3917.info Open in urlscan Pro
194.182.175.73 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://1fjq7.trk.elasticemail.com/tracking/click?d=DqFe1nAGWqib1ZsBMG5IKxNIUUDNBdHkNn6oPIDDXibkDQz70CyYCOzSWKwwlLGM4yGyAUl4tXm_1gE...
Effective URL:
https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36...
Submission: On April 16 via manual (April 16th 2025, 10:46:29 pm UTC) from AU — Scanned from DK

Summary HTTP 271 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 53 IPs in 15 countries across 58 domains to perform 271 HTTP transactions. The main IP is 194.182.175.73, located in Vienna, Austria and belongs to exoscale Akenes SA, CH. The main domain is 3917.info.
TLS certificate: Issued by R11 on March 8th 2025. Valid for: 3 months.

This is the only time 3917.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.134.188.169 91.134.188.169	16276 (OVH OVH SAS) (OVH OVH SAS)
1 1	2606:4700:303... 2606:4700:3036::ac43:a091	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	194.182.175.73 194.182.175.73	61098 (exoscale ...) (exoscale Akenes SA)
155	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	88.214.195.17 88.214.195.17	46636 (NATCOWEB) (NATCOWEB)
1	37.157.6.245 37.157.6.245	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	2400:52e0:1e0... 2400:52e0:1e00::1082:1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1 4	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	2600:9000:215... 2600:9000:2156:3200:16:3a8f:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	37.157.6.254 37.157.6.254	198622 (ADFORM Ad...) (ADFORM Adform A/S)
2 9	37.157.2.14 37.157.2.14	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	188.42.63.49 188.42.63.49	7979 (SERVERS-COM) (SERVERS-COM)
1	188.42.63.48 188.42.63.48	7979 (SERVERS-COM) (SERVERS-COM)
1	2600:9000:223... 2600:9000:223f:2000:5:e0f4:e840:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 2	35.206.140.87 35.206.140.87	15169 (GOOGLE) (GOOGLE)
1	18.66.121.111 18.66.121.111	16509 (AMAZON-02) (AMAZON-02)
2	37.157.6.237 37.157.6.237	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	37.157.6.243 37.157.6.243	198622 (ADFORM Ad...) (ADFORM Adform A/S)
2	2606:4700:440... 2606:4700:4400::ac40:92ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.78.68.121 54.78.68.121	16509 (AMAZON-02) (AMAZON-02)
1	95.100.184.137 95.100.184.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.122.92.109 3.122.92.109	16509 (AMAZON-02) (AMAZON-02)
1	2607:ae80:4::50 2607:ae80:4::50	26558 (FREEWHEEL) (FREEWHEEL)
1 1	35.214.136.108 35.214.136.108	19527 (GOOGLE-2) (GOOGLE-2)
1	3.79.137.198 3.79.137.198	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	77.243.51.122 77.243.51.122	42697 (NETIC-AS ...) (NETIC-AS Netic A/S)
1 1	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	54.72.126.129 54.72.126.129	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	217.79.178.221 217.79.178.221	24961 (MYLOC-AS ...) (MYLOC-AS WIIT AG)
1 2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	103.231.98.109 103.231.98.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.66.47 65.9.66.47	16509 (AMAZON-02) (AMAZON-02)
2 2	4.232.99.2 4.232.99.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	54.74.164.45 54.74.164.45	16509 (AMAZON-02) (AMAZON-02)
1 1	18.196.128.37 18.196.128.37	16509 (AMAZON-02) (AMAZON-02)
3	37.157.5.49 37.157.5.49	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS WIIT AG)
2 2	35.210.130.15 35.210.130.15	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH OVH SAS) (OVH OVH SAS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.1.242.226 34.1.242.226	15169 (GOOGLE) (GOOGLE)
1	91.185.218.28 91.185.218.28	51859 (MNSHA-AS ...) (MNSHA-AS Mainstream doo Beograd)
2 2	54.38.113.3 54.38.113.3	16276 (OVH OVH SAS) (OVH OVH SAS)
2 4	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB...) (YAHOO-DEB Yahoo-UK Limited)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	52.29.164.62 52.29.164.62	16509 (AMAZON-02) (AMAZON-02)
4 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
1	2606:4700:310... 2606:4700:3108::ac42:28c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.128 143.204.98.128	16509 (AMAZON-02) (AMAZON-02)
271	53

1 91.134.188.169 (Paris, France) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: api.elasticemail.com

1fjq7.trk.elasticemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:a091 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

realtimesegmenta.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c1li7tt5ck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 194.182.175.73 (Vienna, Austria)

ASN61098 (exoscale Akenes SA, CH)

3917.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

155 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE G-Core Labs S.A., LU)

leoncasino.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnimages3.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnimages2.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o237537.ingest.us.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.214.195.17 (United Kingdom)

ASN46636 (NATCOWEB, US)

pixel-us.r2drtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.245 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

dsp-media.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.116 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3200:16:3a8f:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

pj.l.liftdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.2.14 (Denmark) 2 redirects

ASN198622 (ADFORM Adform A/S, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.63.49 (Luxembourg)

ASN7979 (SERVERS-COM, US)

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.63.48 (Luxembourg)

ASN7979 (SERVERS-COM, US)

dsp-ap.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:2000:5:e0f4:e840:93a1 (United States)

ASN16509 (AMAZON-02, US)

ps.l.liftdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States) 1 redirects

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.206.140.87 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 87.140.206.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.121.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-111.fra60.r.cloudfront.net

d1cr9zxt7u0sgu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.237 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:92ea (United States)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.68.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-68-121.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.184.137 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-184-137.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.92.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-92-109.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:4::50 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.136.108 (Groningen, Netherlands) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.79.137.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-79-137-198.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.51.122 (Aalborg, Denmark) 4 redirects

ASN42697 (NETIC-AS Netic A/S, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.126.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-126-129.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.178.221 (Germany)

ASN24961 (MYLOC-AS WIIT AG, DE)
PTR: cm49.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.98.109 (Japan)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-47.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.232.99.2 (Milan, Italy) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.164.45 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-164-45.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.128.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-128-37.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.49 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS WIIT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.130.15 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 15.130.210.35.bc.googleusercontent.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.1.242.226 (United States)

ASN15169 (GOOGLE, US)
PTR: 226.242.1.34.bc.googleusercontent.com

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.185.218.28 (Slovenia)

ASN51859 (MNSHA-AS Mainstream doo Beograd, RS)

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.113.3 (France) 2 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: falcon-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:80:807::1 (United Kingdom) 2 redirects

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.164.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-164-62.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX YANDEX LLC, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28c3 (United States)

ASN13335 (CLOUDFLARENET, US)

5a0ef96fd84066141eb932d11ca5b39bb17a78cb.csftr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-128.fra50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
155	gcdn.co leoncasino.gcdn.co cdnimages3.gcdn.co cdnimages2.gcdn.co	6 MB
21	3917.info 3917.info	448 KB
16	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 7044 track.adform.net — Cisco Umbrella Rank: 5557 a1.adform.net — Cisco Umbrella Rank: 16127 c1.adform.net — Cisco Umbrella Rank: 742 dmp.adform.net — Cisco Umbrella Rank: 9561	44 KB
13	gstatic.com fonts.gstatic.com	194 KB
10	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 492 acdn.adnxs.com — Cisco Umbrella Rank: 723 ib.adnxs.com — Cisco Umbrella Rank: 283	17 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8973	7 KB
4	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1745 ups.analytics.yahoo.com — Cisco Umbrella Rank: 560	813 B
4	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 292	686 B
4	semasio.net 4 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1497 se.semasio.net — Cisco Umbrella Rank: 32633	2 KB
4	r2drtb.com pixel-us.r2drtb.com	2 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3622	77 KB
3	google-analytics.com 1 redirects region1.google-analytics.com — Cisco Umbrella Rank: 3120	806 B
3	eskimi.com dsp-media.eskimi.com — Cisco Umbrella Rank: 64840 dsp-trk.eskimi.com — Cisco Umbrella Rank: 56371 dsp-ap.eskimi.com — Cisco Umbrella Rank: 31822	4 KB
3	sentry.io o237537.ingest.us.sentry.io	412 B
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2694	804 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10358	630 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1333	771 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 266	1 KB
2	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 13279	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	297 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 485	776 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 648	1 KB
2	360yield.com ad.360yield.com — Cisco Umbrella Rank: 802	397 B
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9847	801 B
2	seadform.net server.seadform.net — Cisco Umbrella Rank: 45834	1 KB
2	admedo.com 1 redirects pool.admedo.com — Cisco Umbrella Rank: 5056	598 B
2	liftdsp.com pj.l.liftdsp.com — Cisco Umbrella Rank: 100222 ps.l.liftdsp.com — Cisco Umbrella Rank: 110484	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	215 KB
1	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2089	3 KB
1	csftr.com 5a0ef96fd84066141eb932d11ca5b39bb17a78cb.csftr.com	630 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 4284	44 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 443	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 29059	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 726	66 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1422	163 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 529	1 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 7760	447 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 558	495 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 20936	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 992	225 B
1	adsafety.net cm.adsafety.net — Cisco Umbrella Rank: 57767	577 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2791	279 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 949	222 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 2056	324 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1053	344 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1223	385 B
1	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 397	215 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 699	672 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 3750	59 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 518	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 7669	235 B
1	cloudfront.net d1cr9zxt7u0sgu.cloudfront.net	51 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	3 KB
1	c1li7tt5ck.com 1 redirects c1li7tt5ck.com	488 B
1	realtimesegmenta.org 1 redirects realtimesegmenta.org	1 KB
1	elasticemail.com 1 redirects 1fjq7.trk.elasticemail.com	293 B
0	intercomcdn.com Failed js.intercomcdn.com Failed
0	smartadserver.com Failed rtb-csync.smartadserver.com Failed
271	58

	Domain	Requested by
70	cdnimages3.gcdn.co
64	leoncasino.gcdn.co	3917.info leoncasino.gcdn.co
21	cdnimages2.gcdn.co
21	3917.info	leoncasino.gcdn.co
13	fonts.gstatic.com	fonts.googleapis.com
7	mc.yandex.com	3 redirects mc.yandex.ru
7	c1.adform.net	1 redirects a1.adform.net c1.adform.net
6	secure.adnxs.com	2 redirects www.googletagmanager.com c1.adform.net
4	cm.g.doubleclick.net	2 redirects c1.adform.net
4	pixel-us.r2drtb.com	www.googletagmanager.com
3	mc.yandex.ru	1 redirects leoncasino.gcdn.co
3	dmp.adform.net	c1.adform.net
3	region1.google-analytics.com	1 redirects leoncasino.gcdn.co
3	track.adform.net	s2.adform.net
3	ib.adnxs.com	1 redirects leoncasino.gcdn.co
3	o237537.ingest.us.sentry.io	leoncasino.gcdn.co
2	ups.analytics.yahoo.com	c1.adform.net
2	cms.analytics.yahoo.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	match.adsrvr.org	c1.adform.net
2	idsync.rlcdn.com	2 redirects
2	se.semasio.net	2 redirects
2	uipglob.semasio.net	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	ad.360yield.com	c1.adform.net
2	my.rtmark.net	track.adform.net
2	server.seadform.net
2	pool.admedo.com	1 redirects
2	a1.adform.net	1 redirects
2	www.googletagmanager.com	3917.info www.googletagmanager.com
1	widget.intercom.io	3917.info
1	5a0ef96fd84066141eb932d11ca5b39bb17a78cb.csftr.com	leoncasino.gcdn.co
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	cm.adsafety.net	c1.adform.net
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	loadm.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	crb.kargo.com	c1.adform.net
1	x.bidswitch.net	1 redirects
1	ads.stickyadstv.com	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	d1cr9zxt7u0sgu.cloudfront.net	leoncasino.gcdn.co
1	ps.l.liftdsp.com	leoncasino.gcdn.co
1	dsp-ap.eskimi.com	leoncasino.gcdn.co
1	dsp-trk.eskimi.com	leoncasino.gcdn.co
1	pj.l.liftdsp.com	3917.info
1	acdn.adnxs.com	3917.info
1	dsp-media.eskimi.com	3917.info
1	s2.adform.net	3917.info
1	fonts.googleapis.com	leoncasino.gcdn.co
1	c1li7tt5ck.com	1 redirects
1	realtimesegmenta.org	1 redirects
1	1fjq7.trk.elasticemail.com	1 redirects
0	js.intercomcdn.com Failed	widget.intercom.io
0	rtb-csync.smartadserver.com Failed	c1.adform.net
271	71

This site contains links to these domains. Also see Links.

