQzz8AvIDygpDEkEANnTHrElAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjS3MDY3Nzc2NjOxNDQyMjayMBTiM9Q1yQzz8AvIDygpDEkEANnTHrElAAAA
.adform.net/	1970-01-21 00:18:28	Name: C Value: 1
.eskimi.com/	1970-01-21 00:18:28	Name: __eConsent Value: 1
.eskimi.com/	1970-01-21 00:18:28	Name: __eDId Value: b414b497-149e-4251-b690-955a18a44184
.eskimi.com/	1970-01-20 23:55:25	Name: __eP Value: 1
leoncas.com/	1970-01-20 23:36:42	Name: Control Value: OK
.adform.net/	1970-01-21 01:01:40	Name: uid Value: 8758425274906730177
.adform.net/	1970-01-20 23:36:42	Name: CM Value: 1\|1
.quantserve.com/	1970-01-21 09:05:30	Name: mc Value: 66e88ba8-cd578-84a47-b96d9
.adnxs.com/	1970-01-21 01:44:52	Name: anj Value: dTM7k!M4/8D>6NRF']wIg2E>1m5zsH!fsuh(w9x*PlZ[C[-kX-i)J0v
.doubleclick.net/	1970-01-21 00:18:28	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 09:11:16	Name: IDE Value: AHWqTUlpYtMRGu69hLY138qhLxlOV6JQUTkZEoCtfN7RISZ-rjpOpb1fSEqxVaK0Y40
.doubleclick.net/	1970-01-21 03:54:28	Name: receive-cookie-deprecation Value: 1
1463.info/	1970-01-21 00:18:28	Name: adformfrpid Value: 5178518338494975787
.1463.info/	1970-01-21 08:59:44	Name: __qca Value: P0-689353410-1726516136177
.adform.net/	1970-01-20 23:55:25	Name: CM14 Value: 1726602537_1726516137_1726516137_1_Hu7u4e4e4R7u4e4REREeEREREAAA4Q
.seadform.net/	1970-01-21 01:01:43	Name: uid Value: 8758425274906730177
pool.admedo.com/	1970-01-21 08:20:52	Name: tuuid Value: b442618e-1553-4dbe-91e2-6884077a93e7
pool.admedo.com/	1970-01-21 08:20:52	Name: c Value: 1726516137
pool.admedo.com/	1970-01-21 08:20:52	Name: tuuid_lu Value: 1726516137
.casalemedia.com/	1970-01-21 08:20:52	Name: CMID Value: ZuiLqcAoIyMAAApWAIuc2wAA
.casalemedia.com/	1970-01-21 01:44:52	Name: CMPS Value: 2263
.casalemedia.com/	1970-01-21 01:44:52	Name: CMPRO Value: 2263
.360yield.com/	1970-01-21 01:44:52	Name: tuuid Value: e0852fcd-572f-4965-ae64-c8bc970a99ad
.360yield.com/	1970-01-21 01:44:52	Name: tuuid_lu Value: 1726516137
.bidswitch.net/	1970-01-21 08:20:52	Name: tuuid Value: 37a8a9e7-041b-438d-9923-23b8636415a1
.bidswitch.net/	1970-01-21 08:20:52	Name: c Value: 1726516137
.bidswitch.net/	1970-01-21 08:20:52	Name: tuuid_lu Value: 1726516137
.sharethrough.com/	1970-01-21 00:18:28	Name: stx_user_id Value: efca787a-8882-4fa6-b9de-f70e04a0b55a
.smartadserver.com/	1970-01-21 09:04:04	Name: pid Value: 8875546473254593705
.smartadserver.com/	1970-01-21 09:04:04	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 08:20:52	Name: csync Value: 22:8758425274906730177
.eyeota.net/	1970-01-21 08:20:52	Name: mako_uid Value: 191fc618f7d-440000010a5621
.eyeota.net/	1970-01-20 23:35:16	Name: SERVERID Value: 22049~DM
.semasio.net/	1970-01-21 08:20:52	Name: SEUNCY Value: 33C7C0FDDDA3B606
.rubiconproject.com/	1970-01-21 08:20:52	Name: audit_p Value: 1\|Sq/VGQ2rIFWuP6O+vl02HJLhJ03NwE3KcB13WUtSMpAJD8deNwibMNUnRjLqx6pjYX023Zb/ciZBK03vAHceEG4bn2cxl7tJD8DUSxSmwILZlM3DQazyEjDIx/iSNxisX5rIA/EljOjyU9QaoXNThNzpQ7vzkXQ/
