3142.fun Open in urlscan Pro
109.237.26.154 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://3142.fun/
Submission: On January 18 via api (January 18th 2024, 3:41:42 pm UTC) from US — Scanned from US

Summary HTTP 191 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 56 IPs in 7 countries across 65 domains to perform 191 HTTP transactions. The main IP is 109.237.26.154, located in London, United Kingdom and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is 3142.fun.
TLS certificate: Issued by R3 on January 16th 2024. Valid for: 3 months.

This is the only time 3142.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	109.237.26.154 109.237.26.154	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
71	2a03:90c0:999... 2a03:90c0:9996::9996	199524 (GCORE) (GCORE)
9	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
4	2600:141b:1c0... 2600:141b:1c00:22::1730:e06a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	88.214.195.109 88.214.195.109	46636 (NATCOWEB) (NATCOWEB)
1	2600:9000:219... 2600:9000:2191:a400:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.167.164.45 185.167.164.45	198622 (ADFORM) (ADFORM)
2	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
2	109.169.10.207 109.169.10.207	20860 (IOMART-AS) (IOMART-AS)
1 3	35.211.233.246 35.211.233.246	19527 (GOOGLE-2) (GOOGLE-2)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
3 5	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.176.198 142.250.176.198	15169 (GOOGLE) (GOOGLE)
2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
2 12	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
1	2600:9000:201... 2600:9000:201e:a000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7 7	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.84.78.68 54.84.78.68	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
2 3	34.198.208.133 34.198.208.133	14618 (AMAZON-AES) (AMAZON-AES)
1	23.220.188.102 23.220.188.102	16625 (AKAMAI-AS) (AKAMAI-AS)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.59.99.242 52.59.99.242	16509 (AMAZON-02) (AMAZON-02)
1 1	216.22.16.73 216.22.16.73	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	35.174.112.174 35.174.112.174	14618 (AMAZON-AES) (AMAZON-AES)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 2	52.55.144.0 52.55.144.0	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:6ea0:c40... 2a02:6ea0:c400::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.204.171.89 52.204.171.89	14618 (AMAZON-AES) (AMAZON-AES)
2	184.50.205.247 184.50.205.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.248.137.159 3.248.137.159	16509 (AMAZON-02) (AMAZON-02)
1	52.92.17.0 52.92.17.0	16509 (AMAZON-02) (AMAZON-02)
1	3.222.163.147 3.222.163.147	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.160.10.41 18.160.10.41	16509 (AMAZON-02) (AMAZON-02)
2 3	34.241.132.158 34.241.132.158	16509 (AMAZON-02) (AMAZON-02)
2 2	52.204.246.173 52.204.246.173	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.249.39.110 13.249.39.110	16509 (AMAZON-02) (AMAZON-02)
4	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	54.160.64.36 54.160.64.36	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 4	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.205.56.163 23.205.56.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:9000:230... 2600:9000:2305:ae00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	100.25.25.103 100.25.25.103	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	44.212.89.30 44.212.89.30	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.64.83 108.138.64.83	16509 (AMAZON-02) (AMAZON-02)
3	18.154.227.81 18.154.227.81	16509 (AMAZON-02) (AMAZON-02)
1	52.73.162.54 52.73.162.54	14618 (AMAZON-AES) (AMAZON-AES)
4 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	3.33.152.127 3.33.152.127	16509 (AMAZON-02) (AMAZON-02)
191	56

18 109.237.26.154 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 109-237-26-154.ip.linodeusercontent.com

3142.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2a03:90c0:9996::9996 (United States)

ASN199524 (GCORE, LU)

mrspeedtime.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnimages3.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:1c00:22::1730:e06a (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

tm.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o237537.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.195.109 (United Kingdom)

ASN46636 (NATCOWEB, US)

track.leonretarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2191:a400:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.45 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.169.10.207 (United Kingdom)

ASN20860 (IOMART-AS, GB)

leoncas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.233.246 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
use.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

20828756p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.179.155 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:823::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.176.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f6.1e100.net

11843672.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:201e:a000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.211.178.172 (North Charleston, United States) 7 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.78.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-78-68.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.198.208.133 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-208-133.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.220.188.102 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-188-102.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.99.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-99-242.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.22.16.73 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.233 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.112.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-112-174.compute-1.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.55.144.0 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-144-0.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.204.171.89 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-171-89.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.50.205.247 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-247.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.137.159 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-137-159.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.17.0 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.163.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-163-147.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-41.iad12.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.241.132.158 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-132-158.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.204.246.173 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-246-173.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.110 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-110.iad89.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.160.64.36 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-64-36.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.118 (Frankfurt am Main, Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.56.163 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-56-163.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2305:ae00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.25.25.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-25-103.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.212.89.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-89-30.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.64.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-83.iad12.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.154.227.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-81.iad55.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.162.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-162-54.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.152.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: a69d63ecdf0f33068.awsglobalaccelerator.com

downloads.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	gcdn.co mrspeedtime.gcdn.co cdnimages3.gcdn.co	2 MB
18	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 7060 track.adform.net — Cisco Umbrella Rank: 5048 a1.adform.net — Cisco Umbrella Rank: 11105 c1.adform.net — Cisco Umbrella Rank: 583 dmp.adform.net — Cisco Umbrella Rank: 3041	44 KB
18	3142.fun 3142.fun	446 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	6 KB
8	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	4 KB
8	gstatic.com fonts.gstatic.com	111 KB
7	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	4 KB
5	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 490 ib.adnxs.com — Cisco Umbrella Rank: 253	5 KB
4	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2157 downloads.intercomcdn.com — Cisco Umbrella Rank: 12241	394 KB
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 425	5 KB
4	doubleclick.net 3 redirects 11843672.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 260	2 KB
4	sportradar.com tm.ads.sportradar.com — Cisco Umbrella Rank: 57571 tracker.ads.sportradar.com — Cisco Umbrella Rank: 60107	101 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	72 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2054	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1780 load77.exelator.com — Cisco Umbrella Rank: 4039	2 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 698 ice.360yield.com — Cisco Umbrella Rank: 1892	1 KB
3	sportradarserving.com 1 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2298 use.sportradarserving.com — Cisco Umbrella Rank: 76282	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	220 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1661 api-iam.intercom.io — Cisco Umbrella Rank: 2016	6 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 412	720 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 326	2 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13701	630 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	660 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 875	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 2043	492 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 727	788 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 853	837 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349	888 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 451	816 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1074	1 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1382	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	1 KB
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381 token.rubiconproject.com — Cisco Umbrella Rank: 477	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	517 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	294 B
2	leoncas.com leoncas.com	570 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1364 pixel.quantserve.com — Cisco Umbrella Rank: 1007	10 KB
2	leonretarget.com track.leonretarget.com — Cisco Umbrella Rank: 740794	1 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2112	120 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1577	109 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 28504	49 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 662	544 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1376	278 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 544	645 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 23811	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 870	472 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 784	338 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 28921	407 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 790	633 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1149	359 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 562	640 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669	669 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 4137	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4474	400 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 21472	467 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 98	440 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 508	280 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1345	697 B
1	rfihub.com 1 redirects 20828756p.rfihub.com	592 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5693	6 KB
1	sentry.io o237537.ingest.sentry.io	324 B
0	eskimi.com Failed dsp-media.eskimi.com Failed
191	65

	Domain	Requested by
46	cdnimages3.gcdn.co
25	mrspeedtime.gcdn.co	mrspeedtime.gcdn.co
18	3142.fun	mrspeedtime.gcdn.co
9	c1.adform.net	1 redirects a1.adform.net c1.adform.net
9	fonts.googleapis.com	client mrspeedtime.gcdn.co
8	mc.yandex.com	3 redirects mc.yandex.ru
8	fonts.gstatic.com	fonts.googleapis.com
7	x.bidswitch.net	7 redirects
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	secure.adnxs.com	2 redirects c1.rfihub.net c1.adform.net
3	mc.yandex.ru	1 redirects mrspeedtime.gcdn.co
3	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com
3	a.audrte.com	2 redirects c1.adform.net
3	www.googletagmanager.com	3142.fun www.googletagmanager.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	s.amazon-adsystem.com	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	ice.360yield.com	2 redirects
2	match.adsrvr.org	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	px.ads.linkedin.com	1 redirects c1.adform.net
2	idsync.rlcdn.com	2 redirects
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	uipglob.semasio.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	ups.analytics.yahoo.com	1 redirects
2	a1.adform.net	1 redirects
2	track.adform.net	s2.adform.net
2	11843672.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com
2	a.sportradarserving.com	1 redirects
2	tracker.ads.sportradar.com	tm.ads.sportradar.com tracker.ads.sportradar.com
2	leoncas.com	mrspeedtime.gcdn.co
2	track.leonretarget.com	www.googletagmanager.com
2	tm.ads.sportradar.com	3142.fun
1	downloads.intercomcdn.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	3142.fun
1	e1.emxdgt.com	c1.adform.net
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	1 redirects
1	sync.teads.tv	c1.adform.net
1	ib.adnxs.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	pippio.com	1 redirects
1	load77.exelator.com	c1.adform.net
1	crb.kargo.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	a1.seadform.net
1	adservice.google.com	11843672.fls.doubleclick.net
1	use.sportradarserving.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	pixel.quantserve.com
1	rules.quantcount.com	secure.quantserve.com
1	20828756p.rfihub.com	1 redirects
1	secure.quantserve.com	3142.fun
1	s2.adform.net	3142.fun
1	c1.rfihub.net	3142.fun
1	o237537.ingest.sentry.io	mrspeedtime.gcdn.co
0	dsp-media.eskimi.com Failed	3142.fun
191	80

This site contains links to these domains. Also see Links.

Domain
lbaffiliates.com

Subject Issuer	Validity	Valid
3142.fun R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh
*.gcdn.co DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-07-07` - `2024-07-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tracker.ads.sportradar.com R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.leonretarget.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-18` - `2025-01-18`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
leoncas.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-02` - `2025-01-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-13`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2023-06-14` - `2024-06-14`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
intercom-attachments-9.com Amazon RSA 2048 M03	`2024-01-18` - `2025-02-15`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://3142.fun/
Frame ID: C5F052EEFF436D483424304788FBF73E
Requests: 145 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252F3142.fun%252F%26pf%3D
Frame ID: EF734CE43E8F49E2A03837A1F0E78504
Requests: 1 HTTP requests in this frame

Frame: https://11843672.fls.doubleclick.net/activityi;dc_pre=CN-P-Zaj54MDFYHt9gIdEr8NVA;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F3142.fun%2F
Frame ID: A8152B93ABDEE477AB799415A5EF40C6
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CN-P-Zaj54MDFYHt9gIdEr8NVA;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F3142.fun%2F
Frame ID: ADABE4E48EEFC3B551D8C015683DC4D5
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Frame ID: 9C049083008B4E25010DC4398C4E313E
Requests: 40 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.bdb65c8e.js
Frame ID: FC90F9F1F3BF2CB636A82985353BE053
Requests: 4 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 0FD2746A82B48B2DBE6872D6ABB631A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Leon - Ставки на спорт | Слоты | LIVE Казино

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

191
Requests

84 %
HTTPS

20 %
IPv6

65
Domains

80
Subdomains

56
IPs

7
Countries

3274 kB
Transfer

10691 kB
Size

117
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://lbaffiliates.com/
Title: Партнерская программа

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107

https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235 HTTP 302
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235

Request Chain 108

https://20828756p.rfihub.com/ca.html?ver=9&rb=43197&ca=20828756&_o=43197&_t=20828756&pe=https%3A%2F%2F3142.fun%2F&pf=&ra=39524563639326127 HTTP 302
https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2F3142.fun%2F&pf= HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252F3142.fun%252F%26pf%3D

Request Chain 122

https://11843672.fls.doubleclick.net/activityi;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F3142.fun%2F HTTP 302
https://11843672.fls.doubleclick.net/activityi;dc_pre=CN-P-Zaj54MDFYHt9gIdEr8NVA;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F3142.fun%2F

Request Chain 124

https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=645099270236&ADFtpmode=2&loc=https%3A%2F%2F3142.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=645099270236&ADFtpmode=2&loc=https%3A%2F%2F3142.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 128

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=13f8c95e-0794-4544-85ab-5d342061579b&cb=e6445403-9a5f-45bf-8330-a40bc3224bbe HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=13f8c95e-0794-4544-85ab-5d342061579b&cb=e6445403-9a5f-45bf-8330-a40bc3224bbe HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=deccb77d-ed9f-493a-96a9-901cf9bc66d0&_origin=1&gdpr=&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=deccb77d-ed9f-493a-96a9-901cf9bc66d0&_origin=1&gdpr=&gdpr_consent=&verify=true

Request Chain 129

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=13f8c95e-0794-4544-85ab-5d342061579b&cb=f62b5bc5-103a-4272-a91a-7b0b1b862308 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=13f8c95e-0794-4544-85ab-5d342061579b&cb=f62b5bc5-103a-4272-a91a-7b0b1b862308 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=7a99b888-342f-42e1-957f-d38b2ab5a668&expires=30&gdpr=&gdpr_consent=&us_privacy=

Request Chain 130

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=13f8c95e-0794-4544-85ab-5d342061579b&cb=584e179b-8d12-4a55-897b-8ed8fd032a9a HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=13f8c95e-0794-4544-85ab-5d342061579b&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 131

https://x.bidswitch.net/syncd?dsp_id=409&user_id=13f8c95e-0794-4544-85ab-5d342061579b&user_group=3&redir=%2F%2Fuse.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP 302
https://use.sportradarserving.com/bsw_sync?bsw_uid=7a99b888-342f-42e1-957f-d38b2ab5a668

Request Chain 141

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6707339174782206439&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=2039726204738432471

Request Chain 143

https://x.bidswitch.net/sync?dsp_id=70&user_id=6707339174782206439 HTTP 302
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=7a99b888-342f-42e1-957f-d38b2ab5a668&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 144

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6707339174782206439&expiration=1706802096 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6707339174782206439&expiration=1706802096&C=1

Request Chain 145

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6707339174782206439&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6707339174782206439&sInitiator=external

Request Chain 146

https://ps.eyeota.net/match?uid=6707339174782206439&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=6707339174782206439&bid=9gdtmu1

Request Chain 147

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6707339174782206439 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6707339174782206439&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 148

https://idsync.rlcdn.com/398366.gif?partner_uid=6707339174782206439 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNjcwNzMzOTE3NDc4MjIwNjQzORAAGg0IsY2lrQYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=0ba96f824ba04144158d5a936409358b0d5f7200a0592e8df0925e6465010a26791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0ba96f824ba04144158d5a936409358b0d5f7200a0592e8df0925e6465010a26791426b5417dce21&rand=07913372 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0ba96f824ba04144158d5a936409358b0d5f7200a0592e8df0925e6465010a26791426b5417dce21&rand=07913372&expected_cookie=364aa19c-ebd2-4540-b3b6-dd40b1c1a344

Request Chain 149

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6707339174782206439/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6707339174782206439/gdpr=/gdpr_consent=

Request Chain 151

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6707339174782206439 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6707339174782206439

Request Chain 152

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjcwNzMzOTE3NDc4MjIwNjQzOQ HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO-3vB1Vf9KZZQcg55Ckr-o&google_cver=1&google_ula=1641347,0

Request Chain 156

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=7035727650848700544&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=6707339174782206439

Request Chain 159

https://a.audrte.com/a?adform_uid=6707339174782206439 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Y2gwekRpcC00VjZSVzJCVDdjeUl1VVI1dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 160

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6707339174782206439&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6707339174782206439&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=07920392915923309942656737471530018388&noredirect=1

Request Chain 161

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6707339174782206439 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213050604765005483546

Request Chain 162

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7325463994942552215

Request Chain 164

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=p5A8fkRY1Rquwp5

Request Chain 165

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=1a936054-15cf-44b8-b061-84ed806cce58

Request Chain 166

https://id5-sync.com/s/10/0.gif?puid=6707339174782206439 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=6707339174782206439&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/1/2.gif?puid=7035727650848700544&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-5a16gwGoOTlMvBtfl4hoGnD7pGWC3nl2dG12GUcUGA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-5a16gwGoOTlMvBtfl4hoGnD7pGWC3nl2dG12GUcUGA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/0/3.gif?puid=1a62e55e-ab8d-46e8-a0f5-da3b6893e9d5&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Request Chain 167

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3493207603 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kwwgdRTR3w6pf/nTDnhoN.