Domain
r2d.partners
lbaffiliates.com
t.me
sigma.world
policies.google.com

Subject Issuer	Validity	Valid
3917.info R11	`2025-03-08` - `2025-06-06`	3 months	crt.sh
*.gcdn.co DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-03` - `2025-08-03`	a year	crt.sh
upload.video.google.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.gstatic.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.google-analytics.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-03` - `2025-07-29`	10 months	crt.sh
*.r2drtb.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-08` - `2025-07-08`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-24`	a year	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2025-02-18` - `2026-03-21`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh
pj.l.liftdsp.com Amazon RSA 2048 M03	`2024-03-22` - `2025-04-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2025-02-21` - `2026-03-23`	a year	crt.sh
ps.l.liftdsp.com Amazon RSA 2048 M02	`2025-03-07` - `2026-04-05`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-22` - `2025-11-12`	a year	crt.sh
my.rtmark.net WE1	`2025-03-04` - `2025-06-02`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M03	`2025-03-29` - `2026-04-27`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-08` - `2025-08-10`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M03	`2024-06-17` - `2025-07-17`	a year	crt.sh
*.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-01-07` - `2026-02-07`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2025-04-01` - `2026-05-02`	a year	crt.sh
*.exelator.com GlobalSign RSA OV SSL CA 2018	`2024-05-29` - `2025-06-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M03	`2024-09-08` - `2025-10-08`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
*.adsafety.net E5	`2025-02-09` - `2025-05-10`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-19` - `2026-03-22`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2024-10-19` - `2025-11-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
id5-sync.com E5	`2025-03-01` - `2025-05-30`	3 months	crt.sh
teads.tv R10	`2025-02-18` - `2025-05-19`	3 months	crt.sh
smaato.net Sectigo ECC Domain Validation Secure Server CA	`2024-08-13` - `2025-09-11`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2024-05-28` - `2025-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M03	`2025-02-11` - `2026-03-12`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2025-03-03` - `2026-04-01`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2025-03-19` - `2025-08-29`	5 months	crt.sh
csftr.com WE1	`2025-04-08` - `2025-07-07`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-12-14` - `2026-01-11`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Frame ID: 99AD751EC80DF249C5315A86D1115158
Requests: 230 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Frame ID: BDC9D83BFE44D89E4EA3402C571A74B5
Requests: 38 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=3024289&lid=139925013&ctype=0&media=0&PageName=Leon_All_Pages&rnd=1575705238&cpref=&loc=https%3a%2f%2f3917.info%2fregistration%3fqtag%3da31492_t36018_c1246_sNALEON%26retentionId%3df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3drussia%26utm_campaign%3dKingQONK%26utm_medium%3dNALEON
Frame ID: D161580D1D3B83C2DEE7690F5AE5A6C4
Requests: 3 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 2FAB02D4B755650AC2F020388037A413
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e9190fdf.js
Frame ID: 65AA88888932C92B34E0EFB9267F4C2C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Онлайн казино: Более 4000 игр и быстрый вывод средств | ЛEОН

Page URL History Show full URLs

https://1fjq7.trk.elasticemail.com/tracking/click?d=DqFe1nAGWqib1ZsBMG5IKxNIUUDNBdHkNn6oPIDDXibkDQz70CyYCOzSWKw... HTTP 302
https://realtimesegmenta.org/vnZWQ4MB HTTP 302
https://c1li7tt5ck.com/?serial=36018&creative_id=1246&anid=NALEON&path=registration&retentionId=f11... HTTP 302
https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

271
Requests

92 %
HTTPS

23 %
IPv6

58
Domains

71
Subdomains

53
IPs

15
Countries

7694 kB
Transfer

13541 kB
Size

80
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://r2d.partners/
Title: Партнерская программа

Search URL Search Domain Scan URL

URL: https://lbaffiliates.com/
Title: Партнерская программа

Search URL Search Domain Scan URL

URL: https://t.me/+8kTi8kuioek2YjVk

Search URL Search Domain Scan URL

URL: https://sigma.world/

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=ru
Title: Условия

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=ru
Title: Правила

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://1fjq7.trk.elasticemail.com/tracking/click?d=DqFe1nAGWqib1ZsBMG5IKxNIUUDNBdHkNn6oPIDDXibkDQz70CyYCOzSWKwwlLGM4yGyAUl4tXm_1gEHGX8Qqx27g-Rvgr282TwQ7VBQh8ZsKtEBZRkyJRqqIqZJ76Ve9ZKg3V-A3xmDy_BXDOfmm8c1 HTTP 302
https://realtimesegmenta.org/vnZWQ4MB HTTP 302
https://c1li7tt5ck.com/?serial=36018&creative_id=1246&anid=NALEON&path=registration&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON HTTP 302
https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://secure.adnxs.com/seg?add=37094577&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1

Request Chain 112

https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=959467696570&ADFtpmode=2&loc=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&Set1=da-DK%7Cda-DK%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=959467696570&ADFtpmode=2&loc=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&Set1=da-DK%7Cda-DK%7C1600x1200%7C24

Request Chain 118

https://region1.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je54f1v871047016z8890860847za200zb890860847&_p=1744843581628&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102509683~102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316~103130495~103130497&cid=510867162.1744843582&ul=da-dk&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAAAAI&_s=2&dl=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&sid=1744843582&sct=1&seg=0&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9BE%D0%9E%D0%9D&uid=&en=customerRegistrationStart&_c=1&ep.event_country=DK&ep.platform_type=web&ep.device_type=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F135.0.0.0%20Safari%2F537.36&ep.web_version=6.110.1&ep.theme=DARK&ep.full_url=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&ep.previous_page_url=https%3A%2F%2F3917.info%2F&ep.main_domain=3917.info&ep.lead_section=home&ep.event_category=registration&epn.event_timestamp=1744843582288&ep.event_action=Page%20visit&ep.website_product=li&ep.website_skin=leoncasino&ep.website_locale=ru_RU&ep.event_name=customerRegistrationStart&_et=3&tfd=4062 HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=510867162.1744843582&dbk=16229296179783838761&dma=1&dma_cps=syphamo&en=customerRegistrationStart&gtm=45je54f1v871047016z8890860847za200zb890860847&npa=1&tid=G-JZZNGY93CC&dl=https%3A%2F%2F3917.info%3F

Request Chain 121

https://pool.admedo.com/pixel?id=154038&t=js HTTP 302
https://pool.admedo.com/ul_cb/pixel?id=154038&t=js

Request Chain 224

https://x.bidswitch.net/sync?dsp_id=70&user_id=2220017443996948830 HTTP 302
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=2220017443996948830&dsp_id=70&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 225

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2220017443996948830&expiration=1746053183 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2220017443996948830&expiration=1746053183&C=1

Request Chain 226

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2220017443996948830&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2220017443996948830&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=2220017443996948830&gdpr=&sInitiator=external HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=5392076440452082538&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MzMzMDM3M0VGOTk3QjIxOQ&gdpr=

Request Chain 229

https://idsync.rlcdn.com/398366.gif?partner_uid=2220017443996948830 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMjIyMDAxNzQ0Mzk5Njk0ODgzMBAAGg0Iv-aAwAYSBQjoBxAAQgBKAA HTTP 307
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1

Request Chain 234

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=5392076440452082538&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=3764960264081281523

Request Chain 238

https://a.audrte.com/a?adform_uid=2220017443996948830 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bTlraXRpMm0tMkNZV2wwWkRSZkNzeFc5QzVOY05NQS1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYXplcmlvbiJ9XX0%253D%26aruid%3Dm9kiti2m-2CYWl0ZDRfCsxW9C5NcNMA-ad HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bTlraXRpMm0tMkNZV2wwWkRSZkNzeFc5QzVOY05NQS1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYXplcmlvbiJ9XX0%253D%26aruid%3Dm9kiti2m-2CYWl0ZDRfCsxW9C5NcNMA-ad&google_tc= HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYXplcmlvbiJ9XX0%3D&aruid=m9kiti2m-2CYWl0ZDRfCsxW9C5NcNMA-ad&gdpr=0&gdpr_consent= HTTP 302
https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D%7BPUB_USER_ID%7D%26p%3D560038091

Request Chain 239

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2220017443996948830&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2220017443996948830&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=85865831291594523781619140060813144678&noredirect=1

Request Chain 240

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2220017443996948830 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217003105219008436128

Request Chain 241

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7494046129921587561

Request Chain 242

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=JrJaFLKF1U5bws5

Request Chain 245

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1071776081 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Maj3CmrhOjTBNWSSXK76gO

Request Chain 249

https://pixel.onaudience.com/?mapped=2220017443996948830&partner=68 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1

Request Chain 252

https://pixel.onaudience.com/?partner=290&mapped=2220017443996948830 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1

Request Chain 262

https://mc.yandex.com/sync_cookie_image_check?scid=dd8eead3-1836-73b2-3af9-d2e0f1696912&cid=71598811 HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?cid=71598811&redirect_domain=mc.yandex.com&scid=dd8eead3-1836-73b2-3af9-d2e0f1696912&token=10639.TfOYMgzyeJdVy8n3DQGIvPzfaWbNANfr1DC35INAA4LJ99Xp2mybiMCN16XV4JJq.P7yfyfO0un_UmHYZUTWM0B24RDo%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?cid=71598811&scid=dd8eead3-1836-73b2-3af9-d2e0f1696912&token=10639.BJJE4wVRyRhlIiA74MBjrZR3k0-T97q3l-Ba8VlZLpaZKIaOLB096CLfa2bvpIl3-yhrKjh_ZXdM6dW-E3rB9ropOR9WVDDxnJM9WnFrRGUHcL3Ygn5T3mSDK-kn9IxXamgtKAEnRSMCsEzdRmBeZzYuXpXOCzIURuA_ls8WKtqCxQHb7Ts0hUQjuy7Xbsspst4HGGn-rBJQJKCJ4L1i0jnzG-CGSjG7roygxoPB2zM%2C.pUYvPeAVxpztBGekRDell0jZ1d8%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?cid=71598811&redirect_domain=mc.yandex.com&scid=dd8eead3-1836-73b2-3af9-d2e0f1696912&token=10639.Fl7CKvrTze-8iXlww3JlXK9fiHLKwVi1bVmBJe1UEbvy_f_VS8t6HdAagrEUAJzBl-mfTKhllECt5alLBsNFSI0sbkfPuEmP10b-WuCRP37tKTvFXh3tpElgSfhMzZ72ugrC7zNDeKKG-fWkOc4lFnd1daJ4vf5JKTQhlV2-d_jQhtKv2jXIzfE7Vayo44gVTiBWcX8fsbblTY2WZ2KF_Q%2C%2C.Ge79nMJqtJatXHgiJL1VAR3JxjA%2C

Request Chain 267

https://mc.yandex.com/watch/71598811?wmode=7&page-url=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ada-DK%3Av%3A1661%3Acn%3A1%3Adp%3A0%3Als%3A1111040780795%3Ahid%3A954453224%3Az%3A120%3Ai%3A20250417004626%3Aet%3A1744843586%3Ac%3A1%3Arn%3A1020933593%3Arqn%3A1%3Au%3A1744843586347294455%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2060%3Awv%3A2%3Ads%3A8%2C143%2C202%2C3%2C1508%2C0%2C%2C179%2C1%2C2373%2C2373%2C0%2C2306%3Aco%3A0%3Acpf%3A1%3Ans%3A1744843578299%3Agi%3AR0ExLjEuNTEwODY3MTYyLjE3NDQ4NDM1ODI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1744843587%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9BE%D0%9E%D0%9D&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ada-DK%3Av%3A1661%3Acn%3A1%3Adp%3A0%3Als%3A1111040780795%3Ahid%3A954453224%3Az%3A120%3Ai%3A20250417004626%3Aet%3A1744843586%3Ac%3A1%3Arn%3A1020933593%3Arqn%3A1%3Au%3A1744843586347294455%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2060%3Awv%3A2%3Ads%3A8%2C143%2C202%2C3%2C1508%2C0%2C%2C179%2C1%2C2373%2C2373%2C0%2C2306%3Aco%3A0%3Acpf%3A1%3Ans%3A1744843578299%3Agi%3AR0ExLjEuNTEwODY3MTYyLjE3NDQ4NDM1ODI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1744843587%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9BE%D0%9E%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