.rubiconproject.com/	1970-01-21 08:20:52	Name: khaos Value: M15F4PZC-1I-52L1
.rubiconproject.com/	1970-01-21 08:20:52	Name: khaos_p Value: M15F4PZC-1I-52L1
.rubiconproject.com/	1970-01-21 08:20:52	Name: audit Value: 1\|Sq/VGQ2rIFWuP6O+vl02HJLhJ03NwE3KcB13WUtSMpAJD8deNwibMNUnRjLqx6pjYX023Zb/ciZBK03vAHceEG4bn2cxl7tJD8DUSxSmwILZlM3DQazyEjDIx/iSNxisX5rIA/EljOjyU9QaoXNThNzpQ7vzkXQ/
.360yield.com/	1970-01-21 01:44:52	Name: um Value: !42,Ksni9fYNwy1OotxvqSXgctJSP5nbJeDHQahtbStxLq7I,1727725737
.360yield.com/	1970-01-21 01:44:52	Name: umeh Value: !42,0,1788724137,-1
.rlcdn.com/	1970-01-21 08:20:52	Name: rlas3 Value: DOX0qv/1b+5I6PqxV15d5mMS9Th9DZa+LegqSL3w51g=
.rlcdn.com/	1970-01-21 01:01:40	Name: pxrc Value: CKqXorcGEgUI6AcQABIFCOhHEAA=
.exelator.com/	1970-01-21 02:28:04	Name: EE Value: "55019d4a98fe715038c201c0b2ba3f76"
.pubmatic.com/	1970-01-21 00:18:28	Name: KRTBCOOKIE_391 Value: 22924-8758425274906730177&KRTB&23263-8758425274906730177&KRTB&23481-8758425274906730177
.pubmatic.com/	1970-01-21 00:18:28	Name: PugT Value: 1726516137
.crwdcntrl.net/	1970-01-21 06:04:01	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 06:04:01	Name: _cc_id Value: 38849753a7058675cee2822f64e63055
.bluekai.com/	1970-01-21 03:55:54	Name: bku Value: /Ux99v3nbsqpYn12
.pippio.com/	1970-01-21 08:20:52	Name: did Value: VS3NyeWnc4OdlgRM
.pippio.com/	1970-01-21 08:20:52	Name: didts Value: 1726516138
.pippio.com/	1970-01-21 01:01:40	Name: nnls Value:
.pippio.com/	1970-01-21 01:01:40	Name: pxrc Value: CKqXorcGEgYIgr0rEAA=
.exelator.com/	1970-01-21 02:28:04	Name: ud Value: "eJxrXxzq6XKLQcHU1MDQMsUk0dIiLdXc0NTA2CLZyMAw2SDJKCnROM3cbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYkl%252BUWb6otDgxUUpaQyLSopPBZ%252F4ZwgAfL8qRQ%253D%253D"
.linkedin.com/	1970-01-21 01:44:52	Name: li_sugr Value: 96ef3fe9-08f2-43cc-b926-9b9d34a25763
.linkedin.com/	1970-01-21 08:20:52	Name: bcookie Value: "v=2&a6e28b23-158e-4aa8-8696-03c7df1b02df"
.linkedin.com/	1970-01-20 23:36:42	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3337:u=1:x=1:i=1726516138:t=1726602538:v=2:sig=AQE06xMP764tSZwijXEVbCbYGwyDk0cL"
.adsrvr.org/	1970-01-21 08:20:52	Name: TDID Value: 7c0cdd0f-ff59-441e-82a2-467bc802cf21
.demdex.net/	1970-01-21 03:54:28	Name: demdex Value: 15675652866294589711423800899799044064
.agkn.com/	1970-01-21 08:20:52	Name: ab Value: 0001%3Ahw9rA6o94KJEbztgBJuPtpApNjcWtiRT
.adsrvr.org/	1970-01-21 08:20:52	Name: TDCPM Value: CAEYBSABKAIyCwja8fHm6qSrPRAFOAE.
.dpm.demdex.net/	1970-01-21 03:54:28	Name: dpm Value: 15675652866294589711423800899799044064
.w55c.net/	1970-01-21 09:04:04	Name: wfivefivec Value: PwFpCSHl1SQhIv5
.adfarm1.adition.com/	1970-01-21 01:44:52	Name: UserID1 Value: 7415330353030822253
.w55c.net/	1970-01-21 00:18:28	Name: matchadform Value: 5
.yandex.ru/	1970-01-21 08:20:52	Name: yashr Value: 7833931361726516139
.weborama.fr/	1970-01-21 09:01:11	Name: AFFICHE_W Value: Yf44do@Vtuxh26