Request Chain 169

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6707339174782206439 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=9d0a19d48d&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=9d0a19d48d&gdpr=0&gdpr_consent=&dcc=t

Request Chain 172

https://eb2.3lift.com/xuid?mid=7354&xuid=6707339174782206439&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6707339174782206439&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

Request Chain 184

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10252.8fjV1-KDdJ6z83QCO7xVvsZbL2GJrN2XkG1h13PZcdaA9juiUmywF5sK12GamN1o.BpCG2iwH2W-vct8wLJNCUD3G1TI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10252.vUwHRnWbX4mB-fmllQSMq8KF_UeXKmr7vlTycAbVQYA0uzLbSIHM-vpXXYj3Ss-zab7-RdlsZeoO8tei0a7nYxEg0XlsN3eqqcXcYNqdUnwkU4DfXSyKyuX-rN_9XNVS22-68bCUBXgX7dYfLBeXHExjmqzgLO_k3fsW1VvRrgaslnZhkI-Nz0c59HO3n30rKSds9BwxyBa9Rf2Dt2SBa2H8PisEbHx6zyO-2VL8bIo%2C.E9B4KzsS5nhck0x855ObBZc1xw0%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10252.g5HYOY6m51xln-wVwkjqfcaq9EqHFaangjIh7EfcjxnlBU1ayzTwZGEl8kLn6NyJFQDdwednR9O6avL27qXXDziVB1dr0kv8SEeusAk8bkeqht2BHLEePE24Jb4AMLJtq9ODYaCFPaiXcrdy-NfvfAQ1GcNi4ysnK-i9UwkYlGOuHtuNbjN57Wtw8qW-aN76LyGXDUbwsUGadVSvvWUqwg%2C%2C.qugGDsApl9YiAb4TZClM9pevJyY%2C

Request Chain 189

https://mc.yandex.com/watch/71598811?wmode=7&page-url=https%3A%2F%2F3142.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad9qclkdp4c65bqbi3oqcu6sb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1210%3Acn%3A1%3Adp%3A0%3Als%3A728974591037%3Ahid%3A660699341%3Az%3A-600%3Ai%3A20240118054139%3Aet%3A1705592500%3Ac%3A1%3Arn%3A27175836%3Arqn%3A1%3Au%3A1705592500215750063%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C277%2C149%2C1%2C0%2C0%2C%2C135%2C2%2C1240%2C1240%2C0%2C846%3Aco%3A0%3Acpf%3A1%3Ans%3A1705592493003%3Agi%3AR0ExLjEuMTkzNzAzNzAwNS4xNzA1NTkyNDk2%3Afp%3A859%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705592500%3At%3ALeon%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2F3142.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad9qclkdp4c65bqbi3oqcu6sb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1210%3Acn%3A1%3Adp%3A0%3Als%3A728974591037%3Ahid%3A660699341%3Az%3A-600%3Ai%3A20240118054139%3Aet%3A1705592500%3Ac%3A1%3Arn%3A27175836%3Arqn%3A1%3Au%3A1705592500215750063%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C277%2C149%2C1%2C0%2C0%2C%2C135%2C2%2C1240%2C1240%2C0%2C846%3Aco%3A0%3Acpf%3A1%3Ans%3A1705592493003%3Agi%3AR0ExLjEuMTkzNzAzNzAwNS4xNzA1NTkyNDk2%3Afp%3A859%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705592500%3At%3ALeon%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

191 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
3142.fun/ 21 KB
9 KB 452ms
149ms Document
text/html 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1920872ba0106be7c91c1a948d911bd766743ced4df8724e1caddf7b209e6789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 18 Jan 2024 15:41:33 GMT
expires: 0
link: <https://mrspeedtime.gcdn.co/js/vendors.c760f8f3.js>; rel=preload; as=script; crossorigin=anonymous, <https://mrspeedtime.gcdn.co/js/app.7f83a052.js>; rel=preload; as=script; crossorigin=anonymous
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 vendors.c760f8f3.js Show response
mrspeedtime.gcdn.co/js/ 97 KB
26 KB 170ms
34ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/vendors.c760f8f3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0a4eaeeb96ba82fcafeecaae3a2a0b2db648c51607d7ae71053548354bf21718

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-15T11:35:15+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 26687
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-e9550ee8dbd55d9d2d2256afeda01c53-c1d563dd1369bfc6-01
etag: "65a14a78-683f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.7f83a052.js Show response
mrspeedtime.gcdn.co/js/ 379 KB
73 KB 175ms
40ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 110b112c5093d9f4436387f33de752530f0883c83e3c3212fffeee440d7d24f0

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-18T12:56:33+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 74230
last-modified: Wed, 17 Jan 2024 11:56:21 GMT
server: nginx
traceparent: 00-c10632ca8e68d403724db1b3e94784b9-81cef3bd61bb97b4-01
etag: "65a7c065-121f6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
690 B 220ms
80ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a8d842dbcf583e49fc9c648d54f6fa3721dabb382b0c4afb8cb5132993a9adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 14:36:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:41:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
970 B 218ms
78ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 14:16:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:41:33 GMT

GET
H2 200 time Show response
3142.fun/api-2/ 13 B
327 B 152ms
152ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-2/time

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

bc677f67a90b8f92a557084000802039ce0c36b9cb1a55722b004e903c72f5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-browser: chrome
x-app-version: 6.79.6
x-app-os: windows
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://3142.fun/
x-app-modernity: modern
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

POST
H2 200 api-1 Show response
3142.fun/ 300 KB
61 KB 644ms
641ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ef179473ab4dba186b89a833c97611c862a7162ed9e56293e0a282befc36c8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-browser: chrome
x-app-version: 6.79.6
x-app-os: windows
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://3142.fun/
x-app-modernity: modern
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 webpack.0337d490.js Show response
mrspeedtime.gcdn.co/js/ 153 KB
16 KB 51ms
46ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/webpack.0337d490.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 37b8c2034ad31ed9ec22bbfce6f9669c639ae2c857b2328bc60bbc3797a96a0b

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-15T11:46:18+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 16208
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-ccb0c61005bc9b42de8ffa96e6af2437-b9196e4f5126a987-01
etag: "65a14a78-3f50"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-vendor-vue-router.d07ceb25.js Show response
mrspeedtime.gcdn.co/js/ 23 KB
8 KB 53ms
47ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-vendor-vue-router.d07ceb25.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 81c8f98c199314f2e775945d9f61386dd7fd850eb01b61b330e34b2e9bf5f143

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-15T11:35:15+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 8224
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-41e38b05104cdd4b2f6908a921d1ad4f-afbdcf7c2ae6420b-01
etag: "65a14a78-2020"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-vendor-vue3-observe-visibility.554a5a28.js Show response
mrspeedtime.gcdn.co/js/ 32 KB
11 KB 56ms
51ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-vendor-vue3-observe-visibility.554a5a28.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 16e947dd5a59555bb58b54d944caf8defec14678f5c7c90a97fb81c34412e071

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2023-10-23T09:47:49+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 10813
last-modified: Sun, 22 Oct 2023 12:50:02 GMT
server: nginx
traceparent: 00-3734ad10fc6fbe3f18fad0a804884e25-0f399c7cb0012a6a-01
etag: "65351a7a-2a3d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-vendor-vue.c05b43e8.js Show response
mrspeedtime.gcdn.co/js/ 132 KB
44 KB 60ms
55ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-vendor-vue.c05b43e8.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d351faa0d1b8c6b597ab6e0a8c92004db3c12d9af88c3684d5aa7be67bc0c07a

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-15T11:35:17+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 45174
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-8e5fdba568cd67f58441bd5673c7316a-a936d119c8320a54-01
etag: "65a14a78-b076"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-vendor-sentry.57419881.js Show response
mrspeedtime.gcdn.co/js/ 117 KB
32 KB 64ms
60ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-vendor-sentry.57419881.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1a8147e30aa4e73a93107c296d76d442e31d89e34f8c07cad8e1c2bfaeff9847

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2023-12-07T14:15:10+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 32365
last-modified: Thu, 07 Dec 2023 11:41:55 GMT
server: nginx
traceparent: 00-a512a78c7d7a8e502811fc3bcd630e9b-87cf23d8fd9451c2-01
etag: "6571af83-7e6d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-route-modules-core.d07af020.js Show response
mrspeedtime.gcdn.co/js/ 67 KB
13 KB 81ms
77ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-route-modules-core.d07af020.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 02f0779b886c74ddb4d9db757a375f0149f2a67eeb044353cd4bb061c7182622

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-15T15:34:35+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 13515
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-e6b2291291730456ceda039f8be911b6-32744a77c5ae4d24-01
etag: "65a14a78-34cb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-sportline.477bb5a5.js Show response
mrspeedtime.gcdn.co/js/ 26 KB
6 KB 82ms
78ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-module-sportline.477bb5a5.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6dd499991c10ba941350216d19b0b332393f2e195425718b4baa7a52a22b2029

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-18T12:56:36+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 6381
last-modified: Wed, 17 Jan 2024 11:56:21 GMT
server: nginx
traceparent: 00-671ae76ca3c79928592e2a250bf2141d-c873b1bf32cfec15-01
etag: "65a7c065-18ed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-profile.20f88de8.js Show response
mrspeedtime.gcdn.co/js/ 26 KB
7 KB 58ms
54ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-module-profile.20f88de8.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fe54c6c010383bc920876354df17c970c6f4f50d784dc145a6164e917d31fe99

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-18T12:56:37+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 6601
last-modified: Wed, 17 Jan 2024 11:56:21 GMT
server: nginx
traceparent: 00-102704839abd0700f624a08db717fd23-014531e9d462ae68-01
etag: "65a7c065-19c9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-core.68880cfe.js Show response
mrspeedtime.gcdn.co/js/ 137 KB
31 KB 52ms
49ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-module-core.68880cfe.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f0e076de01a58b01e169c1c10e81824270dcee9a4f3c5dd66c1739359e6cbd8a

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-18T12:11:58+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 31230
last-modified: Wed, 17 Jan 2024 11:56:21 GMT
server: nginx
traceparent: 00-78be04ce784367b367bc1aedb0d3d736-cb9115f4315cbe22-01
etag: "65a7c065-79fe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-referral-program.2f6b801b.js Show response
mrspeedtime.gcdn.co/js/ 30 KB
6 KB 56ms
53ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-module-referral-program.2f6b801b.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e4f7c7184374c80212df3584a7d3532c73fb75293bed93b04511cf12fe930c19

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-18T12:56:37+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 5970
last-modified: Wed, 17 Jan 2024 11:56:21 GMT
server: nginx
traceparent: 00-702981b17e872cf89832c49d8a56a081-6a4cd93f1ec881b3-01
etag: "65a7c065-1752"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-errors.95fbb316.js Show response
mrspeedtime.gcdn.co/js/ 17 KB
4 KB 81ms
79ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-module-errors.95fbb316.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3212537ebc556c7704b68db3ca5b2c4d6b5942c433ba35395a7bab5f197899b5

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-16T10:06:34+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 4077
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-e9b8d63842e1dd2951fbf327956c220f-33864981baafecb9-01
etag: "65a14a78-fed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-dialogs.222f86c0.js Show response
mrspeedtime.gcdn.co/js/ 33 KB
7 KB 82ms
80ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-module-dialogs.222f86c0.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a7a3388b72ae35eb924a4417535dab786f0e66b231b2377717b9835314d0462f

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-15T11:56:44+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 7403
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-dc14679ac909fa93c11e3223b615b71c-9549f65072513038-01
etag: "65a14a78-1ceb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-customer-notifications.07ef8391.js Show response
mrspeedtime.gcdn.co/js/ 18 KB
4 KB 83ms
81ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-module-customer-notifications.07ef8391.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 726184aab5ac1ffaaa5ca9e7f110c5a5ca060c8fec3a1d0fffe5a0e60674f612

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-15T15:34:51+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 4035
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-dae41d1bb2cf6ec42b3274129f575ceb-77caac674ad214e8-01
etag: "65a14a78-fc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-app.006c002b.js Show response
mrspeedtime.gcdn.co/js/ 2 MB
396 KB 83ms
82ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-app.006c002b.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 973c2a5d3b3c4955f2eda7a09f7a3cb098a2e75cf81293b3d34e2dcb0b43a574

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-18T12:56:37+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 404886
last-modified: Wed, 17 Jan 2024 11:56:21 GMT
server: nginx
traceparent: 00-e63243767d7e2eae3a011def2d465ced-0f12780121ce95b3-01
etag: "65a7c065-62d96"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-vendors.fb1af32c.js Show response
mrspeedtime.gcdn.co/js/ 379 KB
101 KB 100ms
99ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0505fd483d260729d757cce63c647014a4a82fc3b1cff42e7b36290394392134

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:33 GMT
content-encoding: br
x-cached-since: 2024-01-16T01:04:25+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 103248
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-98d09259d6156dee163ced1d9c7ede09-aaf9035d85b547ce-01
etag: "65a14a78-19350"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 css2
fonts.googleapis.com/ 19 KB
1 KB 204ms
78ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap&family=Mulish:wght@400;700;900&display=swap

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-module-core.68880cfe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8540306a707e9169f22542b923f711daac148b08742acd582d5cb11a43363a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 15:41:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:41:34 GMT

POST
H2 200 api-1 Show response
3142.fun/ 165 B
466 B 227ms
227ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1eb013ce7e85e58eb586fa739f4c973ca31e2307c6180fccc79cd640d9e2c304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-browser: chrome
x-app-version: 6.79.6
x-app-os: windows
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://3142.fun/
x-app-modernity: modern
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

POST
H2 200 api-1 Show response
3142.fun/ 793 B
697 B 157ms
157ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ca5000934c3b98ff7bccdb58ab4f31bae438401b4bf61e3806423959011f2573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
x-app-version: 6.79.6
x-app-os: windows
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json
x-app-platform: web
x-app-env: prod
Referer: https://3142.fun/
x-app-modernity: modern
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
67 KB 217ms
86ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Requested by

Host: 3142.fun
URL: https://3142.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3206bba640bcbc800d2823dd662065fe0f68a740caeb69eba89cde322dd9a9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68451
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jan 2024 15:41:34 GMT

GET
H2 200 tag-manager.js Show response
tm.ads.sportradar.com/dist/ 370 KB
35 KB 454ms
208ms Script
application/javascript 2600:141b:1c00:22::1730:e06a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Requested by: Host: 3142.fun
URL: https://3142.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:22::1730:e06a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c35d7693a27259b4f2b3cbf122cbf3511ebd9858b4e9a50878d0326baeb32fa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
x-n: S
content-length: 36091
apigw-requestid: Rvf7YgnNDoEEMjw=

POST
H2 200 / Show response
o237537.ingest.sentry.io/api/4505635596926976/envelope/ 2 B
324 B 204ms
73ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o237537.ingest.sentry.io/api/4505635596926976/envelope/?sentry_key=8f5255a92d37f60e365c68fd6703cbc0&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.80.1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://3142.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 15:41:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 4
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 headline-matches Show response
3142.fun/api-2/betline/ 66 KB
9 KB 147ms
147ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-2/betline/headline-matches?ctag=ru-RU&flags=reg,urlv2,mm2,rrc&merged=true

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ec159c6037356a119aed5e8f72298f322fa13c822a0961207601f735ea21691a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
X-APP-THEME: DARK
x-app-browser: chrome
x-app-version: 6.79.6
x-app-os: windows
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://3142.fun/
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 async-route-modules-sportline.9bcd4671.js Show response
mrspeedtime.gcdn.co/js/ 428 KB
59 KB 33ms
33ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-route-modules-sportline.9bcd4671.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 47f6d5b00cb727ce0dadb3b93de3385529514d0bd7210bb2c3a6e0025d5a648f

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: br
x-cached-since: 2024-01-18T12:56:43+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 60084
last-modified: Wed, 17 Jan 2024 11:56:21 GMT
server: nginx
traceparent: 00-78814b764063dfb4758c95f655bbb784-a974022a43222f75-01
etag: "65a7c065-eab4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
713 B 78ms
77ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a8d842dbcf583e49fc9c648d54f6fa3721dabb382b0c4afb8cb5132993a9adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 13:57:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:41:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
634 B 91ms
90ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 14:09:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:41:34 GMT

POST
H2 200 api-1 Show response
3142.fun/ 131 KB
15 KB 194ms
194ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

9805b30f5e5d0c02b2bbc9e33485bf49b9c87ecd84571b9a481ef07cfd1a047f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: en-US,en;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.79.6
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json
Referer: https://3142.fun/
x-app-language: ru_RU
x-app-modernity: modern
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
689 B 79ms
78ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a8d842dbcf583e49fc9c648d54f6fa3721dabb382b0c4afb8cb5132993a9adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 15:35:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:41:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
634 B 77ms
76ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 14:04:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:41:34 GMT

GET
H2 200 sprite.b67cacbc.svg
3142.fun/img/ 423 KB
147 KB 158ms
158ms Other
image/svg+xml 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://3142.fun/img/sprite.b67cacbc.svg
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendor-vue.c05b43e8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 109-237-26-154.ip.linodeusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3a11abde75e5fd8e5925de1c46e0abefd3ec85b52456c1e852b718b31bf9ddcd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 11:56:21 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"65a7c065-69c44"
content-type: image/svg+xml
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-route-views-banners.da12fc7a.js Show response
mrspeedtime.gcdn.co/js/ 26 KB
6 KB 33ms
32ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-route-views-banners.da12fc7a.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c4170d882f1bf5f9d3519366034e47330adc672725588cd3f143dffe8eb4d22f