271 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request registration Show response
3917.info/ru-ru/
Redirect Chain

https://1fjq7.trk.elasticemail.com/tracking/click?d=DqFe1nAGWqib1ZsBMG5IKxNIUUDNBdHkNn6oPIDDXibkDQz70CyYCOzSWKwwlLGM4yGyAUl4tXm_1gEHGX8Qqx27g-Rvgr282TwQ7VBQh8ZsKtEBZRkyJRqqIqZJ76Ve9ZKg3V-A3xmDy_BXD...
https://realtimesegmenta.org/vnZWQ4MB
https://c1li7tt5ck.com/?serial=36018&creative_id=1246&anid=NALEON&path=registration&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON

38 KB
14 KB

354ms
203ms

Document
text/html

194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0e4ed35fdb0dce3e90d737820098164b1a6e33bba7fe36430dd522493778dc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy-report-only: script-src 'nonce-LGEJyzfI08V9EY5wlnwFsg==' 'self' 'strict-dynamic' 'unsafe-eval' https://leoncasino.gcdn.co https://www.googletagmanager.com; report-uri https://o237537.ingest.us.sentry.io/api/4509157896552448/security/?sentry_key=583d43adfe1cb7036ae2cf9dd04ab87a&sentry_environment=prod
content-type: text/html;charset=UTF-8
date: Wed, 16 Apr 2025 22:46:20 GMT
expires: 0
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 931737d16b552f0a-SIN
content-type: text/html; charset=utf-8
date: Wed, 16 Apr 2025 22:46:19 GMT
location: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=0; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: bd0515456521f05bc2a9d052b79804b1
x-runtime: 0.032562
x-xss-protection: 1; mode=block

GET
H2 200 vite-plugin-import-retry.dca3f5.js Show response
leoncasino.gcdn.co/js/ 3 KB
1 KB 159ms
45ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/vite-plugin-import-retry.dca3f5.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: dca3f558d8b551db233a488f512c5180ee9db08c320ce1c1492ec74160f5a5cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67ee4b2e-4a3"
age: 819078
traceparent: 00-3a741857a63976948a576f71c55d4f36-6ef57dcb75b39321-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Thu, 03 Apr 2025 08:47:42 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1187
x-cached-since: 2025-04-07T11:15:02+00:00
server: nginx

GET
H2 200 app.Bap269zi.js Show response
leoncasino.gcdn.co/js/ 2 KB
1 KB 160ms
46ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/app.Bap269zi.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 23a5b7d715c6cc355832ef81340d8345ead5f086f5523d5da6c363700d79728f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-3a9"
age: 38279
traceparent: 00-9995f93de440184964fd64a31ac25d15-667d8c2659a65a51-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 937
x-cached-since: 2025-04-16T12:08:21+00:00
server: nginx

GET
H2 200 rollup.d.m.Bn-yM7-P.js Show response
leoncasino.gcdn.co/js/ 3 KB
2 KB 48ms
46ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f34c52d1487cf55ea4c01655d023e549710881660931c7a48b0c93dfe4897e85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/app.Bap269zi.js

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f3decf-c17"
age: 652346
traceparent: 00-07f75b797c42eb091733c2a5a7931a1d-d0bfca737b7edeb7-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-09T09:33:54+00:00
server: nginx

GET
H2 200 88582821.d.m.D2OUHn8z.js Show response
leoncasino.gcdn.co/js/ 6 KB
2 KB 47ms
46ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/88582821.d.m.D2OUHn8z.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 0574282d30f05a4565b45f1ca37dc0efdf22ce4047228ff9029cf5d95a5d6961

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/app.Bap269zi.js

Response headers

cache: HIT
content-encoding: br
etag: "67f3decf-912"
age: 652346
traceparent: 00-f567ea20c435daedd77d3c46abc23397-344e47cceb55a934-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2322
x-cached-since: 2025-04-09T09:33:54+00:00
server: nginx

GET
H2 200 1bb7e2cc.d.m.n0aAr_qw.js Show response
leoncasino.gcdn.co/js/ 11 KB
4 KB 59ms
57ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/1bb7e2cc.d.m.n0aAr_qw.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7fb3ac184892bd95d633c372bc5003ff1aabe61e9055ad55ab2eaa1d0ff751ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/app.Bap269zi.js

Response headers

cache: HIT
content-encoding: br
etag: "67f93a4e-e39"
age: 213843
traceparent: 00-9191868ed1d578cde2a64b62285169c6-3f2233bdd3615785-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Fri, 11 Apr 2025 15:50:38 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3641
x-cached-since: 2025-04-14T11:22:17+00:00
server: nginx

GET
H2 200 7c9eab67.d.m.CjTdgYFV.js Show response
leoncasino.gcdn.co/js/ 561 B
477 B 60ms
59ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/7c9eab67.d.m.CjTdgYFV.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: ca8875eb173e5cfd610706712c5f3284de51ae3d81735667717567aa80da1c13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/app.Bap269zi.js

Response headers

cache: HIT
content-encoding: br
etag: "67f93a4e-175"
age: 213843
traceparent: 00-06ec6c5a22de3547847929aab9e421ab-17dc212b31ff1e55-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Fri, 11 Apr 2025 15:50:38 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 373
x-cached-since: 2025-04-14T11:22:17+00:00
server: nginx

GET
H2 200 01f20af8.d.m.D0OfjKYD.js Show response
leoncasino.gcdn.co/js/ 129 KB
38 KB 50ms
50ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/01f20af8.d.m.D0OfjKYD.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 9d49ce5010cd80986edadba2402c09cd6ef3177193936ad462dfa90b11589371

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/app.Bap269zi.js

Response headers

cache: HIT
content-encoding: br
etag: "67f3decf-98cd"
age: 652345
traceparent: 00-35d7dedf4cd0219ea7683d46665980ea-0e447df205653ad1-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39117
x-cached-since: 2025-04-09T09:33:55+00:00
server: nginx

GET
H2 200 94ae4756.d.m.vtg1A3mE.js Show response
leoncasino.gcdn.co/js/ 46 KB
16 KB 104ms
103ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/94ae4756.d.m.vtg1A3mE.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7616452b64959448cd071bcccab5980657b344879e098ec1bbc4b0f4b3ed76c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/app.Bap269zi.js

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f3decf-b746"
age: 652345
traceparent: 00-28245c7dd0f0964c144b4826759c2fd7-84f3577cd37519bd-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-09T09:33:55+00:00
server: nginx

GET
H2 200 8e2531cb.d.m.Cd-ywRhB.js Show response
leoncasino.gcdn.co/js/ 337 KB
60 KB 91ms
90ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/8e2531cb.d.m.Cd-ywRhB.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 1e078ab22e121ca794750ebc6dc8ed24b222b889aea9e1a3a71fc645d331d03f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/app.Bap269zi.js

Response headers

cache: HIT
content-encoding: br
etag: "67f93a4e-f156"
age: 213843
traceparent: 00-8be15ea44345fe84bb0e90052b0fcb67-2607f0fe5b82ea0f-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Fri, 11 Apr 2025 15:50:38 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 61782
x-cached-since: 2025-04-14T11:22:17+00:00
server: nginx

GET
H2 200 2362c2a5.d.m.BaGK35UP.js Show response
leoncasino.gcdn.co/js/ 2 KB
1008 B 135ms
134ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/2362c2a5.d.m.BaGK35UP.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7e3940a7cbe400ecb841563702098c29277e6eb72f6b5de64050876c44187e69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/app.Bap269zi.js

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f93a4e-696"
age: 213843
traceparent: 00-6a414854a0b9773623e8ee52b2e58d0e-73e528b26c14d93d-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Fri, 11 Apr 2025 15:50:38 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-14T11:22:17+00:00
server: nginx

GET
H2 200 06b1eb38.d.m.Dy-mXRO9.js Show response
leoncasino.gcdn.co/js/ 157 KB
68 KB 78ms
77ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/06b1eb38.d.m.Dy-mXRO9.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: b66c4f17ae44994093f59b2350e8efebdb85a480994ffcc592cf33acd2f380c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/01f20af8.d.m.D0OfjKYD.js

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f3decf-27296"
age: 652345
traceparent: 00-27ea3c7ca9d7c528ec054febfbe511a6-c595f29399e9c8d9-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-09T09:33:55+00:00
server: nginx

GET
H2 200 d1f76d1e.d.m.DV3JYYWD.js Show response
leoncasino.gcdn.co/js/ 5 KB
2 KB 44ms
44ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/d1f76d1e.d.m.DV3JYYWD.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 59e0478fd8cb2a0b31a2b40a88382d1902c89e89b3cb49c66be7979bb4930383

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/2362c2a5.d.m.BaGK35UP.js

Response headers

cache: HIT
content-encoding: br
etag: "67f93a4e-8db"
age: 213843
traceparent: 00-4aca10d0103b99dfe02697124e110e34-a13ab6e6ca1bb6db-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Fri, 11 Apr 2025 15:50:38 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2267
x-cached-since: 2025-04-14T11:22:17+00:00
server: nginx

GET
H2 200 a17a5642.d.m.d2egGL5n.js Show response
leoncasino.gcdn.co/js/ 327 KB
75 KB 47ms
47ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 3d0e8b45f9eb5c9c464d49cef63580f2b905615dde847cece1780ee09044467f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/2362c2a5.d.m.BaGK35UP.js

Response headers

cache: HIT
content-encoding: br
etag: "67f3decf-12a90"
age: 652345
traceparent: 00-00f9fd34aa7600adfbd76df57ab39e7d-26ee7a41d391840b-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76432
x-cached-since: 2025-04-09T09:33:55+00:00
server: nginx

GET
H2 200 f7cf2aa7.d.m.Cn0zlC22.js Show response
leoncasino.gcdn.co/js/ 4 KB
2 KB 46ms
45ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/f7cf2aa7.d.m.Cn0zlC22.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b74989ba78a34e873ea7d3e98f3bf9f832584a81de6a23f942862bd7a40857

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/d1f76d1e.d.m.DV3JYYWD.js

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f3decf-10bc"
age: 652345
traceparent: 00-4351f16636981ab41d937fe952038ae4-25b8bb5140a61286-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-09T09:33:55+00:00
server: nginx

GET
H2 200 cd43e72a.d.m.CeoTNllc.js Show response
leoncasino.gcdn.co/js/ 512 B
450 B 46ms
46ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/cd43e72a.d.m.CeoTNllc.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: fa1475f18518ec85526054b48860423c5059758658276d2c97db4aad56373e32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/d1f76d1e.d.m.DV3JYYWD.js

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f3decf-200"
age: 652345
traceparent: 00-253ad9a5ef856ef6f9e6e2721feea67c-173c1da873fd6e91-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-09T09:33:55+00:00
server: nginx

GET
H2 200 a48612de.EG-SH0wB.css
leoncasino.gcdn.co/assets/ 9 KB
2 KB 46ms
44ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/a48612de.EG-SH0wB.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 5b3c42cf36b410b740d14b5fc052792b46464975d99dcfe7ff70428845eb9fd1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-7e6"
age: 38278
traceparent: 00-e5d97f4389a0cbd677547d174cb94490-5cc35d085c49580d-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: text/css
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2022
x-cached-since: 2025-04-16T12:08:22+00:00
server: nginx

GET
H2 200 7fbe0154.DT236yJP.css
leoncasino.gcdn.co/assets/ 119 KB
18 KB 49ms
47ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/7fbe0154.DT236yJP.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 166492bed181420589ed5d3c45e9f66e3e7df75710294e8bd65f1faf8dd2b771

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67f3dece-4772"
age: 652344
traceparent: 00-eb8bd77e1dd2802eb1fc319fdce36ada-987d9a1b72ee1162-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: text/css
last-modified: Mon, 07 Apr 2025 14:18:54 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18290
x-cached-since: 2025-04-09T09:33:56+00:00
server: nginx