.smaato.net/	1970-01-21 00:05:30	Name: SCM Value: 5d37b0c6eb
.smaato.net/	1970-01-21 00:05:30	Name: SCMrktn Value: 5d37b0c6eb
.smaato.net/	1970-01-21 00:05:30	Name: SCM1001213 Value: 5d37b0c6eb
.teads.tv/	1970-01-21 08:19:25	Name: tt_viewer Value: caa9ee34-5321-43e0-b2fc-ad50554bc982
.1463.info/	1970-01-21 08:20:52	Name: _ym_uid Value: 1726516140398068516
.1463.info/	1970-01-21 08:20:52	Name: _ym_d Value: 1726516140
.3lift.com/	1970-01-21 01:44:52	Name: tluidp Value: 2839096866532009762351
.3lift.com/	1970-01-21 01:44:52	Name: tluid Value: 2839096866532009762351
.onaudience.com/	1970-01-20 23:36:42	Name: done_redirects252 Value: 1
.rmp.rakuten.com/	1970-01-21 00:18:28	Name: Rp Value: 3ae8f00730a752f231346890aa166e88bab62241dd38a514
.onaudience.com/	1970-01-21 08:20:52	Name: cookie Value: 87e0036896e57efa
.mc.yandex.com/	1970-01-20 23:35:16	Name: sync_cookie_csrf Value: 645659612fake
.1463.info/	1970-01-20 23:36:28	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 23:35:16	Name: sync_cookie_csrf Value: 455781102fake
.1463.info/	1970-01-21 06:04:06	Name: intercom-id-cnjqphyx Value: 6ed325d3-f8f3-40d7-b252-85b9313d1a32
.1463.info/	1970-01-20 23:45:20	Name: intercom-session-cnjqphyx Value:
.1463.info/	1970-01-21 06:04:06	Name: intercom-device-id-cnjqphyx Value: 16d05357-6ced-4dfd-ad5d-d785447f77ab
.mc.yandex.com/	1970-01-20 23:36:42	Name: sync_cookie_ok Value: synced
.yandex.com/	1970-01-21 09:11:16	Name: i Value: 5XcYP4M64GoqyLgDrpokCH85XPKca3HC6HDXMYvCO55a0mG/WoxcyG9jtwav59YDMZ0oES2NQRMqQ3zX97YE+vkmdEw=
.yandex.com/	1970-01-21 08:20:52	Name: yandexuid Value: 8427470171726516140
.yandex.com/	1970-01-21 08:20:52	Name: yashr Value: 3450372721726516140
.yandex.ru/	1970-01-21 09:11:16	Name: yandexuid Value: 6891735141726516139
.yandex.ru/	1970-01-21 09:11:16	Name: yuidss Value: 6891735141726516139
.yandex.ru/	1970-01-21 09:11:16	Name: i Value: 6G2cyfAgLmiqC/TpSMfcutowGAhDMDaGbREWUYGbAIfhzxSdgJP4HG/dnwv9Re+eMNY4kDHoMVVe7SSgodWW2vZAQJQ=
.yandex.ru/	1970-01-21 09:11:16	Name: yp Value: 1726602540.yu.1617384421726516139
.yandex.ru/	1970-01-21 08:20:52	Name: ymex Value: 1729108140.oyu.1617384421726516139
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 893470461726516141
.yandex.com/	1970-01-21 08:20:52	Name: yuidss Value: 8427470171726516140
.yandex.com/	1970-01-21 08:20:52	Name: ymex Value: 1758052141.yrts.1726516141
.yandex.com/	1970-01-21 08:20:52	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 08:20:52	Name: bh Value: KgI/MA==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://1463.info/registration?qtag=a29654_t33047_c242_sMisterDaxxx&retentionId=dcfb2915-2a83-4043-989e-2f09fe13244c&utm_medium=MisterDaxxx&utm_source=russia Message: [DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11843672.fls.doubleclick.net
1463.info
20828756p.rfihub.com
a.sportradarserving.com
a1.adform.net
a1.seadform.net
acdn.adnxs.com
ad.doubleclick.net
api-iam.intercom.io
bit.ly