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: br
x-cached-since: 2024-01-15T12:57:38+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 6243
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-73057079b661de454a4a7a9db37310bc-a3f1eb7970346d09-01
etag: "65a14a78-1863"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async-module-slip.dae76523.js Show response
mrspeedtime.gcdn.co/js/ 165 KB
29 KB 33ms
32ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-module-slip.dae76523.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 78d09b05ebf72a25ad44d2e9c9561f75ed91eeb31b56bb977131033724d695dd

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: br
x-cached-since: 2024-01-15T12:57:39+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 29393
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-0be5626d5c328e0e0095d06f229505f9-a2fce90ef061fd6d-01
etag: "65a14a78-72d1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 headline-matches Show response
3142.fun/api-2/betline/ 66 KB
9 KB 245ms
244ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-2/betline/headline-matches?ctag=ru-RU&flags=reg,urlv2,mm2,rrc&merged=true

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ec159c6037356a119aed5e8f72298f322fa13c822a0961207601f735ea21691a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
X-APP-THEME: DARK
x-app-browser: chrome
x-app-version: 6.79.6
x-app-os: windows
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://3142.fun/
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 headline-matches Show response
3142.fun/api-2/betline/ 66 KB
9 KB 244ms
243ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-2/betline/headline-matches?ctag=ru-RU&flags=reg,urlv2,mm2,rrc&merged=true

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ec159c6037356a119aed5e8f72298f322fa13c822a0961207601f735ea21691a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
X-APP-THEME: DARK
x-app-browser: chrome
x-app-version: 6.79.6
x-app-os: windows
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://3142.fun/
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 logo.79938eaf.svg
mrspeedtime.gcdn.co/img/ 1 KB
889 B 100ms
36ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrspeedtime.gcdn.co/img/logo.79938eaf.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: bb0581de4c73e0dc2cc1522b7876e8d5a5f2415e2bfb648e480d6dfb812bb00f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: br
x-cached-since: 2024-01-15T14:15:25+00:00
x-id-fe: mi1-hw-edge-gc32
content-length: 561
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-79518ce125a6cb48bdd14cf82153d079-e79d81edbc8ca665-01
etag: "65a14a78-231"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sports Show response
3142.fun/api-2/betline/ 149 KB
21 KB 240ms
240ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-2/betline/sports?ctag=ru-RU&flags=urlv2

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7591af9accee476364929ca77fe1a65394b8eba11afc0bd58d7201a91f30f63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
X-APP-THEME: DARK
x-app-browser: chrome
x-app-version: 6.79.6
x-app-os: windows
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://3142.fun/
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 api-1 Show response
3142.fun/ 14 KB
5 KB 184ms
183ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0d0d3626a25971ce13abaf0ebd9c9be53fa017fb3dd29d56befaee34dd1e44ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: en-US,en;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.79.6
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json
Referer: https://3142.fun/
x-app-language: ru_RU
x-app-modernity: modern
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 color-live-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 622 B
743 B 73ms
39ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-live-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c3862cc2028935c5a5f21f873fe7efdc309a56a5776f5a55453c25e94c804b77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Thu, 25 Mar 2021 21:01:52 GMT
server: nginx
traceparent: 00-3ad269489d712014ef691e1157e2c013-a4e0194115cdf3c2-01
etag: "605cfa40-26e"
x-cached-since: 2024-01-15T22:52:28+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 622
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-cherry-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 2 KB
1 KB 70ms
36ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-cherry-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f7c787a6c2d25303927c9c7a8c60a941044203e259f96a120f8559aac119b7da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 17:11:17 GMT
server: nginx
traceparent: 00-23a7460fea6ae5cf501b5afb8e2fd9af-99325a7fe0cebedf-01
etag: W/"6054db35-903"
x-cached-since: 2024-01-15T22:52:28+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-roulette-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 5 KB
2 KB 72ms
38ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-roulette-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 988e9effd6680b71fa8355efb7f41e55baf7fa096fff438cc8838ad0186043a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 17:11:17 GMT
server: nginx
traceparent: 00-68025e097929281a78cb8736ef160d27-4361c501ec6498e2-01
etag: W/"6054db35-12f5"
x-cached-since: 2024-01-15T22:52:28+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-tv-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 700 B
800 B 71ms
37ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-tv-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7e67ee52b9a022aa7601e1a818cfa91bd7bd9dd4d4e677e24891033ed87b9b61

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Fri, 19 Mar 2021 17:11:17 GMT
server: nginx
traceparent: 00-99f2543c8943bda5c30023708745b9c6-8e7269ea10acc19b-01
etag: "6054db35-2bc"
x-cached-since: 2024-01-15T22:52:28+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 700
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-esport.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 3 KB
1 KB 73ms
39ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-esport.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3dda9b271d14659c452372e5ea0ffeff160b98f06a8f71a1636513fcc9dee439

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 17:11:17 GMT
server: nginx
traceparent: 00-26291c528b7e77524cfb839d3a9c1f23-b10208bf89f48074-01
etag: W/"6054db35-c49"
x-cached-since: 2024-01-15T22:52:28+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-fastgames-1.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 1 KB
883 B 71ms
37ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-fastgames-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fa3b577a638cbb33b1bc0324a32c3f032f945586d316b994e73b766d6e776b66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 12:10:23 GMT
server: nginx
traceparent: 00-5ceaaebfff56543258f4f3449665dc8e-9e52d37f64d5498e-01
etag: W/"6220b02f-55b"
x-cached-since: 2024-01-15T22:52:28+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-promos.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 2 KB
956 B 32ms
32ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-promos.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 78271c224efe35393eead263436870aa77b3f67c0ee8abd649edfff455c5dfec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 11:27:28 GMT
server: nginx
traceparent: 00-03ee932dbc2a9ebd0ca4eda5f373ac6d-de1cc229d3d5ab1c-01
etag: W/"62ea5ba0-699"
x-cached-since: 2024-01-15T22:52:28+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 api-1 Show response
3142.fun/ 30 KB
4 KB 170ms
170ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b1e7b9a79ef6fcfcbacdb1d6e03b7af7e21d4dbf18340ab38aac52540f8a94b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: en-US,en;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.79.6
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json
Referer: https://3142.fun/
x-app-language: ru_RU
x-app-modernity: modern
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
616 B 78ms
77ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;700;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a8d842dbcf583e49fc9c648d54f6fa3721dabb382b0c4afb8cb5132993a9adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 14:24:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:41:35 GMT

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
561 B 79ms
79ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 14:16:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:41:35 GMT

GET
H2 200 scores24_t_49049.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 3 KB
3 KB 35ms
32ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_49049.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 016d0138077e5e36688ee8162341a4df2fde793d14c7d582f4ec85304a395cc2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Mon, 16 Oct 2023 07:48:33 GMT
server: nginx
traceparent: 00-c8cc14f895e8fbc41d1d3a27d3455bab-4cafeafdb3fef8af-01
etag: "652cead1-aab"
x-cached-since: 2024-01-17T06:42:41+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 2731
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:4723.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 1 KB
1 KB 37ms
34ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:4723.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b6fed75b5b92363f42933afd6571ddbcdeafcbf9a01248077512b5eb68223662

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Tue, 15 Nov 2022 14:43:18 GMT
server: nginx
traceparent: 00-6e6996c3982160772ac00d7c3b6d2914-7305af46bf9892eb-01
etag: "6373a586-578"
x-cached-since: 2024-01-17T06:42:41+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 1400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24_t_8032.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 2 KB
2 KB 602ms
599ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_8032.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4f869d66fe7c47cc458ea5ad57eb63738fed179f7c2a538a055cb037967ca623

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Mon, 16 Oct 2023 07:25:52 GMT
server: nginx
traceparent: 00-246f35edbea5ecbe59216be3ea9d0a71-4e5f08e71d7aefab-01
etag: "652ce580-805"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 2053
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24_t_23478.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 2 KB
2 KB 604ms
601ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_23478.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 310ff5867a7f1415ef11a23399f752aa8a68828c252a7cb8736ba3543f6a161d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Mon, 16 Oct 2023 07:29:55 GMT
server: nginx
traceparent: 00-187ed2374e8d102aef94cd34e4a32e17-0c7ea249365dad54-01
etag: "652ce673-6ee"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 1774
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24_t_2321-2.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 4 KB
4 KB 605ms
602ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_2321-2.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c48b65c0d1eab3eb47f861ef59b67c29fb4628c228ed563318731f8be35dfda7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Thu, 11 May 2023 12:42:30 GMT
server: nginx
traceparent: 00-8cda11fcf6739c29d1136adc61b3e65d-9cbf9bab7df53ccc-01
etag: "645ce2b6-fa0"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 4000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:40259.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 50 KB
50 KB 759ms
757ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:40259.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c02ffbed37347fd6d0c2c3e9e748b33b2028988e589a9e5e6ee200b310a5aae1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 21 Nov 2022 20:48:41 GMT
server: nginx
traceparent: 00-93111474e5b1676f228af47d73ed3573-09bcd79e370bd500-01
etag: "637be429-c66a"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 50794
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:42-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 18 KB
18 KB 762ms
761ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:42-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d26d252e0cacb8f1b0757afad0ec4d1c134960a7df680649d3cdf84fc6402e02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:03:05 GMT
server: nginx
traceparent: 00-7a35ace60c143a50bbf3d86b1be3c877-f435e6ab18abb01e-01
etag: "63722069-48a3"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 18595
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:7-2.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 21 KB
21 KB 36ms
35ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:7-2.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 426ddf3584e1c7bee6ebddff437b55f5202c03086cc4c53a538f1265e87c0d3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Mon, 14 Nov 2022 11:03:32 GMT
server: nginx
traceparent: 00-6171f77dad87d56beb17cd61c45ea81b-6e7309acc6f6495b-01
etag: "63722084-5555"
x-cached-since: 2024-01-15T22:52:33+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 21845
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:286017-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 11 KB
11 KB 37ms
36ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:286017-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c4e3d00cc510023a812bfd00f1409caeb44107f21bb1679ae093712aecbc6afe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Mon, 14 Nov 2022 12:11:34 GMT
server: nginx
traceparent: 00-179eec9f2a02f74eff79ab9882f53060-1dbbf29ea2c641e6-01
etag: "63723076-2ab9"
x-cached-since: 2024-01-18T12:11:50+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 10937
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:2817-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 12 KB
12 KB 36ms
36ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:2817-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 921329187f251f77c4eeaf04ff2f3189cff526837179ccad6b898304fe14e52e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Mon, 14 Nov 2022 11:15:49 GMT
server: nginx
traceparent: 00-88792c49d99538f89d0b1079594bf33a-dd960910d987cfec-01
etag: "63722365-3045"
x-cached-since: 2024-01-18T12:11:50+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 12357
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:6921-2.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 19 KB
19 KB 754ms
754ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:6921-2.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a54fcf62a4562abe6992772d3232aab8e7654660f54edace40563ad6034bdf15

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 12:15:19 GMT
server: nginx
traceparent: 00-833feea8919393049c5b906dfca8a851-22e9205af9041da2-01
etag: "63723157-4b4c"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 19276
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24_t_1644-4.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 13 KB
13 KB 227ms
227ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_1644-4.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1f72c7c35a3d75af7c846f2c90ed32962077ec11ebe78e2b2785248166b32101

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Fri, 27 Oct 2023 11:45:29 GMT
server: nginx
traceparent: 00-de12bd09d7c09b42d2cb4897ed78decc-f2068f76e8d70a6b-01
etag: "653ba2d9-349e"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 13470
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:2697-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 7 KB
7 KB 33ms
32ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:2697-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 837f9e94e54860fc954e078403376f86a443f05aab552f5e6c53538f29ab3da5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Mon, 14 Nov 2022 11:29:37 GMT
server: nginx
traceparent: 00-3eb63ed2083c63a83df43b0cf54cf94b-fa399633664c6ae6-01
etag: "637226a1-1a06"
x-cached-since: 2024-01-18T12:11:55+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 6662
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:2699-2.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 9 KB
9 KB 33ms
33ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:2699-2.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9e8fc4c8e13a101ff6dc68c7e9e595e8315aa37cde1fb9d5d515a8fd1247d03f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
last-modified: Mon, 14 Nov 2022 11:23:51 GMT
server: nginx
traceparent: 00-46f61a9809c47527cfbb02c4a7b89a86-d9fb5a6fe79ae249-01
etag: "63722547-2225"
x-cached-since: 2024-01-18T12:11:55+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 8741
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:2695-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 127 KB
127 KB 377ms
377ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:2695-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4925daa8577607e528c9d7e14ba3650f2efb567f344566fe6fbf81c7f99785d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:30:30 GMT
server: nginx
traceparent: 00-5ce611dbcb37549bf232ce47b2519ec5-e15035fc51b92981-01
etag: "637226d6-1fb43"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 129859
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24_t_2692-7.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 6 KB
6 KB 220ms
220ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_2692-7.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f2c2c362f1c16308f9167628fb550b92b0f2119f2ec3f46a7d69a5a935b4077c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Fri, 22 Dec 2023 13:23:23 GMT
server: nginx
traceparent: 00-f7fa4499f95780fab7c2306570c0a5ed-facb31666273fed8-01
etag: "65858dcb-169c"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 5788
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:7857.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 13 KB
13 KB 231ms
231ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:7857.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 95e298f3f0c1797323e9859e9781a6c9d5be9852661e6aa74dccfb5fa877d033