GET
H2 200 8a28bc4d.Zz91Zmdd.css
leoncasino.gcdn.co/assets/ 22 KB
6 KB 56ms
54ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/8a28bc4d.Zz91Zmdd.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 14b7a03c801bac68f96425f2063f7518368964f93c48cf93242dc5920bf3609c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f3dece-59cb"
age: 652344
traceparent: 00-5d64873af68aa5462b13ce6a2e5f08ff-a6f549fb4d26e8f7-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: text/css
last-modified: Mon, 07 Apr 2025 14:18:54 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-09T09:33:56+00:00
server: nginx

GET
H2 200 f06cd424.BmhaKMn4.css
leoncasino.gcdn.co/assets/ 1 KB
696 B 45ms
44ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/f06cd424.BmhaKMn4.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 93e4836c15371f02d5feecadc36b4d7cf5d0173143cc8329f65755abe04aaf4e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67fd108a-554"
age: 38278
traceparent: 00-2c498f00248e27b55689fd46ff65777a-aab12ec220264de1-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: text/css
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-16T12:08:22+00:00
server: nginx

GET
H2 200 86620776.ECpMtJlY.css
leoncasino.gcdn.co/assets/ 229 KB
33 KB 51ms
50ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/86620776.ECpMtJlY.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e98c1e5afb488597d136347b31918042594d447a10e9e5b6cfbbf2388e0e0a4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67f3dece-8187"
age: 652344
traceparent: 00-ab9580897a35bb302bba7e4ff1c57f26-5c5f20a0d12ea59e-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: text/css
last-modified: Mon, 07 Apr 2025 14:18:54 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33159
x-cached-since: 2025-04-09T09:33:56+00:00
server: nginx

GET
H2 200 d5fda32f.BqXcrL3D.css
leoncasino.gcdn.co/assets/ 116 B
189 B 48ms
47ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/d5fda32f.BqXcrL3D.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 2908de2f63299db485f9b3ac86491df38d46d4c0d2d4880947322463d6208a57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-4d"
age: 38278
traceparent: 00-e5aacd94d1e2b645eb55b9b4c7e6a472-e162c3587a6ab032-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: text/css
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77
x-cached-since: 2025-04-16T12:08:22+00:00
server: nginx

GET
H2 200 64da48c6.BbEK4rUD.css
leoncasino.gcdn.co/assets/ 15 KB
3 KB 54ms
53ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/64da48c6.BbEK4rUD.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 778e69124b8803db432937687536d0dff7536cc0e0d6ab310d4dda39a64b362e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67f3dece-c71"
age: 652344
traceparent: 00-3105e8c5ef2b382044c6c1ffd463a89e-c988b741419369ef-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: text/css
last-modified: Mon, 07 Apr 2025 14:18:54 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3185
x-cached-since: 2025-04-09T09:33:56+00:00
server: nginx

GET
H2 200 64da48c6.d.m.J35M3qPD.js Show response
leoncasino.gcdn.co/js/ 157 KB
33 KB 46ms
46ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/64da48c6.d.m.J35M3qPD.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/vite-plugin-import-retry.dca3f5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 19d604622f3b0f64eb979249c8f278e009412d0f617a81b9106c894737bc5396

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-8497"
age: 38278
traceparent: 00-72f891497b8507ca523e479fd60cc495-5ffa828b2551edf5-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33943
x-cached-since: 2025-04-16T12:08:22+00:00
server: nginx

GET
H2 200 713ac740.d.m._aZwmyU8.js Show response
leoncasino.gcdn.co/js/ 20 KB
7 KB 83ms
66ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/713ac740.d.m._aZwmyU8.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 2a08069de293510765caaf22b0bb7d07cce01078d57d484b60c3b4dc912a92d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/64da48c6.d.m.J35M3qPD.js

Response headers

cache: HIT
content-encoding: br
etag: "67f3decf-1ccc"
age: 652344
traceparent: 00-a907a48977585d5bdc8c4c526d053b1c-f001706bd47bdb09-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7372
x-cached-since: 2025-04-09T09:33:56+00:00
server: nginx

GET
H2 200 7fbe0154.d.m.BhQ4PW3H.js Show response
leoncasino.gcdn.co/js/ 481 KB
116 KB 66ms
49ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/7fbe0154.d.m.BhQ4PW3H.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 9c6445ece562b8355a170e09ae782ecce11eacc2081b9963ae10d57053f33b1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/64da48c6.d.m.J35M3qPD.js

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-1cfb8"
age: 38278
traceparent: 00-14a4e484442fb6c5e7006316250d1ca4-37ce024f16c05e4e-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 118712
x-cached-since: 2025-04-16T12:08:22+00:00
server: nginx

GET
H2 200 86620776.d.m.BoK9GT76.js Show response
leoncasino.gcdn.co/js/ 1 MB
244 KB 91ms
76ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/86620776.d.m.BoK9GT76.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: c45d41e1863665bba956aec1969a55d646d5dbf961803cf1cec079e354c07f51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/64da48c6.d.m.J35M3qPD.js

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-3cfad"
age: 38278
traceparent: 00-5dd15a146e5af7eaf0ed93c26ceba254-c43d87d82f1e6850-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 249773
x-cached-since: 2025-04-16T12:08:22+00:00
server: nginx

GET
H2 200 a48612de.d.m.Dvh7cDcG.js Show response
leoncasino.gcdn.co/js/ 265 KB
44 KB 84ms
68ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/a48612de.d.m.Dvh7cDcG.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 255eeb56877c6d0d16fc8e76bdfeff90afdf1ef6fbc20b723248d334f49a1fd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/64da48c6.d.m.J35M3qPD.js

Response headers

cache: HIT
content-encoding: br
etag: "67f93a4e-af10"
age: 213843
traceparent: 00-6f23214a929b594ef899756cff43f935-1343ec47484a4700-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Fri, 11 Apr 2025 15:50:38 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44816
x-cached-since: 2025-04-14T11:22:17+00:00
server: nginx

GET
H2 200 8a28bc4d.d.m.DL6K1f2l.js Show response
leoncasino.gcdn.co/js/ 276 KB
98 KB 95ms
80ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/8a28bc4d.d.m.DL6K1f2l.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 86e1dab1ffaa9690a364b41735fc24d5000206affbaede7bca445f17dd115668

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/64da48c6.d.m.J35M3qPD.js

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f3decf-450d7"
age: 652343
traceparent: 00-ba8a8f6f4fe8d5fce43f34c75d4cb949-5d584fbe3eefa216-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-09T09:33:57+00:00
server: nginx

GET
H2 200 2df41dfd.d.m.B2Jk1P3j.js Show response
leoncasino.gcdn.co/js/ 18 KB
6 KB 95ms
80ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/2df41dfd.d.m.B2Jk1P3j.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 3cfed3f63b1d868a70f9bd819fcb50897d1daf98d0fd25aee0749cd30dcf4e54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/64da48c6.d.m.J35M3qPD.js

Response headers

cache: HIT
content-encoding: br
etag: "67f3decf-1846"
age: 652343
traceparent: 00-c66cd74e9e35fee368ee9ae90f699fea-9b31d982232a827f-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6214
x-cached-since: 2025-04-09T09:33:57+00:00
server: nginx

GET
H2 200 d5fda32f.d.m.BqqMgqgk.js Show response
leoncasino.gcdn.co/js/ 3 KB
2 KB 94ms
80ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/d5fda32f.d.m.BqqMgqgk.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7944086d95d3bbec57b47727fccd63203a571884932ddcb5ed647fbc9118e83d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/64da48c6.d.m.J35M3qPD.js

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-5cf"
age: 38278
traceparent: 00-be5a80e56ff151cd86408bd0a9e46b6e-7b29c871f1f4d1f4-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1487
x-cached-since: 2025-04-16T12:08:22+00:00
server: nginx

GET
H2 200 baa7435a.d.m.nTjT4fUk.js Show response
leoncasino.gcdn.co/js/ 23 KB
9 KB 86ms
80ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/baa7435a.d.m.nTjT4fUk.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: ffc50057b8e2ae8f26f5ad53866f3586abae6f3e985c4c10ccbf947a3c564fe2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/64da48c6.d.m.J35M3qPD.js

Response headers

cache: HIT
content-encoding: br
etag: "67f3decf-222b"
age: 652343
traceparent: 00-825793c8e9671b953f48fa4ea7864b03-17202b2823f76134-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8747
x-cached-since: 2025-04-09T09:33:57+00:00
server: nginx

GET
H2 200 7a71a6d3.d.m.z9dBKSom.js Show response
leoncasino.gcdn.co/js/ 9 KB
3 KB 87ms
81ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/7a71a6d3.d.m.z9dBKSom.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: b4f07011ff85522869c7752cc7127780dee25dea60479cb4d681fb433f60aa4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/64da48c6.d.m.J35M3qPD.js

Response headers

cache: HIT
content-encoding: br
etag: "67f3decf-d36"
age: 652343
traceparent: 00-27cda3f76cf66cc1def1d352661ecdb9-938b4d6db44f5c28-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3382
x-cached-since: 2025-04-09T09:33:57+00:00
server: nginx

GET
H2 200 favicon.ico
3917.info/ 1 KB
417 B 141ms
135ms Other
image/x-icon 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL: https://3917.info/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e8ceb48efc3ae43c8756f9d57267ddbf0676c1951cacb0928b7d4e538e40688d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON

Response headers

content-encoding: gzip
date: Wed, 16 Apr 2025 22:46:20 GMT
etag: W/"67fd1071-47e"
content-type: image/x-icon
last-modified: Mon, 14 Apr 2025 13:41:05 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 favicon-32.png
3917.info/favicon/ 551 B
788 B 140ms
140ms Other
image/png 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL: https://3917.info/favicon/favicon-32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d892d3e4052fa9f44e2dae665dfa59dd6de5af6a5f143fca6c34b5a468886f88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON

Response headers

cache-control: max-age=315360000, public
content-encoding: gzip
etag: W/"67fd108a-227"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: image/png
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 3d6acc57.d.m.Bm1ocd-o.js Show response
leoncasino.gcdn.co/js/ 63 KB
20 KB 47ms
47ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/3d6acc57.d.m.Bm1ocd-o.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: b3ac4e0498db49358acf3e157c12b7c77625107e351e614938bf09f45ae5700e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/86620776.d.m.BoK9GT76.js

Response headers

cache: HIT
content-encoding: br
etag: "67f3decf-5056"
age: 652343
traceparent: 00-d57ec8a3236862509710389f45d641d0-b9089bf28c80e6fe-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20566
x-cached-since: 2025-04-09T09:33:57+00:00
server: nginx

GET
H2 200 a538a99f.d.m.BpNeAeef.js Show response
leoncasino.gcdn.co/js/ 40 KB
14 KB 47ms
47ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/a538a99f.d.m.BpNeAeef.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: df0876ba5126871e016b56c824adb1a42d170320155ee07ac2ecef4a51428cba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/86620776.d.m.BoK9GT76.js

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f3decf-a0aa"
age: 377409
traceparent: 00-8778e829ee7e05bc020ac1ccca535b7b-98c22759ad28d112-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-12T13:56:11+00:00
server: nginx

GET
H2 200 f06cd424.d.m.DytNlZXv.js Show response
leoncasino.gcdn.co/js/ 21 KB
7 KB 46ms
46ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/f06cd424.d.m.DytNlZXv.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 44d385cd009f99cac384a7106fe5a7fac1ffe369d3ac8b5afd92d861aab4214b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/86620776.d.m.BoK9GT76.js

Response headers

cache: HIT
content-encoding: br
etag: "67f93a4e-1c2c"
age: 213842
traceparent: 00-927e04532dc9cdcdeb144b34d4db78aa-bf275ac90b74845c-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:20 GMT
content-type: application/javascript
last-modified: Fri, 11 Apr 2025 15:50:38 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7212
x-cached-since: 2025-04-14T11:22:18+00:00
server: nginx

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

POST
H2 200 api-1 Show response
3917.info/ 135 KB
28 KB 314ms
310ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/8e2531cb.d.m.Cd-ywRhB.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2ca169d8759b97b87a8f2441c8865bce8d3d2fe6b489594753229d45003ce2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-platform: web
x-app-modernity: modern
x-utm-source: russia
x-requested-uri: /ru-ru/registration
x-app-rendering: csr
content-type: application/json
x-app-browser: chrome
x-app-env: prod
x-app-skin: leoncasino
x-retention-id: f118d479-a61f-4ae9-84df-e9864c36975c
x-utm-medium: NALEON
Referer: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-qtag: a31492_t36018_c1246_sNALEON
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-layout: desktop
x-utm-campaign: KingQONK