c1.adform.net
c1.rfihub.net
cdnimages2.gcdn.co
cdnimages3.gcdn.co
downloads.intercomcdn.com
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
js.intercomcdn.com
leoncas.com
leoncasino.gcdn.co
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
minilinked.com
pixel-ssn.quantserve.com
pixel-us.r2drtb.com
pixel.quantserve.com
pj.l.liftdsp.com
pool.admedo.com
ps.l.liftdsp.com
rules.quantcount.com
s2.adform.net
secure.adnxs.com
secure.quantserve.com
td.doubleclick.net
tm.ads.sportradar.com
track.adform.net
tracker.ads.sportradar.com
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
mc.yandex.com
108.139.47.108
109.169.10.207
13.226.34.20
142.250.80.102
142.250.80.38
142.251.40.136
142.251.41.3
15.197.143.135
151.101.129.108
185.167.164.42
185.167.164.45
185.167.164.49
185.167.164.52
188.42.63.48
188.42.63.49
192.184.68.228
194.182.174.60
199.38.167.130
216.239.36.178
2600:141b:1c00:2e::17d1:48c7
2600:9000:21dd:8200:6:44e3:f8c0:93a1
2600:9000:21dd:9600:16:3a8f:8380:93a1
2600:9000:24f0:6c00:5:e0f4:e840:93a1
2600:9000:24f1:fa00:1:76cf:fe80:93a1
2607:f8b0:4006:80e::200a
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81d::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:823::2008
2620:116:800b:21:a021:b886:81cc:55cf
2a02:6b8::1:119
2a02:6ea0:c454::1
2a03:90c0:9996::9996
3.81.174.250
34.227.128.226
35.206.140.87
35.211.202.130
35.211.233.246
37.157.5.84
54.38.138.84
67.199.248.11
68.67.161.208
68.67.179.166
88.214.195.101
0030dc4477f4627ba3dad7864eff5556ef746e61fbc504592bea763e3774904d
046036e7f874f492979b65f952a66e194b8f1739f24a64d40b2052f944114bc5
049e51bec3a57f5d4f4ff4d0a592ce5a25e418fa08841f345cc7b7ba2e6b1581
04d8a016e58c402134f5ed12f4f09251b36344358d2e7eaa27143b2cb7a2628c
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb
06961e2702d948be0751cc4ed1546e167e181546f3ba3fd1b630d9ec8f4d3c74
076dea4023ede2ff9d9844dd837c09632552efd0b5bf00dd2be6e75cf71d5898
08b59ad5981f5f3fa1555a3e204d965c4bb60e5ae083ae32a4e4443c3ebdb914
0c3521ad8f3f3fb51d29d672affd2ee683e1b53668e01758a2579dea128a50aa
0e0595b209c0920455aa9e86e46910a98b96ae779437170f0afd6e4bee543be4
1334009059de0bfdd2e69b8428bb1234a8ada5a0f2225f6271bddb39610578d0
13b710020acb4a4914b3773ceee2b981f8c96e443e66616feb8c449825aa0992
155705ad90a321b396a52fbab695bc92f9a2046aac18371fb9a172657e97c2a6
186734b055060f2663c641332989af33e73e9190f0636384d6b540764f6e426a
1ae73f949ce1ca94b58f32ac5fab711d948e93073d8432e06228d5dc3a69321a
1c268965cc3e118257875397d109b8c2f0117cc82db74edcd7f5b983bbae5ce7
1c45be6fd86b3fd02cdf904fd4e60217278a3556e9b02914b39bbb863f6d5dbf
1f28af3591e1aea0f7ca20c726084389c352a37e20ab9a8a3847125583a18027
22eb05f821c7cc95e715dc17de449edd34c22e15cd62eeb916824dc6b87b31aa
25d002e623903b320eb203f271ef153ee2df8a51e2aed4878c7598d9f6a6ca6d
26d169ac447fd76d108e3bf35896d6dd13557a1f11de5614129425fa38ccf333
2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4
28a21034c86df271b6995749fd19760af8bbd615356cd6ec78e94ea4a566d4f0