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:05:05 GMT
server: nginx
traceparent: 00-d894591cd631d7bae6f9ff1c6ab3184b-9c4349b6ae707d4b-01
etag: "637220e1-3278"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 12920
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:5606.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 14 KB
14 KB 227ms
226ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:5606.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5ce640a319d1d0b26e08eff5594a136f202a8414475c8186953c835763261fa8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:05:15 GMT
server: nginx
traceparent: 00-f7ee93941ddacaf0ed8f548b1af2cebc-b72ee5a8accb9a35-01
etag: "637220eb-36ab"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 13995
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:43854.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 5 KB
5 KB 226ms
225ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:43854.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 07417c2a27f28f7a89009236e4de55f08251fef62620289addd8815b7da5acab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:05:02 GMT
server: nginx
traceparent: 00-364664e43df3651ff68f1223278708e2-40f431edfaafa689-01
etag: "637220de-151f"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 5407
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24_t_3951-4.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 8 KB
8 KB 220ms
220ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_3951-4.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 854bb99207fff470ef40ad1e92da6958b126c9c974ed2533e76d5c42b12233d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 16 Oct 2023 07:22:59 GMT
server: nginx
traceparent: 00-9fb496289bef3fa5ed9840937a09e059-6bfb5fc82d24f25e-01
etag: "652ce4d3-2175"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 8565
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:24985.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 6 KB
6 KB 220ms
220ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:24985.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 593781c36e06f144d48aff47d196f9402f293f4c10bc0c57fb430c0d729b25db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:05:30 GMT
server: nginx
traceparent: 00-8e3516ba84f9e071664bcb183c05e922-a29137bf42390ac4-01
etag: "637220fa-1943"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 6467
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:3946.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 4 KB
4 KB 226ms
225ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:3946.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 16aca23e54679eb44d5a673c7802ad35d83cb5e9834a013da075929a8722b58d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:24:44 GMT
server: nginx
traceparent: 00-97f87554d8373f4e8423515fa545e0c0-92107288728dec84-01
etag: "6372257c-e1e"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 3614
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:3938.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 6 KB
6 KB 216ms
216ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:3938.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c920601b759fa1845f019d5451374520de474c22477e2f36b8c264ac1a0c2cd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:05:01 GMT
server: nginx
traceparent: 00-a61e525baf75ee4acf2339a4ec74195f-f6ea13e70c06c78b-01
etag: "637220dd-17a4"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 6052
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:111039.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 9 KB
9 KB 224ms
224ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:111039.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 30d46add0559c771c90a618ca8f9d3442488e0f4ebad5db485b57ea1aa3176a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:05:21 GMT
server: nginx
traceparent: 00-a99822ac53631c7d640023f2165956e0-d1a0ebae5f1f3dff-01
etag: "637220f1-2227"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 8743
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:167370-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 17 KB
17 KB 33ms
32ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:167370-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2aa372c9648ffaee76c4446778b683b28799c388da3ba2fae9cdfc84706671e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:46:13 GMT
server: nginx
traceparent: 00-3936d269cb8328c58f0f5a6a54fbeb0d-3b047affa895a977-01
etag: "63722a85-4471"
x-cached-since: 2024-01-18T12:11:56+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 17521
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:163504.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 16 KB
16 KB 33ms
32ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:163504.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: bb09413f3e2a0fdb59a882f320ad10497e9337c94a3ea8cb343d9cac78de82dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 12:01:46 GMT
server: nginx
traceparent: 00-70e41bc40033fafcaca1a5daf1abbccc-13be6ec96303321a-01
etag: "63722e2a-401c"
x-cached-since: 2024-01-18T12:11:56+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 16412
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24_t_300540.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 12 KB
12 KB 32ms
32ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_300540.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c22487f66e505f19f7460d4225008b3977eac3df04dbe9f550065079c17e83c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 16 Oct 2023 07:57:46 GMT
server: nginx
traceparent: 00-b50ec63613b952835def6e6f5d92d9cc-6ba8a4569a866742-01
etag: "652cecfa-2f4a"
x-cached-since: 2024-01-17T08:41:18+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 12106
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:90080-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 16 KB
16 KB 34ms
32ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:90080-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 285acc40b400ec6cf1fd79ede780e96e06400b92ec9734867e15ddf5c97d17fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:24:48 GMT
server: nginx
traceparent: 00-c67d65afe8773f65f88c0d774349a287-87deaf7b28147831-01
etag: "63722580-3f12"
x-cached-since: 2024-01-18T12:12:09+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 16146
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:203681.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 15 KB
15 KB 34ms
33ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:203681.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 36ef46e15ad8804913decafc9b7513874320871a57165032a2c0c77bc23e86a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Mon, 14 Nov 2022 11:24:46 GMT
server: nginx
traceparent: 00-5dbdd560289b4b6e55e5b6143d673110-7b430125121ddf3c-01
etag: "6372257e-3c98"
x-cached-since: 2024-01-17T08:41:18+00:00
content-type: image/png
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 15512
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:106755.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 20 KB
20 KB 249ms
248ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:106755.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 512496753c87e333cc5ba64e638a8cbf5c1c312ee987ffc57f3aef9d9e45c9c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:37 GMT
last-modified: Mon, 14 Nov 2022 11:22:53 GMT
server: nginx
traceparent: 00-1694be5506253ca349a779c1f53495f6-1b1ed77768dcc497-01
etag: "6372250d-509a"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 20634
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24_t_318195-1.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 12 KB
12 KB 224ms
223ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_318195-1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7454296105acbe8ea802fe5e08ee18796f8222359444c64d6008f9db6c02012e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:37 GMT
last-modified: Tue, 21 Nov 2023 05:22:14 GMT
server: nginx
traceparent: 00-f903c724cc41534a961ff957906159fb-82ea958da12300dc-01
etag: "655c3e86-2e4c"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 11852
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:6663.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 6 KB
6 KB 219ms
218ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:6663.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7f7a7e031601633193daa481b5ca6556e016eb9de00cc106620460083e56dc83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:37 GMT
last-modified: Mon, 14 Nov 2022 12:15:20 GMT
server: nginx
traceparent: 00-e8fd0406294e2094c9b7b79edc1b2621-2bdb861808d7979e-01
etag: "63723158-1683"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 5763
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24_t_748405.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 6 KB
7 KB 222ms
222ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_748405.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1112f78fcfaf4d2ae2c798f9e9fe11ca902393fcfcd7e76aeb6ce8a02d105dc2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:37 GMT
last-modified: Mon, 16 Oct 2023 07:55:57 GMT
server: nginx
traceparent: 00-4ccd02a3ab111c72314c15b57377abb7-4af9c008a3eb89bb-01
etag: "652cec8d-19c0"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 6592
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:6969.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 29 KB
29 KB 236ms
235ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:6969.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 55b2b2e1432df24589a0d088970f8f3589941f91717293869a0244ccc81668ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:37 GMT
last-modified: Mon, 14 Nov 2022 12:15:23 GMT
server: nginx
traceparent: 00-39f71fdd9daf9b4847b8c2cd62ad053a-9ceb19190ef4023c-01
etag: "6372315b-746f"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 29807
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scores24:t:32426.png
cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/ 4 KB
4 KB 226ms
226ms Image
image/png 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24:t:32426.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ddce2c829dc0140e091183d23efcd03308b8f2152da6b75c553f40bb03d73bf6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:37 GMT
last-modified: Mon, 14 Nov 2022 12:15:27 GMT
server: nginx
traceparent: 00-22aec9121f325c0c6734010109524aee-6958b2697b8b3b13-01
etag: "6372315f-1086"
content-type: image/png
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 4230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mascot.489c5ee3.svg
mrspeedtime.gcdn.co/img/ 6 KB
3 KB 38ms
38ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrspeedtime.gcdn.co/img/mascot.489c5ee3.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5f60ba2783fe1359d0ea58a96615b3e85756a33b0ea7d9cc5d20845128980a8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: br
x-cached-since: 2024-01-12T13:42:01+00:00
x-id-fe: mi1-hw-edge-gc32
content-length: 2500
last-modified: Wed, 20 Dec 2023 10:32:23 GMT
server: nginx
traceparent: 00-1aeca887a34a118a73ee2f15b092a1c1-5fc722b57d38ebfb-01
etag: "6582c2b7-9c4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
86 KB 91ms
88ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02994d097a57d982a448d1f479706272213f042ffb1760a6e5d9d531b18aaa38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jan 2024 15:41:35 GMT

GET
H/1.1 200
OK js Show response
track.leonretarget.com/pixel/ 477 B
802 B 378ms
69ms Script
text/javascript 88.214.195.109
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://track.leonretarget.com/pixel/js?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.109 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: b2cb126cc335d3af70094c5627edc02a541ceb27d3c6c51906dd80589795df8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 15:41:35 GMT
Server: nginx/1.20.0
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 477
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 249ms
62ms Script
application/x-javascript 2600:9000:2191:a400:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: 3142.fun
URL: https://3142.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2191:a400:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:09:36 GMT
content-encoding: gzip
via: 1.1 f2c051917a765f1d1a1cd2ce1622adb8.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 15:09:26 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: IAD89-C1
age: 1919
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: zhVL3pfUXI1wAnSxhgzGk_dQ5J8A8JZpxs-349A4ozdM1EIntMLCAg==
expires: Thu, 18 Jan 2024 16:09:36 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 415ms
72ms Script
application/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: 3142.fun
URL: https://3142.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002c3f35d322d138ac-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 tag-manager.js Show response
tm.ads.sportradar.com/dist/ 370 KB
35 KB 69ms
69ms Script
application/javascript 2600:141b:1c00:22::1730:e06a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Requested by: Host: 3142.fun
URL: https://3142.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:22::1730:e06a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c35d7693a27259b4f2b3cbf122cbf3511ebd9858b4e9a50878d0326baeb32fa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
x-n: S
content-length: 36091
apigw-requestid: Rvf7YgnNDoEEMjw=

GET gtr.min.js
dsp-media.eskimi.com/assets/js/e/ 0
0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 245ms
63ms Script
application/javascript 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 3142.fun
URL: https://3142.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 25 Jan 2024 15:41:35 GMT

GET
H2 200 sprite.b67cacbc.svg
3142.fun/img/ 423 KB
147 KB 154ms
154ms Other
image/svg+xml 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://3142.fun/img/sprite.b67cacbc.svg
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendor-vue.c05b43e8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 109-237-26-154.ip.linodeusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3a11abde75e5fd8e5925de1c46e0abefd3ec85b52456c1e852b718b31bf9ddcd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 11:56:21 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"65a7c065-69c44"
content-type: image/svg+xml
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 color-margin-0.svg
cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/ 4 KB
2 KB 39ms
38ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-margin-0.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9500d42196478f9d0c4bd68ba9fc8d248bb4bc5b711532ca57f950bf5e311a1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 11:53:22 GMT
server: nginx
traceparent: 00-51bbbbcbdc1b7ab1cb307453360fc683-5009c90aea9302d8-01
etag: W/"62386732-11dd"
x-cached-since: 2024-01-15T22:52:28+00:00
content-type: image/svg+xml
cache-control: max-age=315360000, public
cache: HIT
x-id-fe: mi1-hw-edge-gc32
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 api-1 Show response
3142.fun/ 1 KB
753 B 177ms
176ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2a708f527cf5d4cdf1ecaba7fc6b67fd7ef1f190d9e6654b19e69d718c55b6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: en-US,en;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.79.6
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json
Referer: https://3142.fun/
x-app-language: ru_RU
x-app-modernity: modern
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 bg-1448x3-111111+%281%29-4@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 184 KB
185 KB 779ms
778ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/bg-1448x3-111111+%281%29-4@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 902297034156b818d33207f23de8705ffdb46f5fb98de87b91e6927b50dec758

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Fri, 22 Dec 2023 16:04:54 GMT
server: nginx
traceparent: 00-95db494a992609d370fcdcdd28a5b3a2-39a186797f77bdd0-01
etag: "6585b3a6-2e1f6"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 188918
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Frame-15x3111-80@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 86 KB
86 KB 384ms
383ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/Frame-15x3111-80@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5e6ea8dfae0d887a7fee57d34a937b369c72f6463772751e7e55dd6f12f87340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Fri, 22 Dec 2023 16:04:49 GMT
server: nginx
traceparent: 00-8e2ceac1f2f5d86ae8a13767fe177b03-da1be5394ace1dd3-01
etag: "6585b3a1-15842"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 88130
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2460x696-148@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 134 KB
135 KB 377ms
376ms Image
image/webp 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/2460x696-148@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 844ccbb65093e08b508083f570c20697d88d062eb41fd302bfc4f7acad0dea3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:36 GMT
last-modified: Wed, 17 Jan 2024 10:35:11 GMT
server: nginx
traceparent: 00-97e982a5ea9490152d46a8640781070d-7ae4f08e981b952e-01
etag: "65a7ad5f-219d2"
content-type: image/webp
cache-control: max-age=315360000, public
cache: MISS
x-id-fe: mi1-hw-edge-gc32
accept-ranges: bytes
content-length: 137682
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
leoncas.com/rest/auth/saved-passwords/ 34 B
570 B 427ms
151ms Fetch
application/json 109.169.10.207
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncas.com/rest/auth/saved-passwords/
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.169.10.207 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e19237af2d984f7b772577bee8f16b86c42e21212c0f9cb0fb17762cc2de04e4

Request headers

x-app-layout: desktop
Referer: https://3142.fun/
x-app-os: windows
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform: web

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://3142.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, x-app-layout, x-app-browser, x-app-version, x-app-os, x-requested-uri, x-app-skin, x-app-rendering, x-app-platform, x-app-env, x-app-modernity, user-agent, cookie
expires: 0

OPTIONS
H2 200 /
leoncas.com/rest/auth/saved-passwords/ Frame 0
0 479ms
147ms Preflight 109.169.10.207
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncas.com/rest/auth/saved-passwords/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.169.10.207 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-app-layout,x-app-os,x-app-platform
Access-Control-Request-Method: GET
Origin: https://3142.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, x-app-layout, x-app-browser, x-app-version, x-app-os, x-requested-uri, x-app-skin, x-app-rendering, x-app-platform, x-app-env, x-app-modernity, user-agent, cookie
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin: https://3142.fun
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 18 Jan 2024 15:41:36 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 tracker.js Show response
tracker.ads.sportradar.com/dist/ 27 KB
7 KB 358ms
332ms Script
application/javascript 2600:141b:1c00:22::1730:e06a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist/tracker.js
Requested by: Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAQ5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:22::1730:e06a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:36 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 08:33:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "235331a0761142ae4fd345cdf7c7f9ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
x-amz-cf-id: iftfTPfsjK9MyrP0MQ5gXXo1x2XRtMfBGyOoBBgfjTR7Xz2xv5PVxQ==
content-length: 6405

GET
H2

200

pixel Show response
a.sportradarserving.com/ul_cb/
Redirect Chain

https://a.sportradarserving.com/pixel?type=js&aid=1060&id=1235
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235

1 KB
2 KB

145ms
144ms

Script
text/javascript

35.211.233.246
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
Protocol: H2
Server: 35.211.233.246 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 246.233.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 9a64dde940836950e05b6dd0531afa6438a907deab2d56be4d76c7a7dbe8bf0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:36 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1528
content-type: text/javascript; charset=UTF-8

Redirect headers

location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1060&id=1235
date: Thu, 18 Jan 2024 15:41:36 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

bounce Show response
secure.adnxs.com/ Frame EF73
Redirect Chain

https://20828756p.rfihub.com/ca.html?ver=9&rb=43197&ca=20828756&_o=43197&_t=20828756&pe=https%3A%2F%2F3142.fun%2F&pf=&ra=39524563639326127
https://secure.adnxs.com/seg?add=29896390&t=2&ver=9&pe=https%3A%2F%2F3142.fun%2F&pf=
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252F3142.fun%252F%26pf%3D

43 B
1006 B

69ms
68ms

Document
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252F3142.fun%252F%26pf%3D

Requested by

Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://3142.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: ab89d0d3-36b7-4a75-960b-8084809e8f90
cache-control: no-store, no-cache, private
content-length: 43
content-type: image/gif
date: Thu, 18 Jan 2024 15:41:36 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 38.132.118.71; 38.132.118.71; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 799aa6ed-d7c6-409e-beea-bb2af99c4d81
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:41:36 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29896390%26t%3D2%26ver%3D9%26pe%3Dhttps%253A%252F%252F3142.fun%252F%26pf%3D
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 38.132.118.71; 38.132.118.71; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 182 KB
66 KB 85ms
84ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-11843672&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e64eeaf0e92eacd9a9ffabb59dfdfa21c208a3d6d2c612637fabf2acfc7d15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67712
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jan 2024 15:41:35 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
249 B 213ms
76ms Ping
text/plain 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je41a0v871047016z8890860847&_p=1705592494664&gcd=11l1l1l1l1&dma=0&cid=1937037005.1705592496&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705592495&sct=1&seg=0&dl=https%3A%2F%2F3142.fun%2F&dt=Leon%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=2772
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:824::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3142.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
track.leonretarget.com/ 0
292 B 73ms
73ms Image
text/plain 88.214.195.109
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.leonretarget.com/pixel?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined&site=3142.fun&ln=en-US
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.195.109 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 15:41:35 GMT
Server: nginx/1.20.0
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sunSw.ed0b29cf.svg
mrspeedtime.gcdn.co/img/ 447 B
385 B 34ms
33ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrspeedtime.gcdn.co/img/sunSw.ed0b29cf.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 775042c1fe9439c9066a6d08cb873a8be580b1f68bc1d0cec530291043fe3bd5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: br
x-cached-since: 2024-01-17T08:41:16+00:00
x-id-fe: mi1-hw-edge-gc32
content-length: 274
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-4450ce6309640e55d5977a7e805a3552-482fac389358f8a6-01
etag: "65a14a78-112"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 moonSw.42d77c61.svg
mrspeedtime.gcdn.co/img/ 382 B
368 B 33ms
32ms Image
image/svg+xml 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrspeedtime.gcdn.co/img/moonSw.42d77c61.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c020aa5e9eb7aac89747e8a51508d90351d160dfe83e4b0a21dbbb0f05be0f9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc32
date: Thu, 18 Jan 2024 15:41:35 GMT
content-encoding: br
x-cached-since: 2024-01-17T08:41:16+00:00
x-id-fe: mi1-hw-edge-gc32
content-length: 241
last-modified: Fri, 12 Jan 2024 14:19:36 GMT
server: nginx
traceparent: 00-800376eb8fddd66887ea73a75a2661e2-f59a88d41b9e050f-01
etag: "65a14a78-f1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 419ms
283ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap&family=Mulish:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:35:36 GMT
x-content-type-options: nosniff
age: 14760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 11:35:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 328ms
193ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 09:33:07 GMT
x-content-type-options: nosniff
age: 108509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 09:33:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 382ms
247ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 05:18:29 GMT
x-content-type-options: nosniff
age: 37387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 05:18:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 218ms
83ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 04:14:19 GMT
x-content-type-options: nosniff
age: 127637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 04:14:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 201ms
67ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:28:27 GMT
x-content-type-options: nosniff
age: 169989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 16:28:27 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 21 KB
21 KB 326ms
194ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:03:52 GMT
x-content-type-options: nosniff
age: 167864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21140
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 17:03:52 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBK5XxxKA.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 12 KB
12 KB 382ms
268ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBK5XxxKA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3e4b292b01c63b6330f938b78f2ce00947b1ed0708030a843fd89c639b344a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 05:31:56 GMT
x-content-type-options: nosniff
age: 36580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12088
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 05:31:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 345ms
245ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 20:27:45 GMT
x-content-type-options: nosniff
age: 155631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 20:27:45 GMT

GET
H2

200

activityi;dc_pre=CN-P-Zaj54MDFYHt9gIdEr8NVA;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua... Show response
11843672.fls.doubleclick.net/ Frame A815
Redirect Chain

https://11843672.fls.doubleclick.net/activityi;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=...
https://11843672.fls.doubleclick.net/activityi;dc_pre=CN-P-Zaj54MDFYHt9gIdEr8NVA;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0...