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:21 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

POST
H2 200 api-1 Show response
3917.info/ 207 KB
46 KB 448ms
386ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/8e2531cb.d.m.Cd-ywRhB.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

573f75ebb85a1b821230d96866a2cabdc451b0bfbae29c86cf985157faaea0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-requested-uri: /ru-ru/registration
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:21 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 62 KB
3 KB 221ms
75ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap&family=Mulish:wght@400;700;900&display=swap&family=Prompt:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/7fbe0154.d.m.BhQ4PW3H.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5914be124697c3a8ad4472c47a2ea7fd5313117348b672300fb5a3da2383ab56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 16 Apr 2025 22:46:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 16 Apr 2025 22:30:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ 39 KB
39 KB 169ms
91ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&&display=swap&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap&family=Mulish:wght@400;700;900&display=swap&family=Prompt:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 139878
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 07:55:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 07:55:03 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 143ms
65ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 158359
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 02:47:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 02:47:02 GMT
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30096
x-xss-protection: 0
server: sffe

GET
H3 200 -W__XJnvUD7dzB2KYNod.woff2
fonts.gstatic.com/s/prompt/v10/ 17 KB
17 KB 146ms
68ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W__XJnvUD7dzB2KYNod.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 135355
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 09:10:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 09:10:26 GMT
last-modified: Wed, 27 Apr 2022 15:46:13 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17640
x-xss-protection: 0
server: sffe

POST
H2 200 api-1 Show response
3917.info/ 2 KB
1 KB 161ms
160ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/8e2531cb.d.m.Cd-ywRhB.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7cbd21dc8c356e1ce7e684c4e1784be5711dd48ae69f4075f7d8b4711b9a8013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-requested-uri: /ru-ru/registration
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome
x-app-theme: DARK

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:21 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

GET
H2 200 27d773af.d.m.Bou-D2OD.js Show response
leoncasino.gcdn.co/js/ 87 KB
7 KB 45ms
44ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/27d773af.d.m.Bou-D2OD.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/vite-plugin-import-retry.dca3f5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f8f08d9c84fd3c25ac981bb01f9d27c69dad6b5a178c88c12afdd212acab57d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer

Response headers

cache: HIT
content-encoding: br
etag: "67f3decf-19cc"
age: 377410
traceparent: 00-4c4e06c192f0a72506fc1ffedae428df-018d377da16263a8-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6604
x-cached-since: 2025-04-12T13:56:11+00:00
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 354 KB
99 KB 226ms
83ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Requested by

Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

397203f5cc129d9af709115c62b8b2bb1869cc718dcf042e4e3b7f1f4b66e1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1297:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1297:0"}],}
expires: Wed, 16 Apr 2025 22:46:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 16 Apr 2025 21:36:28 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1297:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1297:0
content-length: 100138
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ce584242.CjUc204Q.css
leoncasino.gcdn.co/assets/ 3 KB
1 KB 45ms
45ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/ce584242.CjUc204Q.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 34392590e328c76b4283b5c3c9a9e9b8723bc4068d17e1acb476c092a38f9268

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f3dece-b3a"
age: 652343
traceparent: 00-01f11949e7f66d9cc0181814a3505602-a269b78d5d07d26a-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: text/css
last-modified: Mon, 07 Apr 2025 14:18:54 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-09T09:33:58+00:00
server: nginx

GET
H2 200 208a717f.IEG3RMnx.css
leoncasino.gcdn.co/assets/ 519 B
320 B 46ms
46ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/208a717f.IEG3RMnx.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 03a5fda0dedb4bc1630184c5f31da408e9655a2a8a2a33ef27be0e96d88970a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67f3dece-d5"
age: 652343
traceparent: 00-00ee66c16e6d5a3394cc64dc57696251-9f69621f1f7718c3-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: text/css
last-modified: Mon, 07 Apr 2025 14:18:54 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 213
x-cached-since: 2025-04-09T09:33:58+00:00
server: nginx

GET
H2 200 cc513c94.DcUyEdfK.css
leoncasino.gcdn.co/assets/ 7 KB
2 KB 46ms
46ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/cc513c94.DcUyEdfK.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: fe7eeec260903313f796fbbc404a4a7b3ceb45858307521d473b71e789c99e7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67fd108a-1bc5"
age: 37895
traceparent: 00-b375f7fedf1190ed920d3898210179b5-ff269a4b72d6aa7f-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: text/css
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-16T12:14:46+00:00
server: nginx

GET
H2 200 favicon.ico
3917.info/ 1 KB
0 0ms
0ms Other
image/x-icon 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL: https://3917.info/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e8ceb48efc3ae43c8756f9d57267ddbf0676c1951cacb0928b7d4e538e40688d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON

Response headers

content-encoding: gzip
date: Wed, 16 Apr 2025 22:46:20 GMT
etag: W/"67fd1071-47e"
content-type: image/x-icon
last-modified: Mon, 14 Apr 2025 13:41:05 GMT
server: nginx/1.18.0 (Ubuntu)

POST
H2 200 / Show response
o237537.ingest.us.sentry.io/api/4508036400611328/envelope/ 2 B
300 B 183ms
72ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://o237537.ingest.us.sentry.io/api/4508036400611328/envelope/?sentry_key=49b7cc7b9bcb8faa9bcc1eb74ae4099c&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.120.0

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://3917.info/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H2 200 favicon-32.png
3917.info/favicon/ 551 B
0 0ms
0ms Other
image/png 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL: https://3917.info/favicon/favicon-32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d892d3e4052fa9f44e2dae665dfa59dd6de5af6a5f143fca6c34b5a468886f88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON

Response headers

cache-control: max-age=315360000, public
content-encoding: gzip
etag: W/"67fd108a-227"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: image/png
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
server: nginx/1.18.0 (Ubuntu)

POST
H2 200 api-1 Show response
3917.info/ 629 B
725 B 145ms
144ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

62e987c4205a8c7beae8edd0b279f351ce9654f43f14618b1ed553fa435ef7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-requested-uri: /ru-ru/registration
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome
x-app-language: ru_RU
x-app-theme: DARK

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:21 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

GET
H2 200 cc513c94.d.m.BTSnfEth.js Show response
leoncasino.gcdn.co/js/ 17 KB
5 KB 44ms
44ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/cc513c94.d.m.BTSnfEth.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/vite-plugin-import-retry.dca3f5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 73609cd3bdcc6e138da8909f69a8b1e9d2e71f1455a2f693b735b93eca250366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-1257"
age: 37895
traceparent: 00-ce92e18b4c62b638bb93f1d90639707e-b90de1533ae75f89-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4695
x-cached-since: 2025-04-16T12:14:46+00:00
server: nginx

GET
H2 200 ce584242.d.m.C0HiMDQx.js Show response
leoncasino.gcdn.co/js/ 5 KB
2 KB 45ms
45ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/ce584242.d.m.C0HiMDQx.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d519960ad125ba557e09f52385c05a82cc7e457d149d535f4ecea1b8b5f4f6c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/cc513c94.d.m.BTSnfEth.js

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-598"
age: 37895
traceparent: 00-ace72e399a9550cbbc2f20e8aadf9574-83045dd874bab89a-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1432
x-cached-since: 2025-04-16T12:14:46+00:00
server: nginx

GET
H2 200 208a717f.d.m.Bq729jqE.js Show response
leoncasino.gcdn.co/js/ 3 KB
1 KB 45ms
44ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/208a717f.d.m.Bq729jqE.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 3f4c4ddc52bdb985425113afae186ed4231528f8b8a4f98087d37f3890315caa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/cc513c94.d.m.BTSnfEth.js

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-558"
age: 37895
traceparent: 00-1661dd1298488b877193f0052013f42a-1225660850c9a84f-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1368
x-cached-since: 2025-04-16T12:14:46+00:00
server: nginx

GET
H2 200 d39bd125.D_oiZ6VG.css
leoncasino.gcdn.co/assets/ 13 KB
2 KB 44ms
44ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/d39bd125.D_oiZ6VG.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f6387d1daf770ea16213c1b17b4b60e1d5e866c6a36f439d9ee0a8c7eac84693

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67f3dece-646"
age: 649635
traceparent: 00-050c15a508394369059c1332cd4b2c09-1c3f090ae2b55cd8-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: text/css
last-modified: Mon, 07 Apr 2025 14:18:54 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1606
x-cached-since: 2025-04-09T10:19:06+00:00
server: nginx

POST
H2 200 api-1 Show response
3917.info/ 798 KB
52 KB 349ms
348ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ea29b04c57eb9b3a1eeebab1b8406ec885fc05215a1a00c92f8813c075bffd7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-requested-uri: /ru-ru/registration
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome
x-app-language: ru_RU
x-app-theme: DARK

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:22 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

GET
H2 200 d39bd125.d.m.CxjN9V0O.js Show response
leoncasino.gcdn.co/js/ 29 KB
10 KB 44ms
44ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/d39bd125.d.m.CxjN9V0O.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/vite-plugin-import-retry.dca3f5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 4f881f37b50120790cdd67f07acbf71a2c1bfef2408a96d9515f08f911ad21c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67fd108a-759e"
age: 37895
traceparent: 00-ffb08a8d685af709c7f8737da992ef4f-7bbab2d56da12664-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-16T12:14:46+00:00
server: nginx

GET
H2 200 fd2fd3f8.TadvuQR6.css
leoncasino.gcdn.co/assets/ 3 KB
723 B 48ms
48ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/fd2fd3f8.TadvuQR6.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 9655e30d07b8a936979f4a5e82b8926f744fa3082131939cf7210dbd6df5f83c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67f3decf-246"
age: 650503
traceparent: 00-e0acbdf6b972bcb3602e58834b2908c9-a096561f9a3f4c18-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: text/css
last-modified: Mon, 07 Apr 2025 14:18:55 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 582
x-cached-since: 2025-04-09T10:04:38+00:00
server: nginx

GET
H2 200 054854ad.CXv9fpFC.css
leoncasino.gcdn.co/assets/ 21 KB
5 KB 49ms
48ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/054854ad.CXv9fpFC.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 6e212a584c9009c651fc4686e2a5fa73f54eda9b862f1b51a09eb843d32ec25c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f3dece-54eb"
age: 650503
traceparent: 00-3c5643a09d4aa2d9b1e50056514b8d99-339fa8deb10b6ad0-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: text/css
last-modified: Mon, 07 Apr 2025 14:18:54 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-09T10:04:38+00:00
server: nginx

GET
H2 200 054854ad.d.m.DVnh280S.js Show response
leoncasino.gcdn.co/js/ 48 KB
15 KB 45ms
44ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/054854ad.d.m.DVnh280S.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/vite-plugin-import-retry.dca3f5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 83ba473ac573a61b79a7bfe541ccf59cfaaa5c1fb53aa31f6be42cab939a7329

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67fd108a-c1fc"
age: 38278
traceparent: 00-7745b20596e38b7c37d7564e1698c4c9-e6be56cd654a10e0-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-16T12:08:23+00:00
server: nginx

GET
H2 200 fd2fd3f8.d.m.DvN0XWlZ.js Show response
leoncasino.gcdn.co/js/ 6 KB
2 KB 45ms
44ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/fd2fd3f8.d.m.DvN0XWlZ.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 699ad62b8d6dad5fa04f1f3cb3bc36d95d05d629f9056261e45e0623432c9258

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/054854ad.d.m.DVnh280S.js

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-71b"
age: 135077
traceparent: 00-9efe7a5ce158b29918d636b483f15403-864d7ef97b981f2b-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1819
x-cached-since: 2025-04-15T09:15:05+00:00
server: nginx

GET
H/1.1 200
OK js Show response
pixel-us.r2drtb.com/pixel/ 424 B
742 B 502ms
117ms Script
text/javascript 88.214.195.17
NATCOWEB

General

Check archive.org

Download Go to

Full URL: https://pixel-us.r2drtb.com/pixel/js?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.214.195.17 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: fa2f835664d8f7c101ea672cea3f862c0baa8159d93e11e2a0aa42a9eb5f0424

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 424
Date: Wed, 16 Apr 2025 22:46:22 GMT
Content-Type: text/javascript
Server: nginx

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
32 KB 162ms
54ms Script
application/javascript 37.157.6.245
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.6.245 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 22aea14693655e0fa33cc4aa8606714bcd6cfc66c6bc320ee70661116034ad1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"3a2c8a23cb95abca9c87291fc2553bb5"
x-amz-request-id: tx00000722ea75d6122f6e4-0067a9b96f-329ab5b5-default
access-control-allow-origin: *
date: Wed, 16 Apr 2025 22:46:22 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Fri, 07 Feb 2025 08:48:48 GMT

GET
H2 200 gtr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ 5 KB
3 KB 187ms
43ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 Datacamp Li...