2a789b44412d2879eaf23bdec3da4f565594749435f436640a8f9bb35477fd10
2b8aeb36c838c2e76b19d62662368365102c2c12a9868f49fe64188919f00730
2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3
2cae2cf9e144e8f28c963ef16067a3c04031aea0e2354b7b59a5ba04071586a5
2deba3ea457d595fdb3f820ce78042b3ec27f0fd3e854b40348bcc5a940f4362
2f33f539fe3b782fd2f3d3d8b72d6acd02d9d782dd3e1b4ccda4ea62867b3abf
3101913da741c6abe51dbd06fdbb8e9da521d4f61de5c6590fe8e8c00dfed876
34e61d8f8812296f5f046b75e73d9b14a6a83bac50836f52345b6c0cf51138f0
35b428209dc64b4d1df164854a05d0992739434ef734689e41fa1c5834074092
35fbf7cdff6f786b21526e5f5ed414d1b89da296b41c4327bfc11860d77e9147
362c77f0c36c56a42c21e44c66f2512386a669fea63f1335ddfe2d477d3efae9
39704adc61f2739ef597fc3382e97a2a839c41059dcb02d740ff0db80492486d
3af923975e265732b01d1fa478ece243e9e17c52b6a2f01272c12fdd41d48902
3c584108e1d8685d12332171f34879003c01a21d55ae5bf753b8e034bc020e2c
3ccf73fa3ebb885e02c6f83128d973360f161fbf758d765e3444c423ec1e3495
3e4e0b007397d9e61547e1f61d24632852a65e70ce69aa4b0d37158c26691cb2
3e8f8a1d4f1a37245c6b7acbaa44a6c04975d1e21b038f7128be586482ffe4b0
3f844c029cb8c81b4b13581b6524278216060f1f6be99a4583f4ef04fdd3707c
4072e002df42fb2f729775643365bf323b22fe6b1a590faef5c71422fdeb70c7
423454068c2e5bb08f9053a5ff1d890d05953fd918a12e2a445b9c9886575345
42afec984285c7ec1e7f2bd4650dde534d9201641d50f599163c7b4b7e7441c6
47719a22559a4db7e9f7a801d41b3277b7c5c2977664f09b8e9d4262c1cd165e
4a7583555e56798beac5aa12bec85db284596d9570af676961da24ec0a098dd9
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
4e231ad4957b413aaef88dd602f78a6b38d22750f39eb98a61fc345645512bab
511ad4b904f2bbf13a19f1444bcef8efc47ead84fc8411f76f6a9c0bdc75e986
533cc1795d0f8c05ba575368c4a1d156021e74d1e72c1e48f6a54c1f9c8c7b06
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5938abde88b34d9b8e4da4c61ff5cdda4d3b897704606ff7c339732e02e1237a
5f60ba2783fe1359d0ea58a96615b3e85756a33b0ea7d9cc5d20845128980a8c
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6071fb99e587aa37f08c8f14a5718a3bda75cae32fd1d4ccd0718733a362ab64
62ec2289475fc937179158916e0e4fc1a30a8ed0eddf8c749d2a417a72e39339
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
70037b34a19a143f7e1706cbcf4164777b6e57fa554939d14f3eded57f7047bd
717368ebb38cb4979e8e938a39593c8563b87b0a9d5d0fb4a1f436a3d7b90927
75be6e5e0eee00fba0cab9eb08c1c182afc78a7b8e0e01d5e180a3584ce5c9cf
75f7189a52997aca5b3d8c2b9442e1eeccc73be2012331cf9382b28b73e91b52
75ff476769446ac931b9dc5022f5ebd8a6db2b612c832401b16486f5a960bb42
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
775042c1fe9439c9066a6d08cb873a8be580b1f68bc1d0cec530291043fe3bd5
78b98b6ab63aab0fc7779b127b944569a8cd685720e090cf86390ad2c0206f2e
7e3f1836401d8d45ae3f406467c7bc7b78193dc00028d63d7659a7809bc4c083
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f989c83968e264297452a69bc42c7903f59fdc4eea0bcd0286dbe4848418e18
7fed836409217f5ac8eddc5f8193b5c0c5e4e02bc3af1d18b4bc00287b8cfa33