551 B
480 B

95ms
94ms

Document
text/html

142.250.176.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11843672.fls.doubleclick.net/activityi;dc_pre=CN-P-Zaj54MDFYHt9gIdEr8NVA;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F3142.fun%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11843672&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f6.1e100.net

Software

cafe /

Resource Hash

31673c1e15daa49266f49bf51519645c0235fe69f1b33ff78bd7c82f3e80dbc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3142.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 15:41:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 15:41:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11843672.fls.doubleclick.net/activityi;dc_pre=CN-P-Zaj54MDFYHt9gIdEr8NVA;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F3142.fun%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 628 B
1 KB 642ms
147ms Script
text/javascript 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=3024289&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=325452006471&ADFtpmode=2&loc=https%3A%2F%2F3142.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5383fce7e28597cc99f37f3ae8c79cff4ffd9e953d0af6a98c2343a7b57f3265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 435
expires: -1

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=645099270236&ADFtpmode=2&loc=https%3A%2F%2F3142.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=645099270236&ADFtpmode=2&loc=https%3A%2F%2F3142.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

837 B
1 KB

69ms
69ms

Script
text/javascript

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=645099270236&ADFtpmode=2&loc=https%3A%2F%2F3142.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a142b9cb8f3498da8b403194c96891d13705043000a9e3e7f64dbb079848ac2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 683
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=645099270236&ADFtpmode=2&loc=https%3A%2F%2F3142.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 rules-p-C_a3_CVaT9dWt.js Show response
rules.quantcount.com/ 222 B
697 B 205ms
60ms Script
application/javascript 2600:9000:201e:a000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-C_a3_CVaT9dWt.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:201e:a000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a789b44412d2879eaf23bdec3da4f565594749435f436640a8f9bb35477fd10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:27:22 GMT
via: 1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C3
age: 855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 222
last-modified: Wed, 02 Aug 2023 13:00:19 GMT
server: AmazonS3
etag: "834f5ada9a90a08951234afdc6ad228e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: AWSB8fXU5Wy6JJp5iOfRCz2RIiZvD5HzBDShLJqYnxUYzFKZmr75gw==

GET
H2 200 sp-3.8.0.js Show response
tracker.ads.sportradar.com/dist// 73 KB
24 KB 353ms
353ms Script
application/javascript 2600:141b:1c00:22::1730:e06a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by: Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:22::1730:e06a Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:36 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 08:33:18 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "143272dddc33395008a84a86ac9c2e96"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
x-amz-cf-id: Cqxup5jXRWtNP0P_jHvOugFI303mBJdEPy5EcwqDH1Zz29bvGjs72A==
content-length: 24162

GET
H2 200 pixel;r=1799163510;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2F3142.fun%2F;uht=2;fpan=1;fpa=P0-236428984-1705592496064;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdp...
pixel.quantserve.com/ 35 B
372 B 90ms
73ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1799163510;labels=_fp.event.PageView;rf=0;a=p-C_a3_CVaT9dWt;url=https%3A%2F%2F3142.fun%2F;uht=2;fpan=1;fpa=P0-236428984-1705592496064;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=3142.fun;dst=0;et=1705592496343;tzo=600;ogl=image.https%3A%2F%2Fleonbets3%252Egcdn%252Eco%2FHRJLWPLB%2Fimages%2Fog%2Fleon%252Epng;ses=87234f78-5fdb-45a2-9af1-aabec137a31b;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55859/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=13f8c95e-0794-4544-85ab-5d342061579b&cb=e6445403-9a5f-45bf-8330-a40bc3224bbe
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=13f8c95e-0794-4544-85ab-5d342061579b&cb=e6445403-9a5f-45bf-8330-a40bc3224bbe
https://ups.analytics.yahoo.com/ups/55859/sync?uid=deccb77d-ed9f-493a-96a9-901cf9bc66d0&_origin=1&gdpr=&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55859/sync?uid=deccb77d-ed9f-493a-96a9-901cf9bc66d0&_origin=1&gdpr=&gdpr_consent=&verify=true

0
121 B

60ms
59ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=deccb77d-ed9f-493a-96a9-901cf9bc66d0&_origin=1&gdpr=&gdpr_consent=&verify=true

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55859/sync?uid=deccb77d-ed9f-493a-96a9-901cf9bc66d0&_origin=1&gdpr=&gdpr_consent=&verify=true
date: Thu, 18 Jan 2024 15:41:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=13f8c95e-0794-4544-85ab-5d342061579b&cb=f62b5bc5-103a-4272-a91a-7b0b1b862308
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=13f8c95e-0794-4544-85ab-5d342061579b&cb=f62b5bc5-103a-4272-a91a-7b0b1b862308
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=7a99b888-342f-42e1-957f-d38b2ab5a668&expires=30&gdpr=&gdpr_consent=&us_privacy=

42 B
984 B

180ms
57ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=7a99b888-342f-42e1-957f-d38b2ab5a668&expires=30&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: //pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=7a99b888-342f-42e1-957f-d38b2ab5a668&expires=30&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 18 Jan 2024 15:41:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=13f8c95e-0794-4544-85ab-5d342061579b&cb=584e179b-8d12-4a55-897b-8ed8fd032a9a
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=13f8c95e-0794-4544-85ab-5d342061579b&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

68 B
280 B

198ms
57ms

Image
image/png

54.84.78.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=13f8c95e-0794-4544-85ab-5d342061579b&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Protocol: H2
Server: 54.84.78.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-78-68.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:36 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=13f8c95e-0794-4544-85ab-5d342061579b&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Thu, 18 Jan 2024 15:41:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

bsw_sync
use.sportradarserving.com/
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=409&user_id=13f8c95e-0794-4544-85ab-5d342061579b&user_group=3&redir=%2F%2Fuse.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
https://use.sportradarserving.com/bsw_sync?bsw_uid=7a99b888-342f-42e1-957f-d38b2ab5a668

43 B
112 B

69ms
60ms

Image
image/gif

35.211.233.246
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://use.sportradarserving.com/bsw_sync?bsw_uid=7a99b888-342f-42e1-957f-d38b2ab5a668
Protocol: H2
Server: 35.211.233.246 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 246.233.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:36 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Redirect headers

Location: //use.sportradarserving.com/bsw_sync?bsw_uid=7a99b888-342f-42e1-957f-d38b2ab5a668
Date: Thu, 18 Jan 2024 15:41:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 dc_pre=CN-P-Zaj54MDFYHt9gIdEr8NVA;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;... Show response
adservice.google.com/ddm/fls/i/ Frame ADAB 194 B
440 B 273ms
142ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CN-P-Zaj54MDFYHt9gIdEr8NVA;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F3142.fun%2F

Requested by

Host: 11843672.fls.doubleclick.net
URL: https://11843672.fls.doubleclick.net/activityi;dc_pre=CN-P-Zaj54MDFYHt9gIdEr8NVA;src=11843672;type=safev0;cat=safeg000;ord=605942017131;auiddc=137314472.1705592496;gtm=45fe41a0;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F3142.fun%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11843672.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 15:41:36 GMT
expires: Thu, 18 Jan 2024 15:41:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 9C04 4 KB
2 KB 155ms
70ms Document
text/html 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=645099270236&ADFtpmode=2&loc=https%3A%2F%2F3142.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

30f367aef0d220d8a40c80f7d963cfdaccbcf43c680924a92aab5cdb7cd1eecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3142.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 15:41:36 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
467 B 231ms
67ms Image
image/gif 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=6707339174782206439&stamp=ZkoppzYGO9oDvP-67D9Y4w2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 718 B
1 KB 149ms
148ms Script
text/javascript 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3024289&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=325452006471&ADFtpmode=2&loc=https%3A%2F%2F3142.fun%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=5785504079994652430

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3a0ffd5064021fa45146082c2065b456dd180e258da693cfe37c05f7076cc037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 605
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 9C04 0
384 B 68ms
67ms Image
text/plain 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 9C04 43 B
199 B 230ms
57ms Image
image/gif 34.198.208.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=6707339174782206439&Expiration=1706802096
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.198.208.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-208-133.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 15:41:36 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 9C04 0
400 B 288ms
169ms Image
text/plain 23.220.188.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=6707339174782206439
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.220.188.102 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-188-102.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 15:41:37 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 17 Jan 2024 15:41:36 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 9C04 0
655 B 176ms
57ms Image
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=6707339174782206439
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 368ba1c92c09ff88b641150fbbf94341
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame 9C04 0
38 B 453ms
148ms Image
text/plain 52.59.99.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=6707339174782206439&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.99.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-99-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:37 GMT
content-length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 9C04
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=6707339174782206439&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=2039726204738432471

35 B
591 B

71ms
70ms

Image
image/gif

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=2039726204738432471

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=2039726204738432471
pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 9C04 43 B
640 B 275ms
72ms Image
image/gif 63.251.28.233
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6707339174782206439
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.233 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 15:41:37 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1705592496978081-1212

GET
H2

200

bswsync
crb.kargo.com/api/v1/ Frame 9C04
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=6707339174782206439
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=7a99b888-342f-42e1-957f-d38b2ab5a668&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

43 B
359 B

202ms
56ms

Image
image/gif

35.174.112.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/bswsync?bsw_uuid=7a99b888-342f-42e1-957f-d38b2ab5a668&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Server: 35.174.112.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-112-174.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
x-accel-expires: 0
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: //crb.kargo.com/api/v1/bswsync?bsw_uuid=7a99b888-342f-42e1-957f-d38b2ab5a668&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 18 Jan 2024 15:41:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9C04
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6707339174782206439&expiration=1706802096
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6707339174782206439&expiration=1706802096&C=1

43 B
334 B

73ms
72ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=6707339174782206439&expiration=1706802096&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RGGqn7cahHFsQT4EkY%2BSIoWwnPTxgWWunkYgqrBYTyVQrbmUFArmsOiiuW5pZO1xs6080U2Hix08H0Z5i2zaBCiSTONYTp%2BPbLON7IwDdrx0es518kDvV0xfTDMloU4EWk1IGQsrZk7aw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8477f171ede08dfd-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xH1oUHQetRiYJUVNzgRlvViws1kT8wPN8SCJwawent54YjniOfFGY99dZyNFCDC8MCKTPstITKnfKhgj%2FLngsTjhmx%2Fm7wA8XDtn2pCZftIPUJNsNf%2BvNg0HcgyTwmNkME5clubrCILzlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=6707339174782206439&expiration=1706802096&C=1
cache-control: no-cache
cf-ray: 8477f1716d1c8dfd-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/adform/1/ Frame 9C04
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6707339174782206439&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6707339174782206439&sInitiator=external

42 B
603 B

70ms
70ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=6707339174782206439&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 15:41:37 GMT
Frontend-ID: 5
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type: image/gif
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Content-Length: 42
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 15:41:37 GMT
Frontend-ID: 2
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /adform/1/info2?sType=sync&sExtCookieId=6707339174782206439&sInitiator=external
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 9C04
Redirect Chain

https://ps.eyeota.net/match?uid=6707339174782206439&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=6707339174782206439&bid=9gdtmu1

70 B
440 B

58ms
57ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=6707339174782206439&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 18 Jan 2024 15:41:37 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=6707339174782206439&bid=9gdtmu1
Date: Thu, 18 Jan 2024 15:41:37 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 9C04
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6707339174782206439
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=6707339174782206439&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
466 B

243ms
65ms

Image
image/gif

2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Thu, 18 Jan 2024 15:41:37 GMT
x-age-lb: 578824
x-amz-request-id: tx000004f2912c4667b5218-0065909fa7-5134150-nyc
x-77-cache: HIT
x-accel-date: 1705013673
content-length: 43
x-77-nzt: A5ySJBY3Nzf/CNUIAJySO+I3Nzf/AAAAAM/T1GYr2akA
x-accel-expires: @1706050473
x-77-age: 578824
x-cache-lb: HIT
last-modified: Sat, 30 Dec 2023 22:32:08 GMT
server: CDN77-Turbo
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray: 1e192d080f05d3cdb146a965ed82ce1a
content-type: image/gif
x-rgw-object-type: Normal
accept-ranges: bytes

Redirect headers

date: Thu, 18 Jan 2024 15:41:37 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 9C04
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=6707339174782206439
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTNjcwNzMzOTE3NDc4MjIwNjQzORAAGg0IsY2lrQYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=0ba96f824ba04144158d5a936409358b0d5f7200a0592e8df0925e6465010a26791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0ba96f824ba04144158d5a936409358b0d5f7200a0592e8df0925e6465010a26791426b5417dce21&rand=07913372
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0ba96f824ba04144158d5a936409358b0d5f7200a0592e8df0925e6465010a26791426b5417dce21&rand=07913372&expected_cookie=364aa19c-ebd2-4540-b3b6-dd40b1c1a344

0
141 B

125ms
125ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0ba96f824ba04144158d5a936409358b0d5f7200a0592e8df0925e6465010a26791426b5417dce21&rand=07913372&expected_cookie=364aa19c-ebd2-4540-b3b6-dd40b1c1a344
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:37 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 69470B7672C44647818A4AB157A79799 Ref B: MIAEDGE2708 Ref C: 2024-01-18T15:41:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPOjL1ipznapTrQBMfeg==

Redirect headers

date: Thu, 18 Jan 2024 15:41:37 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 83041CA757704123AEACF30790806038 Ref B: MIAEDGE2708 Ref C: 2024-01-18T15:41:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=10339&puuid=0ba96f824ba04144158d5a936409358b0d5f7200a0592e8df0925e6465010a26791426b5417dce21&rand=07913372&expected_cookie=364aa19c-ebd2-4540-b3b6-dd40b1c1a344
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPOjLx8GU+wWny2VAcdA==

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6707339174782206439/gdpr=/ Frame 9C04
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=6707339174782206439/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6707339174782206439/gdpr=/gdpr_consent=

49 B
543 B

69ms
69ms

Image
image/gif

52.204.171.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6707339174782206439/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Server: 52.204.171.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-171-89.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.63.18
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=6707339174782206439/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.40.12.71
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 9C04 62 B
429 B 303ms
148ms Image
image/gif 184.50.205.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=6707339174782206439
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.50.205.247 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-50-205-247.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 18 Jan 2024 15:41:37 GMT
content-length: 62
content-type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 9C04
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6707339174782206439
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6707339174782206439

43 B
171 B

48ms
48ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6707339174782206439
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=6707339174782206439
date: Thu, 18 Jan 2024 15:41:37 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 9C04
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

465ms
152ms

Image
image/gif

52.92.17.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: HTTP/1.1
Server: 52.92.17.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 15:41:39 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: WPGSK05VGY9X5NSF
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: rc9VzXgh+oFiLFSSbqbsIEFy8YNZK7V7Ju4PBm73jw1MAJYbolh/MhIFd/jsur6mG43BgaJpO74=

Redirect headers

X-Error-Reason: Missing UserId
Date: Thu, 18 Jan 2024 15:41:36 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 9C04 0
338 B 184ms
57ms Image
text/plain 3.222.163.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=6707339174782206439
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.163.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-163-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n012-ash-prod.krxd.net
date: Thu, 18 Jan 2024 15:41:37 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1705592497
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 9C04 0
384 B 69ms
69ms Image
text/plain 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 9C04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NjcwNzMzOTE3NDc4MjIwNjQzOQ
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO-3vB1Vf9KZZQcg55Ckr-o&google_cver=1&google_ula=1641347,0

35 B
591 B

68ms
68ms

Image
image/gif

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO-3vB1Vf9KZZQcg55Ckr-o&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO-3vB1Vf9KZZQcg55Ckr-o&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame 9C04
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=7035727650848700544&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=6707339174782206439

43 B
999 B

160ms
159ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=6707339174782206439

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
an-x-request-uuid: 3ad2d5c5-e829-409e-892e-25f84524510d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.71; 38.132.118.71; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=6707339174782206439
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 9C04 42 B
472 B 182ms
56ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6707339174782206439
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 18 Jan 2024 15:41:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 9C04 43 B
444 B 210ms
53ms Image
image/gif 18.160.10.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-41.iad12.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 17 Jan 2024 23:17:03 GMT
Via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: IAD12-P3
Age: 59074
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: MRPAluUTbG8mtOJ2gQA5r0cQ42yNHKONVzidL0xJmP12jvZ1voCKnA==

GET
H/1.1

200

p
a.audrte.com/ Frame 9C04
Redirect Chain

https://a.audrte.com/a?adform_uid=6707339174782206439
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Y2gwekRpcC00VjZSVzJCVDdjeUl1VVI1dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

141ms
141ms

Image
image/png

34.241.132.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: HTTP/1.1
Server: 34.241.132.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-132-158.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 15:41:38 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 18 Jan 2024 15:41:37 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 9C04
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=6707339174782206439&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=6707339174782206439&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=07920392915923309942656737471530018388&noredirect=1

35 B
591 B

70ms
70ms

Image
image/gif

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=07920392915923309942656737471530018388&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-va6-2-v053-0b5ab674b.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: Z7NWyMopQVs=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=07920392915923309942656737471530018388&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 9C04
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=6707339174782206439
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213050604765005483546

35 B
601 B

285ms
67ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213050604765005483546

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
via: 1.1 b4346add631a498bf6cdbf88cbc5ff12.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: IAD89-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213050604765005483546
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: BaRGnKHHg6B3JRGmY-xrV_Y3wqHuSNo5XLf3TsagdFseGvsm1FzTqg==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 9C04
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7325463994942552215

35 B
600 B

68ms
67ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7325463994942552215

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7325463994942552215
Date: Thu, 18 Jan 2024 15:41:37 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 9C04 62 B
359 B 141ms
141ms Image
image/gif 184.50.205.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=6707339174782206439
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.50.205.247 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-50-205-247.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 18 Jan 2024 15:41:37 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 9C04
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=p5A8fkRY1Rquwp5

35 B
600 B

67ms
67ms

Image
image/gif

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=p5A8fkRY1Rquwp5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 15:41:36 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-048cc1f52903d580d@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=p5A8fkRY1Rquwp5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 9C04
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=1a936054-15cf-44b8-b061-84ed806cce58

35 B
591 B

115ms
68ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=1a936054-15cf-44b8-b061-84ed806cce58

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=1a936054-15cf-44b8-b061-84ed806cce58
date: Thu, 18 Jan 2024 15:41:37 GMT
server: Kestrel
content-length: 225

GET
H2

200

3.gif
id5-sync.com/cq/10/124/0/ Frame 9C04
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=6707339174782206439
https://id5-sync.com/c/10/10/2/1.gif?puid=6707339174782206439&gdpr=0&gdpr_consent=&us_privacy=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/1/2.gif?puid=7035727650848700544&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-5a16gwGoOTlMvBtfl4hoGnD7pGWC3nl2dG12GUcUGA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-5a16gwGoOTlMvBtfl4hoGnD7pGWC3nl2dG12GUcUGA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpu...
https://id5-sync.com/cq/10/124/0/3.gif?puid=1a62e55e-ab8d-46e8-a0f5-da3b6893e9d5&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

43 B
1 KB

143ms
142ms

Image
image/gif

162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/10/124/0/3.gif?puid=1a62e55e-ab8d-46e8-a0f5-da3b6893e9d5&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 18 Jan 2024 15:41:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/cq/10/124/0/3.gif?puid=1a62e55e-ab8d-46e8-a0f5-da3b6893e9d5&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
access-control-allow-origin: *
date: Thu, 18 Jan 2024 15:41:38 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 9C04
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3493207603
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kwwgdRTR3w6pf/nTDnhoN.