General

Check archive.org

Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

4e687af4507ee911e92498208c154c59437d0ee76ae1c07cfebe4f056415e095

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: zstd
etag: "66fac420-13b3"
x-content-type-options: nosniff
expires: Thu, 16 Apr 2026 05:43:18 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
last-modified: Mon, 30 Sep 2024 15:30:40 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 04/16/2025 05:43:18
cache-control: public, max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestid: 096f6f9eaab37544fdfcba51da9338c3
cdn-pullzone: 692289
cdn-proxyver: 1.23
access-control-allow-origin: *
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DK

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=37094577&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1

0
1 KB

43ms
42ms

Script
application/javascript

185.89.211.116
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.236.203.100; 185.236.203.100; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 545b7991-20fe-4a9f-a489-a55cf5c49e67
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Apr 2025 22:46:22 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D37094577%26t%3D1
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.236.203.100; 185.236.203.100; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 1be370f7-d9d5-4015-910d-4a204bd1828a
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Apr 2025 22:46:22 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 25 KB
9 KB 115ms
29ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 72eec63e5e08a7445b2edf1b063f2ed8024475656f6136d6e70e24e595ff3141

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

Content-Encoding: gzip
ETag: W/"675772a2-6412"
Age: 49031
Expires: Thu, 27 Mar 2025 09:08:31 GMT
X-Cache: HIT, HIT
Date: Wed, 16 Apr 2025 22:46:22 GMT
Content-Type: application/javascript
Last-Modified: Mon, 09 Dec 2024 22:43:46 GMT
X-Served-By: cache-lga21930-LGA, cache-cph2320058-CPH
X-Cache-Hits: 213483, 3894
Vary: Accept-Encoding
Cache-Control: max-age=86402
X-Timer: S1744843582.144862,VS0,VE0
Connection: keep-alive
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 8780
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 admtracker.lib.min.js Show response
pj.l.liftdsp.com/ 7 KB
3 KB 181ms
43ms Script
application/javascript 2600:9000:2156:3200:16:3a8f:8380:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://pj.l.liftdsp.com/admtracker.lib.min.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3200:16:3a8f:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e231ad4957b413aaef88dd602f78a6b38d22750f39eb98a61fc345645512bab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

vary: accept-encoding
cache-control: public,max-age=900
content-encoding: gzip
etag: W/"589ae1c612af869f5dc381ed3ef52717"
age: 829
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: PQdtek-zgpQ4hOlB9JcqhJO-xoe0trJpKPyNpgxHMlMjaCTqHS47nw==
date: Wed, 16 Apr 2025 22:34:07 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 11:47:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256

GET
H2 200 sprite.BgEMdM9D.svg
3917.info/assets/ 872 KB
293 KB 240ms
240ms Other
image/svg+xml 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL: https://3917.info/assets/sprite.BgEMdM9D.svg
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/06b1eb38.d.m.Dy-mXRO9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 477493b29fa0c790b7441e883afe495a98cf79ca041f0b45948913c13605e59c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache-control: max-age=315360000, public
content-encoding: gzip
etag: W/"67fd108a-d9f5d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 71c69379.Df-RY1xq.css
leoncasino.gcdn.co/assets/ 219 B
225 B 45ms
44ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/71c69379.Df-RY1xq.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 152add0de253a858678d73d9988ee6214da2dc169ad58e26e2f95e472b50fed6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-69"
age: 38279
traceparent: 00-c88454fe801cc0f5276506bbfc90a4b9-eb13b706a32a7087-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: text/css
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 105
x-cached-since: 2025-04-16T12:08:23+00:00
server: nginx

GET
H2 200 logo.CTzo9Wgk.svg
leoncasino.gcdn.co/assets/ 989 B
731 B 49ms
49ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://leoncasino.gcdn.co/assets/logo.CTzo9Wgk.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 6516e9411efd44270ddd1ed1af1523a9c63a61a1bf29b697e1aac53302963b36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67d03035-215"
age: 3063914
traceparent: 00-5a6ba8d4c0b636ea5252c9fdfe5194ce-49c6b1a0d16f7cae-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Mar 2025 12:44:37 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 533
x-cached-since: 2025-03-12T11:41:08+00:00
server: nginx

GET
H2 200 17ff6b76.d.m.T4lf4Sc-.js Show response
leoncasino.gcdn.co/js/ 2 KB
1 KB 49ms
48ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/17ff6b76.d.m.T4lf4Sc-.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/vite-plugin-import-retry.dca3f5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: b51df9b028d1354d056ff4ea38e5c12a23d6708075234c0ffc79d38307fd016a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-3d5"
age: 135426
traceparent: 00-16ca00df59cd69294dbb38f61c50bd5c-a694846cfdc2bcb3-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 981
x-cached-since: 2025-04-15T09:09:16+00:00
server: nginx

GET
H2 200 vip-ic.svg
cdnimages3.gcdn.co/HRJLWPLB/files/top-nav/ 4 KB
4 KB 69ms
46ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/files/top-nav/vip-ic.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 155705ad90a321b396a52fbab695bc92f9a2046aac18371fb9a172657e97c2a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "66a77f23-106a"
age: 21631025
traceparent: 00-754277b5f686773ca475ccac7398799b-593847ba3f9f83b6-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 4202
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Jul 2024 11:38:11 GMT
server: nginx
x-cached-since: 2024-08-09T14:09:17+00:00

POST
H2 200 / Show response
o237537.ingest.us.sentry.io/api/4508036400611328/envelope/ 2 B
56 B 73ms
71ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://o237537.ingest.us.sentry.io/api/4508036400611328/envelope/?sentry_key=49b7cc7b9bcb8faa9bcc1eb74ae4099c&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.120.0

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://3917.info/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

POST
H2 200 / Show response
o237537.ingest.us.sentry.io/api/4508036400611328/envelope/ 2 B
56 B 75ms
74ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://o237537.ingest.us.sentry.io/api/4508036400611328/envelope/?sentry_key=49b7cc7b9bcb8faa9bcc1eb74ae4099c&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.120.0

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://3917.info/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 340 KB
116 KB 84ms
83ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC&l=dataLayer&cx=c&gtm=45He54f1v890860847za200&tag_exp=102015666~102509682~102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac515cb52140f9a8ac5efdb0fee4f777e586ccac36bb3ef91ebe63d4be71909c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1055:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1055:0"}],}
expires: Wed, 16 Apr 2025 22:46:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1055:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1055:0
content-length: 118664
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 cd5c2051.Dy3pde-0.css
leoncasino.gcdn.co/assets/ 473 B
311 B 46ms
45ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/cd5c2051.Dy3pde-0.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 1407537c6ec7e37f33b45b259b172c870c09cf19a3a529c73ccd6d37fbbe24e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67f3dece-a9"
age: 652327
traceparent: 00-e5f1644741479ea37b73aaf0956212a0-8d7989c75dacad6b-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: text/css
last-modified: Mon, 07 Apr 2025 14:18:54 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 169
x-cached-since: 2025-04-09T09:34:15+00:00
server: nginx

GET
H2 200 720cf670.Y1TKrCH1.css
leoncasino.gcdn.co/assets/ 3 KB
1 KB 47ms
47ms Stylesheet
text/css 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/assets/720cf670.Y1TKrCH1.css
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/rollup.d.m.Bn-yM7-P.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 8c47d562b25f92f787c36c8a0e589ff2bb81cbd24bccb269415955375e8024df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f3dece-d3e"
age: 652327
traceparent: 00-6c8904df43c5a1270b72fe403b389a4d-ddf93c7293a2b5b6-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: text/css
last-modified: Mon, 07 Apr 2025 14:18:54 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-09T09:34:15+00:00
server: nginx

GET
H2 200 720cf670.d.m.Bca9M9da.js Show response
leoncasino.gcdn.co/js/ 22 KB
7 KB 46ms
46ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/720cf670.d.m.Bca9M9da.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/vite-plugin-import-retry.dca3f5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 10668c14df35c733f8269fe678393f8de093352470afcacb67059c26a651939d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-1be8"
age: 26845
traceparent: 00-ac2005eea9326d969176b23fc3246a40-f55f95dab9085f02-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7144
x-cached-since: 2025-04-16T15:18:57+00:00
server: nginx

GET
H2 200 favicon.ico
3917.info/ 1 KB
0 0ms
0ms Other
image/x-icon 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL: https://3917.info/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e8ceb48efc3ae43c8756f9d57267ddbf0676c1951cacb0928b7d4e538e40688d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON

Response headers

content-encoding: gzip
date: Wed, 16 Apr 2025 22:46:20 GMT
etag: W/"67fd1071-47e"
content-type: image/x-icon
last-modified: Mon, 14 Apr 2025 13:41:05 GMT
server: nginx/1.18.0 (Ubuntu)

POST
H2 200 api-1 Show response
3917.info/ 8 KB
3 KB 162ms
160ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

23eceedfe982abfba21106b59483f2824b7660dd2038cd05c6030311841b9585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-requested-uri: /ru-ru/registration
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome
x-app-language: ru_RU
x-app-theme: DARK

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:22 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

GET
H2 200 favicon.ico
3917.info/ 1 KB
0 0ms
0ms Other
image/x-icon 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL: https://3917.info/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e8ceb48efc3ae43c8756f9d57267ddbf0676c1951cacb0928b7d4e538e40688d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON

Response headers

content-encoding: gzip
date: Wed, 16 Apr 2025 22:46:20 GMT
etag: W/"67fd1071-47e"
content-type: image/x-icon
last-modified: Mon, 14 Apr 2025 13:41:05 GMT
server: nginx/1.18.0 (Ubuntu)

POST
H2 200 api-1 Show response
3917.info/ 34 KB
6 KB 210ms
209ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

203f5bac0643f4cce81da3c8a7aac6dd38f9ec0f87cef8d5bcdcbf00763387d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-requested-uri: /ru-ru/registration
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome
x-app-language: ru_RU
x-app-theme: DARK

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:22 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

GET
H2 200 71c69379.d.m.omjmqbeA.js Show response
leoncasino.gcdn.co/js/ 4 KB
2 KB 46ms
46ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/71c69379.d.m.omjmqbeA.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/vite-plugin-import-retry.dca3f5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: df99bba85c6080060ceef610844a35ba1aff2424dd1dd3509c603de67e1e1cd5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer

Response headers

cache: HIT
content-encoding: br
etag: "67fd108a-692"
age: 135426
traceparent: 00-35d8017595132e94fa052b7fccfc2608-31037b6b826f4109-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1682
x-cached-since: 2025-04-15T09:09:16+00:00
server: nginx

GET
H2 200 up Show response
ib.adnxs.com/pixie/ 9 B
311 B 134ms
39ms Fetch
application/xml 37.252.171.52
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL: https://ib.adnxs.com/pixie/up?pi=66898741-acbc-4c6d-8ae8-3d320a7a8cf7
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

access-control-max-age: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
x-proxy-origin: 185.236.203.100; 185.236.203.100; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com
access-control-allow-origin: https://3917.info
content-length: 9
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: application/xml
server: nginx/1.23.4
access-control-allow-headers: Content-Type

GET
H2 200 mascot.C4J6IXOg.svg
leoncasino.gcdn.co/assets/ 11 KB
4 KB 47ms
47ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://leoncasino.gcdn.co/assets/mascot.C4J6IXOg.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 86ac12bafdcfdceeca1301bec6db2de3b5d02cf3982a6f11da62e2c383f61662

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67ee4b2e-1035"
age: 819009
traceparent: 00-41a2ddf9a1637abf7dd818994deb9e39-ce7acc1536efb796-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Apr 2025 08:47:42 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4149
x-cached-since: 2025-04-07T11:16:13+00:00
server: nginx