80852fc495931f3012ec4360e49e1757f6375aa5edddb39df61c30dc1bdbfe34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c302850560a242fff7aa61ee72b4d2e45b487de9c6ae25d6fde38fce8aa571
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8875e2f140ef97308bb81d86cca7b80a6ef9e22fabc3c86a1cf3153f88489221
88c38dd5fd1531be2d044c85bfd00517c41ce29b03c514d620d80a80241a1f11
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89d2ae90c9c16d8b36fb59d507e5fc3d2612407ec20d9cc47fa15f29295dc168
8a8db738f4f67bb914194a8dfca987ef396a2dfd386881504c1b0c3753925952
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
8e7f565919f14fc775e059f527bcaffab97599dff6e5f7f6fefa49f2ba5af96a
8ea45050499c5f73f33502fb30dad78e585074a0498bc86cc7abef6c36593ca5
938ef2ac3ddae26a0eaf5d8c5392ddc106e7190894dd27dbae1a4322a7f5a0da
968ad3c148342a0c1613a0628afa5d07e18e690066b2a17c5e3b3912811f0ef4
96e614a47532daef50f7b288e1b0741076e0c8f2b76ab5a82c2646a930bcfc29
9779b67b80402c9aeb04fdc67ac74673660c046de8e2c6cc748692529bdb9bd3
977c2c301aa75f155cbcdac3453024320daec24ae369b3a75aeb069cc29b1ee9
98596f703ec5e76243f01c178e27e944f494fbda0e8e4dacd6291739b078ac8b
987c4c2b1d2840ec880d484af7f42d28403da21070484bed30fc45a629ce197c
9bb2c583bfe0cfe4ce25dcad5944668b5da72f52f04163654804a03238897b42
9dd3150efb7c67121d9105fdf70a6040b713fe00824e9dcc560de5fd364cfa40
9e75b33213a21f8795a08f675e832c8658d8784bdac8fad1d51d4d09d14f0c41
9e8fadb0932ffc1f1a4937d9ab37505a34a35b6d0c05fdcb7f00f8290934c9d6
9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482
9f37e4d79b64613286fbf83e86ba1a2e41279be0c2ccbd076ca5b50f9386a8b5
9f4266d64c10e61f4b0a90d71e799b8785fb5b9f30242bb453cc79312f468ac6
a0c5dd95d029676d6f367a1e2aca29deed9a5ca9f408c739a734f2c470a8aa18
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a52e787e96bc15f5f143be46b0d58dc220b49871af2422f6fd5523129f5516b2
a937b78365cd53aa0f94e4ba350c890db8fec4bc9a5af6a03f6618a70df88687
a9b47bb93470efd715a4d1dc5443472476349c33db63adb55aa98d6e6506bdb4
aaeec80281237b16d0e453e78f373eee2b47dc6fc634c4d0b59f835d75c48ce5
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
afa4da24786a20ad3c263a84b7c5ea2ed3c91549c0b8de02d4720cc7fcfa0bdb
b398361d5b6a8817cfbbb6b5ef241ca7ebd0993492353366e5e22c210fdda9ee
b9a8251732d83c1d99b6b8c684cf2618502d186ed64fe800a602c2b64575f89a
b9c231dcb7c0b5ab937aae8fdd5012037627fe214676775ac1c878544c472f7a
bb0581de4c73e0dc2cc1522b7876e8d5a5f2415e2bfb648e480d6dfb812bb00f
c020aa5e9eb7aac89747e8a51508d90351d160dfe83e4b0a21dbbb0f05be0f9c
c3b97b4a0032010f3f395bd43b5cae6282107e1f81e1a97844a1bdae4cc370f8
c71eabddf16d6dec27a563a4e3f4f9b17aab484c4661d5ab3d59587a71f63798
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca66f8a77b03fd9838cbc5ece0536f51d1e8c8a3d1face8ea1c57e8c06b22b51
cbaffb0dcb22021278f94094e1bc93fd915c4211b989b7355880aa5d196da2a5
ccda10eb1453ce77248d404670ceca0e6f2be27c57dcf43015975883111ae1ce
cd9aaab337d980bf17709198b414f6a3c3ed46cfc5ca12bd359e09fabdcbacd1