35 B
591 B

68ms
67ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kwwgdRTR3w6pf/nTDnhoN.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:36 GMT
via: 1.1 google
last-modified: Thu, 18 Jan 2024 15:41:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=kwwgdRTR3w6pf/nTDnhoN.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 9C04 23 B
278 B 381ms
72ms Image
image/gif 23.205.56.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=6707339174782206439
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.56.163 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-56-163.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 18 Jan 2024 15:41:37 GMT
pragma: no-cache
date: Thu, 18 Jan 2024 15:41:37 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9C04
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=6707339174782206439
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=9d0a19d48d&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=9d0a19d48d&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

90ms
90ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=9d0a19d48d&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 15:41:38 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZS8Z56BVA52049Z0T16G
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 15:41:38 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C79XP2ZY242X3KSXNQ9Z
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=9d0a19d48d&gdpr=0&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 6707339174782206439
match.contentexchange.me/adform/ Frame 9C04 0
49 B 485ms
154ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/6707339174782206439?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:38 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 9C04 43 B
109 B 250ms
101ms Image
image/gif 100.25.25.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=6707339174782206439
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.25.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-25-103.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:38 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 9C04
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=6707339174782206439&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6707339174782206439&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

59ms
58ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=6707339174782206439&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 18 Jan 2024 15:41:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=6707339174782206439&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 18 Jan 2024 15:41:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 put
e1.emxdgt.com/ Frame 9C04 43 B
120 B 259ms
56ms Image
image/gif 44.212.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=6707339174782206439
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.212.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-89-30.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:37 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2 200 plf
c1.adform.net/imatch/ Frame 9C04 0
384 B 68ms
68ms Image
text/plain 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=6707339174782206439&agencyId=9040&advertiserId=2176059&src=tp&rnd=184849
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 async-vendor-firebase.e8f0f0b9.js Show response
mrspeedtime.gcdn.co/js/ 44 KB
12 KB 33ms
33ms Script
application/javascript 2a03:90c0:9996::9996
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://mrspeedtime.gcdn.co/js/async-vendor-firebase.e8f0f0b9.js
Requested by: Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/app.7f83a052.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b8a6de9f0d5e88715fa12d66be5bdd14b0be6904956631fb55683d712bacb3d0

Request headers

Referer: https://3142.fun/
Origin: https://3142.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id: mi1-hw-edge-gc28
date: Thu, 18 Jan 2024 15:41:37 GMT
content-encoding: br
x-cached-since: 2024-01-10T08:53:52+00:00
x-id-fe: mi1-hw-edge-gc28
content-length: 12272
last-modified: Wed, 20 Dec 2023 10:32:23 GMT
server: nginx
traceparent: 00-81021382d52dda0ba7e227fe484d5b20-5525b95e8234552c-01
etag: "6582c2b7-2ff0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cache: HIT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 undefined Show response
widget.intercom.io/widget/ 7 KB
3 KB 212ms
70ms Script
application/javascript 108.138.64.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/undefined
Requested by: Host: 3142.fun
URL: https://3142.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.64.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-64-83.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13b86838d8b2a31e3a62596798a6f162d740047bf912644bf42135db72374189

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: kb.pxfUY3MlbIRf6jchOIUCtHnjufnr8
content-encoding: gzip
via: 1.1 f588325f7617672d954c4267c8bee1ea.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 15:37:13 GMT
x-amz-cf-pop: IAD12-P1
age: 273
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2705
last-modified: Thu, 18 Jan 2024 13:21:46 GMT
server: AmazonS3
etag: "7c548cd73166db0343c80186edfb77b4"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: YDbKhYF3y15Vl1pNRYhNaQee0Fysydq3Q3pMcRlaykuxUD4uhMPLcw==

POST
H2 200 api-1 Show response
3142.fun/ 195 B
494 B 155ms
154ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-1

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

97db4ce15015aa6cb56805729c37fc67c744ad0c8b41a729cc2ce462120c3921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
x-app-theme: DARK
x-app-browser: chrome
accept-language: en-US,en;q=0.9
x-app-platform: web
x-app-env: prod
x-requested-uri: /
x-app-skin: default
x-app-version: 6.79.6
x-app-os: windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json
Referer: https://3142.fun/
x-app-language: ru_RU
x-app-modernity: modern
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 frame-modern.bdb65c8e.js Show response
js.intercomcdn.com/ Frame FC90 878 KB
250 KB 189ms
61ms Script
application/javascript 18.154.227.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.bdb65c8e.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-81.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9efff73ca72160311c7faae32943026e13cc8158ef71161e486fea3862a56131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: rBP4ntRb1qWsLdhER39rAA7oy.MwwRhI
content-encoding: gzip
via: 1.1 70e40bc3fbbdbf0242115d0ef383be56.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 15:21:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD55-P5
age: 1188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 255174
last-modified: Thu, 18 Jan 2024 13:19:04 GMT
server: AmazonS3
etag: "e12ecc3dac20fb591b523679f6df2c11"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 06klKxVk6R7T7jAQU5ooXBiIsS7eu7sG_ko7rSoHfSTxNb-m9lLzmw==

GET
H2 200 vendor-modern.4798fff6.js Show response
js.intercomcdn.com/ Frame FC90 426 KB
131 KB 347ms
219ms Script
application/javascript 18.154.227.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.4798fff6.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-81.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

659646e379eb3281e62c3b079f1f714f8cf487eceee43055c5bdb4d5aaabdb19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 6.SgLCaT2VkjV0yzZ6PTJXwozUKR91vM
content-encoding: gzip
via: 1.1 70e40bc3fbbdbf0242115d0ef383be56.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 13:49:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD55-P5
age: 6751
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 133882
last-modified: Wed, 17 Jan 2024 15:18:52 GMT
server: AmazonS3
etag: "5661811dd3a4c069600081813b6a5bf1"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 5xr-dsaAYQWsrC47aovh-kzPKMe9QvDFPq37DxBurkWJjgH_ElQtvg==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame FC90 5 KB
3 KB 524ms
398ms XHR
application/json 52.73.162.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.bdb65c8e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.73.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-162-54.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8ab6bcc0449d6769aa28f45a616cf248f639e820ebc509e42f6b15f902b450d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 Jan 2024 15:41:39 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0d793d7a62f620428
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00082v4dqqa2nfds8g50
x-runtime: 0.309390
server: nginx
etag: W/"8ab6bcc0449d6769aa28f45a616cf248"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://3142.fun
x-intercom-version: 5c13d61c01a35b8c390bf54de255fa9a2ac9b3fb
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
71 KB 735ms
359ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-app.006c002b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a1bd365cfa91665622b1d4c46d1117ed92aa26718c85cae1eafdac3a72cb967d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 18 Jan 2024 11:10:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65a9073e-118a1"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71841
expires: Thu, 18 Jan 2024 16:41:39 GMT

GET
H2 200 vendors~locale-ru-json-modern.3d14a4f4.js Show response
js.intercomcdn.com/ Frame FC90 42 KB
11 KB 55ms
53ms Script
application/javascript 18.154.227.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~locale-ru-json-modern.3d14a4f4.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.bdb65c8e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-81.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5fd365b3049a86ebb71aef96fb890a48f751c2d4d8c227fcac0a817dca78af73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: xEEjR.Vs6tns38f0FjRLicGEh7FcV00V
content-encoding: gzip
via: 1.1 70e40bc3fbbdbf0242115d0ef383be56.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 14:30:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD55-P5
age: 4255
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10428
last-modified: Wed, 17 Jan 2024 15:18:53 GMT
server: AmazonS3
etag: "b433d9cac1212a505361bda9814f403e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 6GeYsrq5k-H2JIT5e_2Z45u3NxU76RtsT1Ie_T9WBHin-1f36bAq4w==

GET
H2 200 114dcf446f058a01bd3dd81e24e7b02d.png
downloads.intercomcdn.com/i/o/428145/9a41bc05dc8028cfff193a94/ 555 B
1 KB 251ms
143ms Image
image/png 3.33.152.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downloads.intercomcdn.com/i/o/428145/9a41bc05dc8028cfff193a94/114dcf446f058a01bd3dd81e24e7b02d.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.152.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a69d63ecdf0f33068.awsglobalaccelerator.com

Software

nginx /

Resource Hash

076dea4023ede2ff9d9844dd837c09632552efd0b5bf00dd2be6e75cf71d5898

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:39 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0d793d7a62f620428
content-security-policy: default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
status: 200 OK
content-transfer-encoding: binary
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="114dcf446f058a01bd3dd81e24e7b02d.png"; filename*=UTF-8''114dcf446f058a01bd3dd81e24e7b02d.png
x-xss-protection: 1; mode=block
x-request-id: 000a5ipke1k3vje0gmf0
x-runtime: 0.065920
last-modified: Thu, 20 Jul 2023 12:13:33 GMT
server: nginx
x-request-queueing: 0
vary: Accept-Encoding
x-frame-options: deny
content-type: image/png
x-intercom-version: 5c13d61c01a35b8c390bf54de255fa9a2ac9b3fb
cache-control: max-age=86400, private

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10252.8fjV1-KDdJ6z83QCO7xVvsZbL2GJrN2XkG1h13PZcdaA9juiUmywF5sK12GamN1o.BpCG2iwH2W-vct8wLJNCUD3G1TI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10252.vUwHRnWbX4mB-fmllQSMq8KF_UeXKmr7vlTycAbVQYA0uzLbSIHM-vpXXYj3Ss-zab7-RdlsZeoO8tei0a7nYxEg0XlsN3eqqcXcYNqdUnwkU4DfXSyKyuX-rN_9XNVS22-68bCUBX...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10252.g5HYOY6m51xln-wVwkjqfcaq9EqHFaangjIh7EfcjxnlBU1ayzTwZGEl8kLn6NyJFQDdwednR9O6avL27qXXDziVB1dr0kv8SEeusAk8bkeqh...

43 B
585 B

179ms
179ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10252.g5HYOY6m51xln-wVwkjqfcaq9EqHFaangjIh7EfcjxnlBU1ayzTwZGEl8kLn6NyJFQDdwednR9O6avL27qXXDziVB1dr0kv8SEeusAk8bkeqht2BHLEePE24Jb4AMLJtq9ODYaCFPaiXcrdy-NfvfAQ1GcNi4ysnK-i9UwkYlGOuHtuNbjN57Wtw8qW-aN76LyGXDUbwsUGadVSvvWUqwg%2C%2C.qugGDsApl9YiAb4TZClM9pevJyY%2C

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:40 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10252.g5HYOY6m51xln-wVwkjqfcaq9EqHFaangjIh7EfcjxnlBU1ayzTwZGEl8kLn6NyJFQDdwednR9O6avL27qXXDziVB1dr0kv8SEeusAk8bkeqht2BHLEePE24Jb4AMLJtq9ODYaCFPaiXcrdy-NfvfAQ1GcNi4ysnK-i9UwkYlGOuHtuNbjN57Wtw8qW-aN76LyGXDUbwsUGadVSvvWUqwg%2C%2C.qugGDsApl9YiAb4TZClM9pevJyY%2C
date: Thu, 18 Jan 2024 15:41:40 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
478 B 185ms
185ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:41:39 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18 Jan 2024 11:10:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65a9073e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 18 Jan 2024 16:41:39 GMT

GET
H2 200 changes Show response
3142.fun/api-2/betline/headline-matches/ 66 KB
9 KB 147ms
146ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-2/betline/headline-matches/changes?ctag=ru-RU&allVtag=9c2cd386-31e1-4ce9-a140-28e9b63a9300&flags=reg,urlv2,mm2,rrc

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ec3d612df7628d17d3e94f02cbc13d922430396794832bb9c151e9de25c780f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
X-APP-THEME: DARK
x-app-browser: chrome
x-app-version: 6.79.6
x-app-os: windows
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://3142.fun/
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 all Show response
3142.fun/api-2/betline/count/ 42 B
355 B 158ms
157ms Fetch
application/json 109.237.26.154
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://3142.fun/api-2/betline/count/all?ctag=ru-RU&hideClosed=true&flags=reg,urlv2,mm2,rrc,nodup&zeroMarginMarkets=true

Requested by

Host: mrspeedtime.gcdn.co
URL: https://mrspeedtime.gcdn.co/js/async-vendors.fb1af32c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.237.26.154 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-237-26-154.ip.linodeusercontent.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

bfe3806c8cbb3e5476ca6aaf35b7cbdee3c8f449e52da62eeab78ca544317eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-layout: desktop
X-APP-THEME: DARK
x-app-browser: chrome
x-app-version: 6.79.6
x-app-os: windows
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-app-platform: web
x-app-env: prod
Referer: https://3142.fun/
x-app-language: ru_RU
x-app-modernity: modern
x-requested-uri: /
x-app-skin: default
x-app-rendering: csr

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 0
expires: 0

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame 0FD2 2 KB
1 KB 181ms
180ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://3142.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 869
content-type: text/html
date: Thu, 18 Jan 2024 15:41:40 GMT
etag: "65a9073e-365"
expires: Thu, 18 Jan 2024 16:41:40 GMT
last-modified: Thu, 18 Jan 2024 11:10:54 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/71598811/
Redirect Chain

https://mc.yandex.com/watch/71598811?wmode=7&page-url=https%3A%2F%2F3142.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad9qclkdp4c65bqbi3oqcu6sb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3...
https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2F3142.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad9qclkdp4c65bqbi3oqcu6sb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...