GET
H2 200 favicon-32.png
3917.info/favicon/ 551 B
0 0ms
0ms Other
image/png 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL: https://3917.info/favicon/favicon-32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d892d3e4052fa9f44e2dae665dfa59dd6de5af6a5f143fca6c34b5a468886f88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON

Response headers

cache-control: max-age=315360000, public
content-encoding: gzip
etag: W/"67fd108a-227"
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:21 GMT
content-type: image/png
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cd5c2051.d.m.DMkCuuhU.js Show response
leoncasino.gcdn.co/js/ 4 KB
2 KB 47ms
46ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/cd5c2051.d.m.DMkCuuhU.js
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 20e01011eaf7681129c2d12bb24544d4a010a78d0bb572effeff110fb9be1238

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://leoncasino.gcdn.co/js/720cf670.d.m.Bca9M9da.js

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67fd108a-10a2"
age: 30418
traceparent: 00-f5284ddf1b17a9f4a17dfb571b45bcff-41e3594c7f3662de-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: application/javascript
last-modified: Mon, 14 Apr 2025 13:41:30 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-16T14:19:24+00:00
server: nginx

GET
H2 200 winners.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 6 KB
6 KB 70ms
50ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/winners.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 25d002e623903b320eb203f271ef153ee2df8a51e2aed4878c7598d9f6a6ca6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "168c-61bf36e9740bf"
age: 1931820
traceparent: 00-f4a1003600e835f52fe7a0ffd10b4ea0-debfb0d40cb9375c-01
expires: Sun, 28 Jul 2024 14:01:19 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:43:26 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5772
x-cached-since: 2025-03-25T14:09:22+00:00
server: nginx

GET
H2 200 other.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 1 KB
1 KB 63ms
43ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/other.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 3c584108e1d8685d12332171f34879003c01a21d55ae5bf753b8e034bc020e2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "4c4-61bf367262f3c"
age: 1933004
traceparent: 00-c6c7d269f48a248b2203658a988f7b45-858a9c405c5d0e9c-01
expires: Sun, 28 Jul 2024 13:41:54 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:41:21 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1220
x-cached-since: 2025-03-25T13:49:38+00:00
server: nginx

GET
H2 200 video_poker.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 66ms
46ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/video_poker.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 13b710020acb4a4914b3773ceee2b981f8c96e443e66616feb8c449825aa0992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "859-61bf374e1215d"
age: 1931820
traceparent: 00-0e4e5c9048cbb5aed138ad92854d68d0-db84dcc59cc55f31-01
expires: Sun, 28 Jul 2024 14:01:18 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:45:12 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2137
x-cached-since: 2025-03-25T14:09:22+00:00
server: nginx

GET
H2 200 scratchcards.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 64ms
45ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/scratchcards.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 9bb2c583bfe0cfe4ce25dcad5944668b5da72f52f04163654804a03238897b42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "901-61bf36af57c9c"
age: 1931794
traceparent: 00-9f370c0ba6a5e6d2a8b2d97de65dae1e-d01dd388053b64f2-01
expires: Sun, 28 Jul 2024 14:01:19 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:42:25 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2305
x-cached-since: 2025-03-25T14:09:48+00:00
server: nginx

GET
H2 200 slots-4.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 64ms
44ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/slots-4.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 1ae73f949ce1ca94b58f32ac5fab711d948e93073d8432e06228d5dc3a69321a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "728-61bf3682e8cd6"
age: 1931820
traceparent: 00-2b9c622beafca82c1c76437d825c47a8-cef5af78ded1eba0-01
expires: Sun, 28 Jul 2024 14:01:19 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:41:39 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1832
x-cached-since: 2025-03-25T14:09:22+00:00
server: nginx

GET
H2 200 jackpots.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 66ms
46ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/jackpots.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: fd1792c86362ee56c8ca9479b4bf023862faec59991939d1a4e8d568877df028

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "682-61bf367d55ec8"
age: 1933032
traceparent: 00-862720bcb06d728fc12a6fd374633a1d-7ce58f0670cb7682-01
expires: Sun, 28 Jul 2024 13:41:54 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:41:33 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1666
x-cached-since: 2025-03-25T13:49:10+00:00
server: nginx

GET
H2 200 table.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 46ms
45ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/table.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 533cc1795d0f8c05ba575368c4a1d156021e74d1e72c1e48f6a54c1f9c8c7b06

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "803-61bf3666cddb9"
age: 1933032
traceparent: 00-f6141a89568480b19b6784489f789e20-8b8f342e316f129c-01
expires: Sun, 28 Jul 2024 13:41:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:41:09 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2051
x-cached-since: 2025-03-25T13:49:10+00:00
server: nginx

GET
H2 200 instant_win-1.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 413 B
551 B 50ms
49ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/instant_win-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 9e8fadb0932ffc1f1a4937d9ab37505a34a35b6d0c05fdcb7f00f8290934c9d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "19d-61bf36cf7dfa0"
age: 1931794
traceparent: 00-5260a1b06c7e2bde2a88d11c16867308-8e79ac5aa72e9b65-01
expires: Sun, 28 Jul 2024 14:01:18 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:42:59 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 413
x-cached-since: 2025-03-25T14:09:48+00:00
server: nginx

GET
H2 200 books-5.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 48ms
47ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/books-5.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 049e51bec3a57f5d4f4ff4d0a592ce5a25e418fa08841f345cc7b7ba2e6b1581

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "70c-61bf36bec16f3"
age: 1931820
traceparent: 00-b3b783dbe4117a5770dd8f1048165434-c3e067b94b962793-01
expires: Sun, 28 Jul 2024 14:01:18 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:42:41 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1804
x-cached-since: 2025-03-25T14:09:22+00:00
server: nginx

GET
H2 200 leon-jackpot-1.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 7 KB
7 KB 48ms
48ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/leon-jackpot-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: fe94ea56b20d7c1b1f1822d1f8c4033e576bc98c886881a51a52e6b5601b2cc1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "1c56-6178cf7491cfe"
age: 726414
traceparent: 00-8d6c95b270c58edf41b835f4446730dc-e3fd350d0633bb99-01
expires: Wed, 12 Jun 2024 12:48:59 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 03 May 2024 13:47:51 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7254
x-cached-since: 2025-04-08T12:59:28+00:00
server: nginx

GET
H2 200 drops_wins.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 12 KB
12 KB 50ms
50ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/drops_wins.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 62b722eca58786138391eee4ef1d2d49b184341f1a4ba35c5513b40af52b5c18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "305e-61bf36c739963"
age: 1931794
traceparent: 00-6b88efd066a54188659ffe19b1a1c751-017991d0f4021ddf-01
expires: Sun, 28 Jul 2024 14:01:18 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:42:50 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12382
x-cached-since: 2025-03-25T14:09:48+00:00
server: nginx

GET
H2 200 megaways-8.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 1021 B
1 KB 48ms
48ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/megaways-8.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 9f37e4d79b64613286fbf83e86ba1a2e41279be0c2ccbd076ca5b50f9386a8b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "3fd-61bf36b728ef1"
age: 1931794
traceparent: 00-723f898ac1cecb3eda2091db6e27e9c1-2d4612960f61316a-01
expires: Sun, 28 Jul 2024 14:01:18 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:42:33 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1021
x-cached-since: 2025-03-25T14:09:48+00:00
server: nginx

GET
H2 200 bonus_buy.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 1 KB
2 KB 49ms
46ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/bonus_buy.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 22eb05f821c7cc95e715dc17de449edd34c22e15cd62eeb916824dc6b87b31aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "5d8-61bf3656318b7"
age: 1933004
traceparent: 00-cf1e8c7215e769e1e14fbe03212cb32a-8f7d3a4f8c739d2d-01
expires: Sun, 28 Jul 2024 13:41:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:40:52 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1496
x-cached-since: 2025-03-25T13:49:38+00:00
server: nginx

GET
H2 200 holdandwin.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 1 KB
1 KB 48ms
45ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/holdandwin.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d1d27a4fa7dfa49d65591ad727ea33e2739418dd6975b6cbbe0844e03101d179

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "4a9-627be9be373f6"
age: 1345656
traceparent: 00-3f5ba48d03e97a4f8ae61a4dff449218-dd631d4a48a91ad6-01
expires: Wed, 01 Jan 2025 08:54:39 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Nov 2024 15:44:32 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1193
x-cached-since: 2025-04-01T08:58:46+00:00
server: nginx

GET
H2 200 casino_easter.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 3 KB
3 KB 46ms
44ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/casino_easter.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 1ddede917c6530f1ac5a6829d55464b198132ae71fe2f02e715bd89c55afc538

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "a98-6312836232d12"
age: 826060
traceparent: 00-56f6fd90766fe7332937500009cd4592-8d1fabbe281a45e7-01
expires: Wed, 07 May 2025 09:18:42 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Tue, 25 Mar 2025 10:30:36 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2712
x-cached-since: 2025-04-07T09:18:42+00:00
server: nginx

GET
H2 200 sevens-1.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 3 KB
4 KB 48ms
47ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/sevens-1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 046036e7f874f492979b65f952a66e194b8f1739f24a64d40b2052f944114bc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "db4-61cf7f01e8600"
age: 813611
traceparent: 00-bd7e27e08174262d92d096ad6e2f2f86-72ffbd6d9dc78c23-01
expires: Sat, 10 Aug 2024 12:31:41 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Jul 2024 12:31:11 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3508
x-cached-since: 2025-04-07T12:46:11+00:00
server: nginx

GET
H2 200 exclusive.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 5 KB
6 KB 47ms
46ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/exclusive.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7fed836409217f5ac8eddc5f8193b5c0c5e4e02bc3af1d18b4bc00287b8cfa33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "15f2-61556e915c6e7"
age: 1424298
traceparent: 00-7b62cef6e88dc790c2f7625359462071-bdd6993bff3c94ca-01
expires: Sun, 05 May 2024 10:46:36 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 05 Apr 2024 10:28:02 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5618
x-cached-since: 2025-03-31T11:08:04+00:00
server: nginx

GET
H2 200 new_slots.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 2 KB
2 KB 47ms
46ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/new_slots.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 98596f703ec5e76243f01c178e27e944f494fbda0e8e4dacd6291739b078ac8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "6a3-61bf364b9c54c"
age: 1933091
traceparent: 00-e5ad0d8e413cf3d2c974a2cb41f8e8fe-217c0a4f69015200-01
expires: Sun, 28 Jul 2024 13:41:54 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:40:41 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1699
x-cached-since: 2025-03-25T13:48:11+00:00
server: nginx

GET
H2 200 top-5.svg
cdnimages2.gcdn.co/SC/Leonbets/egs/ 697 B
837 B 45ms
45ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs/top-5.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7e3f1836401d8d45ae3f406467c7bc7b78193dc00028d63d7659a7809bc4c083

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "2b9-61bf36429d66e"
age: 1933091
traceparent: 00-d62eca246f5d802b278a839e68fc38f6-8028fcbcf0e32178-01
expires: Sun, 28 Jul 2024 13:41:54 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2024 13:40:31 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 697
x-cached-since: 2025-03-25T13:48:11+00:00
server: nginx

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 1000 B
1 KB 154ms
29ms Script
text/javascript 37.157.6.254
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=3024289&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=868821962055&ADFtpmode=2&loc=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&Set1=da-DK%7Cda-DK%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e0b4ab42b9568fe002edf100d43ec29d0565875a99f32b5b3c2b8faec7b099f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET,POST
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
server: nginx

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=959467696570&ADFtpmode=2&loc=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_s...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=959467696570&ADFtpmode=2&loc=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1...