cf5b5beaeca11f477aaa8726a1e8f1944c94fe42b95b1573801280cb71cabf1d
cf8159320c9adf5a39d7e4b15460172cddddd084652126ee1ba4de3610bbff43
d0708b95476ef7b9ae665859f283b339a84385d561a6b3eb4e5dfd8d22bb7a38
d25f1a90706054363b083e0be238dc86e46c1ca8ae2a7cc2903c9cd88e43522c
d3184dfa0fcf994a19e5a40487055636f8eed1202abcb1a246b5091f81accd07
d5b94e3df4b3117cf13b467262ee1f1c68c7497fc600e70a2017cd66c1f8254d
d6e17c6e0d622f4c9a1cf2fbbe6e59df503c15739d2c7a40f68acfbfeffca2b7
d892d3e4052fa9f44e2dae665dfa59dd6de5af6a5f143fca6c34b5a468886f88
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
d9eeb7ba3e7bf1a27c1c08ce515b397d5e7e3a248b2a017e1320e0fe5f69440c
da7a3939609b79975f0e64253b6af0b7e0286e186315809a414d3dfa2503aab6
dbc7f2e47564ff7fc9d932921f30e4ccab688131631e37543c00e53306946494
dcec385e2fd5e751ec4af4ec1302d9db34305aa61515702cda972882d869efcf
df5a58befa5a4171c238223e1df85a8c90b504fc952e419472cb71ba242f2501
e06029b0d3c28a635bb048b485c3ef3134485fdaf21ae1ae551f1fb0d1aa67ee
e19237af2d984f7b772577bee8f16b86c42e21212c0f9cb0fb17762cc2de04e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b370176004ec5a1a9da60c20b5055fce78fb3f77c9059a418265dc504a5fd1
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e6aeeea628581a08ddd5eda862babc0910dbbac4647b1e0e7b41957061d77172
e8ceb48efc3ae43c8756f9d57267ddbf0676c1951cacb0928b7d4e538e40688d
e976650c3f22bcc9097f8ffc1caeadad08b83288ec50f8e1713a13e8ce23149f
ec999ab71cbb6beb7e10406b0d6910c32b5079b7def5722662d2915cf3a54677
ecd8810c4ab52927b77e463ad35c10cd914684733bf21d3b06994a12cb7fc43f
ed1bc7d13053d088f8964c1250cddebddbe714562e3c4f37c6eb7f3ab622ab3c
ee15cde279d28ca3919cae92820eaa8cef68d9023de05805b93a04db39e58e32
eeb5bc607c2966bc9ad457771f59b8cbf3449df5f9fecf3a38de63def9803d7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a376e000dc2fc057e8421917b58a97b933b4bf755e27f4df6a699eb14da0c5
f2f3b32a31a2d4c9d2a25998c84f51bd200cd616a4aa4ec0e5dc189b327b0512
f2f6af26e862ddb8b2b6cb81e3a3d88afbfa87469cd93e1c0bb6792554fb07f3
f32a366965f0fc5a7d0655f2b25c1a5d8352d09bf7a4c4a79a4cf8396e0342da
f34e547dc28a8800b0416dfd5a78a1eb68f11c193c032acdbaa0646990586f58
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec
fd1792c86362ee56c8ca9479b4bf023862faec59991939d1a4e8d568877df028
fe94ea56b20d7c1b1f1822d1f8c4033e576bc98c886881a51a52e6b5601b2cc1
fefa4164c727d5aa371bb460463b8cc96102621656aa2aeaaf6ec288fdeb4458
ff42401717596f8f0ca5b633e9fe076d695cee4f02dc167b995e61e45e4160a4

1463.info Open in urlscan Pro 194.182.174.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

89 %HTTPS

32 %IPv6

29 Domains

46 Subdomains

42 IPs

8 Countries

5867 kBTransfer

12774 kBSize

125 Cookies

6 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1463.info Open in urlscan Pro
194.182.174.60 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

89 %
HTTPS

32 %
IPv6

29
Domains

46
Subdomains

42
IPs

8
Countries

5867 kB
Transfer

12774 kB
Size

125
Cookies

186 HTTP transactions
3 data transactions