440 B
559 B

179ms
179ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2F3142.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad9qclkdp4c65bqbi3oqcu6sb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1210%3Acn%3A1%3Adp%3A0%3Als%3A728974591037%3Ahid%3A660699341%3Az%3A-600%3Ai%3A20240118054139%3Aet%3A1705592500%3Ac%3A1%3Arn%3A27175836%3Arqn%3A1%3Au%3A1705592500215750063%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C277%2C149%2C1%2C0%2C0%2C%2C135%2C2%2C1240%2C1240%2C0%2C846%3Aco%3A0%3Acpf%3A1%3Ans%3A1705592493003%3Agi%3AR0ExLjEuMTkzNzAzNzAwNS4xNzA1NTkyNDk2%3Afp%3A859%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705592500%3At%3ALeon%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

64c0ebccf1b5b95ee2205b989d57e9979ca881f6fd8f1078111e24f1aaea9942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 18-Jan-2024 15:41:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://3142.fun
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 440
x-xss-protection: 1; mode=block
expires: Thu, 18-Jan-2024 15:41:40 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:40 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18-Jan-2024 15:41:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/71598811/1?wmode=7&page-url=https%3A%2F%2F3142.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad9qclkdp4c65bqbi3oqcu6sb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1210%3Acn%3A1%3Adp%3A0%3Als%3A728974591037%3Ahid%3A660699341%3Az%3A-600%3Ai%3A20240118054139%3Aet%3A1705592500%3Ac%3A1%3Arn%3A27175836%3Arqn%3A1%3Au%3A1705592500215750063%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C277%2C149%2C1%2C0%2C0%2C%2C135%2C2%2C1240%2C1240%2C0%2C846%3Aco%3A0%3Acpf%3A1%3Ans%3A1705592493003%3Agi%3AR0ExLjEuMTkzNzAzNzAwNS4xNzA1NTkyNDk2%3Afp%3A859%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705592500%3At%3ALeon%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://3142.fun
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 18-Jan-2024 15:41:40 GMT

POST
H2 200 1
mc.yandex.com/watch/71598811/ 43 B
74 B 183ms
181ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71598811/1?page-url=goal%3A%2F%2F3142.fun%2FzABTestNewUsers&page-ref=https%3A%2F%2F3142.fun%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1705592500_2bb5bf816d5fc52eab0478f1def215fed8eeee2c0a2a7f0269133648de240013&browser-info=ar%3A1%3Avf%3Ad9qclkdp4c65bqbi3oqcu6sb%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1210%3Acn%3A1%3Adp%3A1%3Als%3A728974591037%3Ahid%3A660699341%3Az%3A-600%3Ai%3A20240118054140%3Aet%3A1705592501%3Ac%3A1%3Arn%3A102546535%3Arqn%3A2%3Au%3A1705592500215750063%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1705592493003%3Agi%3AR0ExLjEuMTkzNzAzNzAwNS4xNzA1NTkyNDk2%3Ahsa%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705592501%3At%3ALeon%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(2)lt(59500)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22ab_test_light_mode%22%3A%7B%22dark%22%3A%7B%22visit%22%3A%22dark%22%7D%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:40 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18-Jan-2024 15:41:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://3142.fun
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 18-Jan-2024 15:41:40 GMT

POST
H2 200 1
mc.yandex.com/watch/71598811/ 43 B
86 B 180ms
179ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71598811/1?page-url=goal%3A%2F%2F3142.fun%2FzInit&page-ref=https%3A%2F%2F3142.fun%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1705592500_2bb5bf816d5fc52eab0478f1def215fed8eeee2c0a2a7f0269133648de240013&browser-info=ar%3A1%3Avf%3Ad9qclkdp4c65bqbi3oqcu6sb%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1210%3Acn%3A1%3Adp%3A1%3Als%3A728974591037%3Ahid%3A660699341%3Az%3A-600%3Ai%3A20240118054140%3Aet%3A1705592501%3Ac%3A1%3Arn%3A897303315%3Arqn%3A3%3Au%3A1705592500215750063%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1705592493003%3Agi%3AR0ExLjEuMTkzNzAzNzAwNS4xNzA1NTkyNDk2%3Ahsa%3A1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705592501%3At%3ALeon%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&t=gdpr(14)mc(g-2)clc(0-0-0)rqnt(3)lt(59500)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22type%22%3A%7B%22web%22%3A%22desktop%22%7D%2C%22webVersion%22%3A%226.79.6%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:40 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18-Jan-2024 15:41:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://3142.fun
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 18-Jan-2024 15:41:40 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 77ms
76ms Ping
text/plain 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je41a0v871047016&_p=1705592494664&gcd=11l1l1l1l1&dma=0&cid=1937037005.1705592496&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705592495&sct=1&seg=0&dl=https%3A%2F%2F3142.fun%2F&dt=Leon%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&en=scroll&epn.percent_scrolled=90&_et=26&tfd=7801
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:824::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://3142.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:41:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3142.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

117 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
3142.fun/	1970-01-21 03:22:32	Name: ABTestSeed Value: 74
3142.fun/	1970-01-20 18:29:44	Name: qtag_rfrr Value: null-null
3142.fun/	1970-01-21 02:32:08	Name: ipfrom Value: 38.132.118.71
3142.fun/	1970-01-21 03:22:32	Name: x-app-language Value: ru_RU
3142.fun/	1970-01-21 03:22:32	Name: firstTheme Value: DARK
.3142.fun/	1970-01-21 03:22:32	Name: _ga Value: GA1.1.1937037005.1705592496
.3142.fun/	1970-01-21 03:22:32	Name: _ga_JZZNGY93CC Value: GS1.1.1705592495.1.0.1705592495.0.0.0
.3142.fun/	1970-01-20 19:56:08	Name: _gcl_au Value: 1.1.137314472.1705592496
.rfihub.com/	1970-01-21 03:08:08	Name: rud Value: H4sIAAAAAAAA_-MSsjSzNDE3MAICM0sLMwszE0MhPkPdADPzxLKQDGPDqMB0APvdQx8kAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjSzNDE3MAICM0sLMwszE0MhPkPdADPzxLKQDGPDqMB0APvdQx8kAAAA
.sportradarserving.com/	1970-01-21 02:32:08	Name: zuuid Value: 13f8c95e-0794-4544-85ab-5d342061579b
.sportradarserving.com/	1970-01-21 02:32:08	Name: c Value: 1705592496
.sportradarserving.com/	1970-01-21 02:32:08	Name: zuuid_lu Value: 1705592496
.adnxs.com/	1970-01-20 19:56:08	Name: uuid2 Value: 7035727650848700544
.sportradarserving.com/	1970-01-21 02:32:08	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 02:32:08	Name: zuuid_k_lu Value: 1705592496
.sportradarserving.com/	1970-01-21 02:32:08	Name: bss Value: !bidswitch,474849696
.sportradarserving.com/	1970-01-21 02:32:08	Name: cm4 Value: !bidswitch,474921696
.quantserve.com/	1970-01-21 03:16:46	Name: mc Value: 65a946b0-60222-7489b-2b5cb
.3142.fun/	1970-01-21 03:11:01	Name: __qca Value: P0-236428984-1705592496064
leoncas.com/	1970-01-20 17:47:58	Name: Control Value: OK
.adform.net/	1970-01-20 18:31:10	Name: C Value: 1
.adform.net/	1970-01-20 19:12:56	Name: receive-cookie-deprecation Value: 1
.3142.fun/	1970-01-20 17:46:34	Name: _sp_srt_ses.7285 Value: *
.3142.fun/	1970-01-21 03:22:32	Name: _sp_srt_id.7285 Value: 1435e29a-faa9-43fa-86ad-a0b0f7a5f24a.1705592497.1.1705592497..3cc71e67-eeb8-409e-8d61-f1ef2d2dd8b5....0
.bidswitch.net/	1970-01-21 02:32:08	Name: c Value: 1705592496
.bidswitch.net/	1970-01-21 02:32:08	Name: tuuid_lu Value: 1705592496
.adform.net/	1970-01-20 19:12:56	Name: uid Value: 6707339174782206439
.adform.net/	1970-01-20 17:47:58	Name: CM Value: 1\|1
.bidswitch.net/	1970-01-21 02:32:08	Name: tuuid Value: 7a99b888-342f-42e1-957f-d38b2ab5a668
3142.fun/	1970-01-20 18:29:44	Name: adformfrpid Value: 5785504079994652430
.adform.net/	1970-01-20 18:06:42	Name: CM14 Value: 1705678896_1705592496_1_Hu7u4e4e4R7u4e4REREeEREREA
pixel.rubiconproject.com/	1970-01-20 19:56:08	Name: receive-cookie-deprecation Value: 1
.sharethrough.com/	1970-01-20 18:29:44	Name: stx_user_id Value: a6eaa939-0603-4c22-a8d4-0cfbe40797d3
.yahoo.com/	1970-01-21 02:32:30	Name: A3 Value: d=AQABBLBGqWUCEEAdyw2RVwSVHzYs5DtYWtMFEgEBAQGYqmWzZdxH0iMA_eMAAA&S=AQAAAsWB0KlZtcq48dD8P9mjkHo
.casalemedia.com/	1970-01-21 02:32:08	Name: CMID Value: ZalGsGpJ-je3ikalcu.NcgAA
.casalemedia.com/	1970-01-20 19:56:08	Name: CMPS Value: 1507
.casalemedia.com/	1970-01-20 19:56:08	Name: CMPRO Value: 1507
.analytics.yahoo.com/	1970-01-21 02:32:08	Name: IDSYNC Value: 173n~2g93
.rubiconproject.com/	1970-01-21 02:32:08	Name: khaos Value: LRJDQHAK-W-G4JM
.rubiconproject.com/	1970-01-21 02:32:08	Name: audit Value: 1\|NFSTKrOQeup9+e9bON3mUf5F7M6wE/Snp87ogsGyueY8fCYmOTvXg7BJXWgb587Nt1NzMOChp0lCbuL7wqM7W8iEQX1ma3kMqlFeRIX+Qd4Wi/s0aePAePB9J3VruUYucCygDcYSdD/OZF4C5xzkLg==
.smartadserver.com/	1970-01-21 03:16:46	Name: pid Value: 2039726204738432471
.smartadserver.com/	1970-01-21 03:16:46	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:33:34	Name: csync Value: 22:6707339174782206439
.ads.stickyadstv.com/	1970-01-20 19:12:56	Name: uid-bp-617 Value: 6707339174782206439
.ads.stickyadstv.com/	1970-01-20 18:29:44	Name: UID Value: b7f9237d979037acb36f06eadd6b14f
.kargo.com/	1970-01-21 02:32:08	Name: ktcid Value: a5b0f580-8ee8-02d8-5e8d-ddb630a3d9d8
.seadform.net/	1970-01-20 19:12:56	Name: uid Value: 6707339174782206439
.adnxs.com/	1970-01-20 19:56:08	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2Il]jz?p=!]tc(8i_imf$9G=A^A/AIx%NsDsX44)9AS./9Od<DsZF7bmCyd<QG=%9sk@3@'s>TCo').
.eyeota.net/	1970-01-21 02:33:34	Name: mako_uid Value: 18d1d3c239b-65590000010a5038
.eyeota.net/	1970-01-20 17:46:33	Name: SERVERID Value: 20536~DM
.semasio.net/	1970-01-21 02:32:08	Name: SEUNCY Value: 5C885E7F87572855
.rlcdn.com/	1970-01-21 02:32:08	Name: rlas3 Value: nn7rtTtTJ0yJGMLRJrfU8s8urQJfk3gVIcfA/wfWNw0=
.openx.net/	1970-01-21 02:32:08	Name: i Value: 9d83feed-d658-43e2-bde7-b1adf4630990\|1705592497
.exelator.com/	1970-01-20 20:39:20	Name: EE Value: "4c7c70cfd5fe5c8cd34549ef5f0beca7"
.rlcdn.com/	1970-01-20 19:12:56	Name: pxrc Value: CLGNpa0GEgUI6AcQABIFCOhHEAA=
.exelator.com/	1970-01-20 20:39:20	Name: ud Value: "eJxrXxzq6XKLQcEk2TzZ3CA5LcU0LdU02SI5xdjE1MQyNc00zSApNTnRfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR%252FrmwcA%252BBQrng%253D%253D"
.crwdcntrl.net/	1970-01-21 00:15:18	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 00:15:18	Name: _cc_id Value: 9d505efa3b183e0cf7d0b477b0063ec0
.krxd.net/	1970-01-20 22:05:44	Name: _kuid_ Value: QCxbA_c7
.bluekai.com/	1970-01-20 22:08:37	Name: bku Value: /Ux99nas3VUBsDGX
.pippio.com/	1970-01-21 02:32:08	Name: did Value: UmPK2g8Dvjr2wA88
.pippio.com/	1970-01-21 02:32:08	Name: didts Value: 1705592497
.pippio.com/	1970-01-20 19:12:56	Name: nnls Value:
.pippio.com/	1970-01-20 19:12:56	Name: pxrc Value: CLGNpa0GEgYIgr0rEAA=
.doubleclick.net/	1970-01-21 03:22:32	Name: IDE Value: AHWqTUnLVRxUNHkCApySAS2CpgA2I3Vkgj0Z0iptjytjumoSTbLSbcyJyYkG-QF4Vt4
.pubmatic.com/	1970-01-20 18:29:44	Name: KRTBCOOKIE_391 Value: 22924-6707339174782206439&KRTB&23263-6707339174782206439&KRTB&23481-6707339174782206439
.pubmatic.com/	1970-01-20 18:29:44	Name: PugT Value: 1705592496
.demdex.net/	1970-01-20 22:05:44	Name: demdex Value: 07920392915923309942656737471530018388
.agkn.com/	1970-01-21 02:32:08	Name: ab Value: 0001%3AGAhHf3Y4ASdFCwE7BX0XHyqTklG0oItF
.dpm.demdex.net/	1970-01-20 22:05:44	Name: dpm Value: 07920392915923309942656737471530018388
.adsrvr.org/	1970-01-21 02:33:34	Name: TDID Value: 1a936054-15cf-44b8-b061-84ed806cce58
.adsrvr.org/	1970-01-21 02:33:34	Name: TDCPM Value: CAEYBSABKAIyCwj2gvaE1pHMPBAFOAE.
.w55c.net/	1970-01-21 03:18:13	Name: wfivefivec Value: p5A8fkRY1Rquwp5
.linkedin.com/	1970-01-20 19:56:08	Name: li_sugr Value: 364aa19c-ebd2-4540-b3b6-dd40b1c1a344
.linkedin.com/	1970-01-21 02:32:08	Name: bcookie Value: "v=2&63c78a13-57a4-4083-8c12-6fc7c4ad30d6"
.linkedin.com/	1970-01-20 17:47:58	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2697:u=1:x=1:i=1705592497:t=1705678897:v=2:sig=AQEAiRSJHviWGF81I8O7ihjoFwDbcQFa"
.weborama.fr/	1970-01-21 03:12:27	Name: AFFICHE_W Value: 5xU1ZUetoQbn12
.w55c.net/	1970-01-20 18:29:44	Name: matchadform Value: 5
.adfarm1.adition.com/	1970-01-20 19:56:08	Name: UserID1 Value: 7325463994942552215
.audrte.com/	1970-01-20 18:08:08	Name: arcki2 Value: ch0zDip-4V6RW2BT7cyIuUR5w!20220908!1705592497747!ip#38.132.118.71
.audrte.com/	1970-01-20 18:08:08	Name: arcki2_adform Value: 6707339174782206439!20220908!1705592497747
.3lift.com/	1970-01-20 19:56:08	Name: tluid Value: 2216801583298540595528
.teads.tv/	1970-01-21 02:30:42	Name: tt_viewer Value: dde8a1bb-7405-4715-9c74-160b92868d06
.smaato.net/	1970-01-20 18:16:46	Name: SCM Value: 9d0a19d48d
.smaato.net/	1970-01-20 18:16:46	Name: SCMaps Value: 9d0a19d48d
.smaato.net/	1970-01-20 18:16:46	Name: SCM1001213 Value: 9d0a19d48d
.audrte.com/	1970-01-20 18:08:08	Name: arcki2_ddp2 Value: ch0zDip-4V6RW2BT7cyIuUR5w!20220908!1705592497970
.id5-sync.com/	1970-01-20 19:56:08	Name: id5 Value: 44e6cfc5-3aba-7449-8171-f076e3049966#1705592497831#2
.adnxs.com/	1970-01-21 03:22:32	Name: XANDR_PANID Value: DJ6495qfPnaX_3CAocFiyvZbbYmmRnyBE8o9NAUfBi0D3r2KSc_NyS3BKs8ZhJ4DcQRTcRSPSbMgzIslQ1kX0vPW7xKpi3ItrAratIy8L9Q.
.amazon-adsystem.com/	1970-01-20 23:56:37	Name: ad-id Value: A2BmYJvVzkMrk8D8A9uhRUo
.amazon-adsystem.com/	1970-01-21 03:22:32	Name: ad-privacy Value: 0
.360yield.com/	1970-01-20 19:56:08	Name: tuuid Value: 1a62e55e-ab8d-46e8-a0f5-da3b6893e9d5
.360yield.com/	1970-01-20 19:56:08	Name: tuuid_lu Value: 1705592498
.360yield.com/	1970-01-20 19:56:08	Name: um Value: !79,W0Eosn8DS0ERH3L5kZ7gA3C4ErCFRqPzvMw67ayxi0ZK8SwTUefW.9KFsMf7ZY8Cxk6D0dSA2zDf38TI,1713368498
.360yield.com/	1970-01-20 19:56:08	Name: umeh Value: !79,0,1767800498,-1
.id5-sync.com/	1970-01-20 19:56:08	Name: 3pi Value: 2#1705592498233#903491978#7035727650848700544\|10#1705592497974#-1969907370#6707339174782206439\|124#1705592498498#1398916355
.3142.fun/	1970-01-21 00:15:22	Name: intercom-id-cnjqphyx Value: 618494aa-e76a-4e2d-840b-629dd0905fcf
.3142.fun/	1970-01-20 17:56:37	Name: intercom-session-cnjqphyx Value:
.3142.fun/	1970-01-21 00:15:22	Name: intercom-device-id-cnjqphyx Value: 3b24fd01-59fa-4bb9-84f5-592da5125484
.3142.fun/	1970-01-21 02:32:08	Name: _ym_uid Value: 1705592500215750063
.3142.fun/	1970-01-21 02:32:08	Name: _ym_d Value: 1705592500
.mc.yandex.com/	1970-01-20 17:46:33	Name: sync_cookie_csrf Value: 2571959982fake
.yandex.com/	1970-01-21 03:22:32	Name: i Value: JzBlrjVBScmuBCQEGj2jhbbKyj5M3qBJD8VTd21Bop8QofSQ3k+0MAJIeIge8cvxAARH6bRBtlTq1aZOuzWLH8cNX9c=
.yandex.com/	1970-01-21 02:32:08	Name: yandexuid Value: 9938436251705592499
.3142.fun/	1970-01-20 17:47:44	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:46:33	Name: sync_cookie_csrf Value: 654309064fake
.mc.yandex.com/	1970-01-20 17:47:58	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 03:22:32	Name: yandexuid Value: 9938436251705592499
.yandex.ru/	1970-01-21 03:22:32	Name: yuidss Value: 9938436251705592499
.yandex.ru/	1970-01-21 03:22:32	Name: i Value: JzBlrjVBScmuBCQEGj2jhbbKyj5M3qBJD8VTd21Bop8QofSQ3k+0MAJIeIge8cvxAARH6bRBtlTq1aZOuzWLH8cNX9c=
.yandex.ru/	1970-01-21 03:22:32	Name: yp Value: 1705678900.yu.9865630231705592499
.yandex.ru/	1970-01-21 02:32:08	Name: ymex Value: 1708184500.oyu.9865630231705592499
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 81572151705592500
.yandex.com/	1970-01-21 02:32:08	Name: yuidss Value: 9938436251705592499
.yandex.com/	1970-01-21 02:32:08	Name: ymex Value: 1737128500.yrts.1705592500
.yandex.com/	1970-01-21 02:32:08	Name: bh Value: KgI/MA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11843672.fls.doubleclick.net
20828756p.rfihub.com
3142.fun
a.audrte.com
a.sportradarserving.com
a1.adform.net
a1.seadform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
adservice.google.com
api-iam.intercom.io
api.adrtx.net
beacon.krxd.net
bpi.rtactivate.com
c1.adform.net
c1.rfihub.net
cdnimages3.gcdn.co
cm.g.doubleclick.net
crb.kargo.com
dmp.adform.net
downloads.intercomcdn.com
dpm.demdex.net
dsp-media.eskimi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js.intercomcdn.com
leoncas.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
mrspeedtime.gcdn.co
o237537.ingest.sentry.io
pdw-adf.userreport.com
pippio.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s2.adform.net
s3-eu-west-1.amazonaws.com
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
tm.ads.sportradar.com
token.rubiconproject.com
track.adform.net
track.leonretarget.com
tracker.ads.sportradar.com
uipglob.semasio.net
ups.analytics.yahoo.com
use.sportradarserving.com
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
dsp-media.eskimi.com
100.25.25.103
107.178.254.65
108.138.64.83
109.169.10.207
109.237.26.154
13.249.39.110
142.250.176.198
142.250.81.226
162.19.138.118
172.64.151.101
18.154.227.81
18.160.10.41
184.50.205.247
185.167.164.39
185.167.164.43
185.167.164.45
199.38.167.131
216.22.16.73
23.205.56.163
23.220.188.102
2600:141b:1c00:22::1730:e06a
2600:9000:201e:a000:6:44e3:f8c0:93a1
2600:9000:2191:a400:1:76cf:fe80:93a1
2600:9000:2305:ae00:1b:5138:8a40:93a1
2607:f8b0:4006:80e::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:823::2003
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::200e
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2a02:6b8::1:119
2a02:6ea0:c400::11
2a03:90c0:9996::9996
3.222.163.147
3.248.137.159
3.33.152.127
3.33.220.150
34.120.195.249
34.198.208.133
34.200.65.202
34.241.132.158
34.98.64.218
35.174.112.174
35.190.24.218
35.211.178.172
35.211.233.246
35.244.154.8
35.71.139.29
37.157.6.232
44.212.89.30
46.19.11.36
50.57.31.206
52.0.156.250
52.204.171.89
52.204.246.173
52.46.151.131
52.55.144.0
52.59.99.242
52.73.162.54
52.92.17.0
54.160.64.36
54.84.78.68
63.251.28.233
68.67.179.155
8.28.7.83
8.43.72.97
8.43.72.98
85.114.159.93
88.214.195.109
016d0138077e5e36688ee8162341a4df2fde793d14c7d582f4ec85304a395cc2
02994d097a57d982a448d1f479706272213f042ffb1760a6e5d9d531b18aaa38
02f0779b886c74ddb4d9db757a375f0149f2a67eeb044353cd4bb061c7182622
0505fd483d260729d757cce63c647014a4a82fc3b1cff42e7b36290394392134
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb
07417c2a27f28f7a89009236e4de55f08251fef62620289addd8815b7da5acab
076dea4023ede2ff9d9844dd837c09632552efd0b5bf00dd2be6e75cf71d5898
0a4eaeeb96ba82fcafeecaae3a2a0b2db648c51607d7ae71053548354bf21718
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d0d3626a25971ce13abaf0ebd9c9be53fa017fb3dd29d56befaee34dd1e44ca
110b112c5093d9f4436387f33de752530f0883c83e3c3212fffeee440d7d24f0
1112f78fcfaf4d2ae2c798f9e9fe11ca902393fcfcd7e76aeb6ce8a02d105dc2
13b86838d8b2a31e3a62596798a6f162d740047bf912644bf42135db72374189
16aca23e54679eb44d5a673c7802ad35d83cb5e9834a013da075929a8722b58d
16e947dd5a59555bb58b54d944caf8defec14678f5c7c90a97fb81c34412e071
1920872ba0106be7c91c1a948d911bd766743ced4df8724e1caddf7b209e6789
1a8147e30aa4e73a93107c296d76d442e31d89e34f8c07cad8e1c2bfaeff9847
1eb013ce7e85e58eb586fa739f4c973ca31e2307c6180fccc79cd640d9e2c304
1f72c7c35a3d75af7c846f2c90ed32962077ec11ebe78e2b2785248166b32101
285acc40b400ec6cf1fd79ede780e96e06400b92ec9734867e15ddf5c97d17fa
2a708f527cf5d4cdf1ecaba7fc6b67fd7ef1f190d9e6654b19e69d718c55b6d6
2a789b44412d2879eaf23bdec3da4f565594749435f436640a8f9bb35477fd10
2aa372c9648ffaee76c4446778b683b28799c388da3ba2fae9cdfc84706671e8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d46add0559c771c90a618ca8f9d3442488e0f4ebad5db485b57ea1aa3176a1
30f367aef0d220d8a40c80f7d963cfdaccbcf43c680924a92aab5cdb7cd1eecc
310ff5867a7f1415ef11a23399f752aa8a68828c252a7cb8736ba3543f6a161d
31673c1e15daa49266f49bf51519645c0235fe69f1b33ff78bd7c82f3e80dbc8
3206bba640bcbc800d2823dd662065fe0f68a740caeb69eba89cde322dd9a9bf
3212537ebc556c7704b68db3ca5b2c4d6b5942c433ba35395a7bab5f197899b5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36ef46e15ad8804913decafc9b7513874320871a57165032a2c0c77bc23e86a1
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
37b8c2034ad31ed9ec22bbfce6f9669c639ae2c857b2328bc60bbc3797a96a0b
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
3a0ffd5064021fa45146082c2065b456dd180e258da693cfe37c05f7076cc037
3a11abde75e5fd8e5925de1c46e0abefd3ec85b52456c1e852b718b31bf9ddcd
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3dda9b271d14659c452372e5ea0ffeff160b98f06a8f71a1636513fcc9dee439
426ddf3584e1c7bee6ebddff437b55f5202c03086cc4c53a538f1265e87c0d3c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
47f6d5b00cb727ce0dadb3b93de3385529514d0bd7210bb2c3a6e0025d5a648f
4925daa8577607e528c9d7e14ba3650f2efb567f344566fe6fbf81c7f99785d6
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f869d66fe7c47cc458ea5ad57eb63738fed179f7c2a538a055cb037967ca623
512496753c87e333cc5ba64e638a8cbf5c1c312ee987ffc57f3aef9d9e45c9c3
5383fce7e28597cc99f37f3ae8c79cff4ffd9e953d0af6a98c2343a7b57f3265
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b2b2e1432df24589a0d088970f8f3589941f91717293869a0244ccc81668ef
593781c36e06f144d48aff47d196f9402f293f4c10bc0c57fb430c0d729b25db
5ce640a319d1d0b26e08eff5594a136f202a8414475c8186953c835763261fa8
5e6ea8dfae0d887a7fee57d34a937b369c72f6463772751e7e55dd6f12f87340
5f60ba2783fe1359d0ea58a96615b3e85756a33b0ea7d9cc5d20845128980a8c
5fd365b3049a86ebb71aef96fb890a48f751c2d4d8c227fcac0a817dca78af73
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
64c0ebccf1b5b95ee2205b989d57e9979ca881f6fd8f1078111e24f1aaea9942
659646e379eb3281e62c3b079f1f714f8cf487eceee43055c5bdb4d5aaabdb19
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dd499991c10ba941350216d19b0b332393f2e195425718b4baa7a52a22b2029
6e64eeaf0e92eacd9a9ffabb59dfdfa21c208a3d6d2c612637fabf2acfc7d15b
726184aab5ac1ffaaa5ca9e7f110c5a5ca060c8fec3a1d0fffe5a0e60674f612
7454296105acbe8ea802fe5e08ee18796f8222359444c64d6008f9db6c02012e
7591af9accee476364929ca77fe1a65394b8eba11afc0bd58d7201a91f30f63b
775042c1fe9439c9066a6d08cb873a8be580b1f68bc1d0cec530291043fe3bd5
78271c224efe35393eead263436870aa77b3f67c0ee8abd649edfff455c5dfec
78d09b05ebf72a25ad44d2e9c9561f75ed91eeb31b56bb977131033724d695dd
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7e67ee52b9a022aa7601e1a818cfa91bd7bd9dd4d4e677e24891033ed87b9b61
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f7a7e031601633193daa481b5ca6556e016eb9de00cc106620460083e56dc83
81c8f98c199314f2e775945d9f61386dd7fd850eb01b61b330e34b2e9bf5f143
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837f9e94e54860fc954e078403376f86a443f05aab552f5e6c53538f29ab3da5
844ccbb65093e08b508083f570c20697d88d062eb41fd302bfc4f7acad0dea3b
854bb99207fff470ef40ad1e92da6958b126c9c974ed2533e76d5c42b12233d9
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8ab6bcc0449d6769aa28f45a616cf248f639e820ebc509e42f6b15f902b450d5
902297034156b818d33207f23de8705ffdb46f5fb98de87b91e6927b50dec758
921329187f251f77c4eeaf04ff2f3189cff526837179ccad6b898304fe14e52e
9500d42196478f9d0c4bd68ba9fc8d248bb4bc5b711532ca57f950bf5e311a1c
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
95e298f3f0c1797323e9859e9781a6c9d5be9852661e6aa74dccfb5fa877d033
973c2a5d3b3c4955f2eda7a09f7a3cb098a2e75cf81293b3d34e2dcb0b43a574
97db4ce15015aa6cb56805729c37fc67c744ad0c8b41a729cc2ce462120c3921
9805b30f5e5d0c02b2bbc9e33485bf49b9c87ecd84571b9a481ef07cfd1a047f
988e9effd6680b71fa8355efb7f41e55baf7fa096fff438cc8838ad0186043a1
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a64dde940836950e05b6dd0531afa6438a907deab2d56be4d76c7a7dbe8bf0f
9a8d842dbcf583e49fc9c648d54f6fa3721dabb382b0c4afb8cb5132993a9adb
9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f
9e8fc4c8e13a101ff6dc68c7e9e595e8315aa37cde1fb9d5d515a8fd1247d03f
9efff73ca72160311c7faae32943026e13cc8158ef71161e486fea3862a56131
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a142b9cb8f3498da8b403194c96891d13705043000a9e3e7f64dbb079848ac2d
a1bd365cfa91665622b1d4c46d1117ed92aa26718c85cae1eafdac3a72cb967d
a54fcf62a4562abe6992772d3232aab8e7654660f54edace40563ad6034bdf15
a7a3388b72ae35eb924a4417535dab786f0e66b231b2377717b9835314d0462f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e7b9a79ef6fcfcbacdb1d6e03b7af7e21d4dbf18340ab38aac52540f8a94b2
b2cb126cc335d3af70094c5627edc02a541ceb27d3c6c51906dd80589795df8a
b6fed75b5b92363f42933afd6571ddbcdeafcbf9a01248077512b5eb68223662
b8a6de9f0d5e88715fa12d66be5bdd14b0be6904956631fb55683d712bacb3d0
bb0581de4c73e0dc2cc1522b7876e8d5a5f2415e2bfb648e480d6dfb812bb00f
bb09413f3e2a0fdb59a882f320ad10497e9337c94a3ea8cb343d9cac78de82dd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc677f67a90b8f92a557084000802039ce0c36b9cb1a55722b004e903c72f5c8
bfe3806c8cbb3e5476ca6aaf35b7cbdee3c8f449e52da62eeab78ca544317eee
c020aa5e9eb7aac89747e8a51508d90351d160dfe83e4b0a21dbbb0f05be0f9c
c02ffbed37347fd6d0c2c3e9e748b33b2028988e589a9e5e6ee200b310a5aae1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22487f66e505f19f7460d4225008b3977eac3df04dbe9f550065079c17e83c1
c35d7693a27259b4f2b3cbf122cbf3511ebd9858b4e9a50878d0326baeb32fa4
c3862cc2028935c5a5f21f873fe7efdc309a56a5776f5a55453c25e94c804b77
c4170d882f1bf5f9d3519366034e47330adc672725588cd3f143dffe8eb4d22f
c48b65c0d1eab3eb47f861ef59b67c29fb4628c228ed563318731f8be35dfda7
c4e3d00cc510023a812bfd00f1409caeb44107f21bb1679ae093712aecbc6afe
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c920601b759fa1845f019d5451374520de474c22477e2f36b8c264ac1a0c2cd0
ca5000934c3b98ff7bccdb58ab4f31bae438401b4bf61e3806423959011f2573
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d26d252e0cacb8f1b0757afad0ec4d1c134960a7df680649d3cdf84fc6402e02
d351faa0d1b8c6b597ab6e0a8c92004db3c12d9af88c3684d5aa7be67bc0c07a
ddce2c829dc0140e091183d23efcd03308b8f2152da6b75c553f40bb03d73bf6
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e19237af2d984f7b772577bee8f16b86c42e21212c0f9cb0fb17762cc2de04e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e4b292b01c63b6330f938b78f2ce00947b1ed0708030a843fd89c639b344a4
e4f7c7184374c80212df3584a7d3532c73fb75293bed93b04511cf12fe930c19
e8540306a707e9169f22542b923f711daac148b08742acd582d5cb11a43363a9
ec159c6037356a119aed5e8f72298f322fa13c822a0961207601f735ea21691a
ec3d612df7628d17d3e94f02cbc13d922430396794832bb9c151e9de25c780f1
ef179473ab4dba186b89a833c97611c862a7162ed9e56293e0a282befc36c8d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e076de01a58b01e169c1c10e81824270dcee9a4f3c5dd66c1739359e6cbd8a
f2c2c362f1c16308f9167628fb550b92b0f2119f2ec3f46a7d69a5a935b4077c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7c787a6c2d25303927c9c7a8c60a941044203e259f96a120f8559aac119b7da
fa3b577a638cbb33b1bc0324a32c3f032f945586d316b994e73b766d6e776b66
fe54c6c010383bc920876354df17c970c6f4f50d784dc145a6164e917d31fe99

3142.fun Open in urlscan Pro 109.237.26.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

191 Requests

84 %HTTPS

20 %IPv6

65 Domains

80 Subdomains

56 IPs

7 Countries

3274 kBTransfer

10691 kBSize

117 Cookies

1 Outgoing links

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

3142.fun Open in urlscan Pro
109.237.26.154 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

84 %
HTTPS

20 %
IPv6

65
Domains

80
Subdomains

56
IPs

7
Countries

3274 kB
Transfer

10691 kB
Size

117
Cookies

191 HTTP transactions
3 data transactions