843 B
1 KB

31ms
31ms

Script
text/javascript

37.157.2.14
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=959467696570&ADFtpmode=2&loc=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&Set1=da-DK%7Cda-DK%7C1600x1200%7C24

Protocol

Server

37.157.2.14 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

0cb38a56362f0b982f99152ccce762a65d0b435b1337984a21dd5b96925770d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET,POST
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
server: nginx

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=959467696570&ADFtpmode=2&loc=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&Set1=da-DK%7Cda-DK%7C1600x1200%7C24
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
expires: -1
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 16 Apr 2025 22:46:22 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK cssession Show response
dsp-trk.eskimi.com/tracking/ 2 B
448 B 156ms
48ms XHR
text/plain 188.42.63.49
SERVERS-COM

General

Check archive.org

Download Go to

Full URL: https://dsp-trk.eskimi.com/tracking/cssession?tst&id=28935&url=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&t=1744843582281
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.42.63.49 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

Transfer-Encoding: chunked
Access-Control-Allow-Origin: https://3917.info
Date: Wed, 16 Apr 2025 22:46:22 GMT
Content-Type: text/plain; charset=UTF-8
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK gtr Show response
dsp-ap.eskimi.com/v2/ 116 B
1002 B 157ms
50ms XHR
application/json 188.42.63.48
SERVERS-COM

General

Check archive.org

Download Go to

Full URL: https://dsp-ap.eskimi.com/v2/gtr?id=28935&url=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&t=1744843582282
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.42.63.48 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: a8f8226141de6e006f58a114f5bfb77e6b2fa714f87378a11f6ab1451bcc1553

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://3917.info
Date: Wed, 16 Apr 2025 22:46:22 GMT
Content-Type: application/json
Server: nginx

GET
H2 200 ac786b28-283a-4d76-a40b-23e03f94ae14.json Show response
ps.l.liftdsp.com/ 50 B
519 B 155ms
43ms XHR
application/json 2600:9000:223f:2000:5:e0f4:e840:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ps.l.liftdsp.com/ac786b28-283a-4d76-a40b-23e03f94ae14.json
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2000:5:e0f4:e840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88c38dd5fd1531be2d044c85bfd00517c41ce29b03c514d620d80a80241a1f11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

access-control-max-age: 3000
etag: "e96cd5af6f065e5048b3ddd2913dac50"
age: 821
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: ZhFnxS52h58nMvtrnhlOfFHB3I13-qHvGlZwInntF2RVv-_QphM7eA==
date: Wed, 16 Apr 2025 22:32:42 GMT
content-type: application/json
vary: accept-encoding
last-modified: Wed, 07 Aug 2024 15:08:37 GMT
cache-control: public,max-age=900
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50
x-amz-cf-pop: FRA56-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK js Show response
pixel-us.r2drtb.com/pixel/ 406 B
724 B 349ms
116ms Script
text/javascript 88.214.195.17
NATCOWEB

General

Check archive.org

Download Go to

Full URL: https://pixel-us.r2drtb.com/pixel/js?auth=d796s9&event=regstarted&uid=&tid=undefined&amount=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.214.195.17 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b06beeb6f55945a908143b45f8a0f4fa0197579c7062f1ba6117b1790ce174c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 406
Date: Wed, 16 Apr 2025 22:46:22 GMT
Content-Type: text/javascript
Server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 148ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je54f1v871047016z8890860847za200zb890860847&_p=1744843581628&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102509683~102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316~103130495~103130497&cid=510867162.1744843582&ul=da-dk&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&sid=1744843582&sct=1&seg=0&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9BE%D0%9E%D0%9D&uid=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_country=DK&ep.platform_type=web&ep.device_type=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F135.0.0.0%20Safari%2F537.36&ep.web_version=6.110.1&ep.theme=DARK&ep.full_url=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&ep.previous_page_url=https%3A%2F%2F3917.info%2F&ep.main_domain=3917.info&ep.lead_section=home&ep.event_category=registration&epn.event_timestamp=1744843582109&ep.event_action=Page%20visit&ep.website_product=li&ep.website_skin=leoncasino&ep.website_locale=ru_RU&up.customer_login=&up.customer_status=logged_out&upn.customer_type=0&up.customer_bet_type=UNDEFINED&up.vs_lw=false&tfd=4038
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to: {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://3917.info
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:97:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: text/plain
server: Golfe2

GET
H2

204

https://region1.google-analytics.com/g/collect?v=2&tid=G-JZZNGY93CC&gtm=45je54f1v871047016z8890860847za200zb890860847&_p=1744843581628&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102509683...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=510867162.1744843582&dbk=16229296179783838761&dma=1&dma_cps=syphamo&en=customerRegistrationStart&gtm=45je54f1v87104...

0
0

50ms
49ms

Fetch
text/plain

2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=510867162.1744843582&dbk=16229296179783838761&dma=1&dma_cps=syphamo&en=customerRegistrationStart&gtm=45je54f1v871047016z8890860847za200zb890860847&npa=1&tid=G-JZZNGY93CC&dl=https%3A%2F%2F3917.info%3F
Protocol: H2
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsgnc:90:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgnc:90:0
content-length: 0
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=510867162.1744843582&dbk=16229296179783838761&dma=1&dma_cps=syphamo&en=customerRegistrationStart&gtm=45je54f1v871047016z8890860847za200zb890860847&npa=1&tid=G-JZZNGY93CC&dl=https%3A%2F%2F3917.info%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:97:0
content-length: 514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
fonts.gstatic.com/s/roboto/v47/ 22 KB
22 KB 64ms
64ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 138788
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 08:13:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 08:13:14 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22796
x-xss-protection: 0
server: sffe

GET
H2 200 mascot.C4J6IXOg.svg
leoncasino.gcdn.co/assets/ 11 KB
0 0ms
0ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://leoncasino.gcdn.co/assets/mascot.C4J6IXOg.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 86ac12bafdcfdceeca1301bec6db2de3b5d02cf3982a6f11da62e2c383f61662

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67ee4b2e-1035"
age: 819009
traceparent: 00-41a2ddf9a1637abf7dd818994deb9e39-ce7acc1536efb796-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Apr 2025 08:47:42 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4149
x-cached-since: 2025-04-07T11:16:13+00:00
server: nginx

GET
H2

200

pixel Show response
pool.admedo.com/ul_cb/
Redirect Chain

https://pool.admedo.com/pixel?id=154038&t=js
https://pool.admedo.com/ul_cb/pixel?id=154038&t=js

0
217 B

69ms
68ms

Script
text/javascript

35.206.140.87
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pool.admedo.com/ul_cb/pixel?id=154038&t=js
Protocol: H2
Server: 35.206.140.87 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS: 87.140.206.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: text/javascript; charset=UTF-8

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: https://pool.admedo.com/ul_cb/pixel?id=154038&t=js
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Apr 2025 22:46:23 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ 1 KB
1 KB 33ms
30ms Script
text/javascript 37.157.6.254
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=3024289&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=868821962055&ADFtpmode=2&loc=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&Set1=da-DK%7Cda-DK%7C1600x1200%7C24&frpid=N4444917300866796500

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

91a2ef08e9ac28e95b534e4f66903b68050fff2b253901329f69b3cda1f5860f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET,POST
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
server: nginx

GET
H/1.1 200
OK pixel
pixel-us.r2drtb.com/ 0
285 B 118ms
116ms Image
text/plain 88.214.195.17
NATCOWEB

General

Check archive.org

Download Go to Show image

Full URL: https://pixel-us.r2drtb.com/pixel?auth=4jg3s6&event=visit&uid=undefined&tid=undefined&cur=undefined&amount=undefined&site=3917.info&ln=da-DK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.214.195.17 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 16 Apr 2025 22:46:22 GMT
Server: nginx

GET
H2 200 seg Show response
secure.adnxs.com/ 0
1 KB 45ms
42ms Script
application/javascript 185.89.211.116
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://secure.adnxs.com/seg?add=37094584&t=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.236.203.100; 185.236.203.100; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: dd77013e-a303-4eb8-9f4b-941b31d68e8d
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Apr 2025 22:46:22 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx/1.23.4

GET
H/1.1 200
OK pixel
pixel-us.r2drtb.com/ 0
285 B 119ms
117ms Image
text/plain 88.214.195.17
NATCOWEB

General

Check archive.org

Download Go to Show image

Full URL: https://pixel-us.r2drtb.com/pixel?auth=d796s9&event=regstarted&uid=&tid=undefined&amount=undefined&site=3917.info&ln=da-DK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.214.195.17 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 16 Apr 2025 22:46:22 GMT
Server: nginx

GET
H2 200 pixie
ib.adnxs.com/ 42 B
229 B 42ms
41ms Image
image/gif 37.252.171.52
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=66898741-acbc-4c6d-8ae8-3d320a7a8cf7&it=1744843582164&v=0.0.45&u=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&st=1744843582164&et=1744843582781&if=0&uetmsmid=9e6479cb-aa88-456b-b1f1-fd0235eb8031&asce=0&ascc=0&tcfhl=0&tcfe=0&tcfgdpr=0&tcfc=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 42
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/gif
server: nginx/1.23.4
x-proxy-origin: 185.236.203.100; 185.236.203.100; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com

GET
H2 200 shdfp.js Show response
d1cr9zxt7u0sgu.cloudfront.net/ 168 KB
51 KB 193ms
57ms Script
application/javascript 18.66.121.111
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d1cr9zxt7u0sgu.cloudfront.net/shdfp.js?SITE_ID=5a0ef96fd84066141eb932d11ca5b39bb17a78cb&TYPE=JS&DE=1&AUTO=0
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/8e2531cb.d.m.Cd-ywRhB.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-121-111.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: f808e50433f57a02940e56b9772486c2b226f930ea476ffba11e75aa997dfae7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

content-encoding: gzip
etag: W/"67ff6832-29f09"
age: 24
via: 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: mkxbdv9orIqONiLkxFFOLaggUc0igghTsaQytJQbhb58qQfH7NmvUQ==
date: Wed, 16 Apr 2025 22:46:07 GMT
content-type: application/javascript
last-modified: Wed, 16 Apr 2025 08:20:02 GMT
server: nginx/1.14.2
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding

GET
H2 200 Welcome_1710x696@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 57 KB
57 KB 50ms
49ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/Welcome_1710x696@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 8b8b8c8405d290df3be8ca6ee47cbaa83b71107d48c84b90302f9a9947bceeb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "e284-63243a3ab66cb"
age: 727088
traceparent: 00-414dde330056591d1ddcb1a12333f65f-3c1598eb23489c67-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 57988
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/webp
last-modified: Tue, 08 Apr 2025 12:39:10 GMT
server: nginx
x-cached-since: 2025-04-08T12:48:14+00:00

GET
H2 200 1710x696%281%29-25@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 78 KB
79 KB 64ms
63ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/1710x696%281%29-25@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 79c125054955d4135e4c74bf8eabbb6aea0c0fdd465812bd1cd93de2f56df611

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "13930-6299da4266358"
age: 10236625
traceparent: 00-40f1bad0ce0c941c0164d8eede463477-f7c1a586c032fa8b-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 80176
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/webp
last-modified: Thu, 19 Dec 2024 11:15:00 GMT
server: nginx
x-cached-since: 2024-12-19T11:15:57+00:00

GET
H2 200 1710x696_Carousel+static+banner+middle+%284%29-1@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 135 KB
135 KB 115ms
114ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/1710x696_Carousel+static+banner+middle+%284%29-1@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 2dfbabb87ab7d9cc23483f8666a736ca7aefd4b9708bbc0d7d91d96f98b84a3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "21a36-632cd24ba7140"
age: 121558
traceparent: 00-ef0434878fd7184792b28664c841e13f-349c2b3a997b20e3-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 137782
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 08:42:06 GMT
server: nginx
x-cached-since: 2025-04-15T13:00:24+00:00

GET
H2 200 1710x696_Carousel+static+banner+middle+%281%29-56@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 53 KB
53 KB 134ms
133ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/1710x696_Carousel+static+banner+middle+%281%29-56@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e2655942183a3907d0b01bc3c6092ba200f089bf26a8a9f24801f96d27cfd419

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "d2b0-63240c7d3d67e"
age: 739103
traceparent: 00-255b14b3fcf2fa473680742197c952c9-90ecda923fce1e4b-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 53936
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/webp
last-modified: Tue, 08 Apr 2025 09:14:32 GMT
server: nginx
x-cached-since: 2025-04-08T09:27:59+00:00

GET
H2 200 1710x696_Carousel+static+banner+middle+%282%29-5@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/ 72 KB
72 KB 135ms
134ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/bn/1710x696_Carousel+static+banner+middle+%282%29-5@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 2e568df5e0d848cbbef272c08867ac7342e542545f2bb1ed60a3f2107aaba02f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "11f4c-63252b2f8dbff"
age: 81207
traceparent: 00-028aee2dd939daca508eead5480e7458-6f4e91ade0be41c3-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 73548
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/webp
last-modified: Wed, 09 Apr 2025 06:37:11 GMT
server: nginx
x-cached-since: 2025-04-16T00:12:55+00:00

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ 39 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 139878
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 07:55:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 07:55:03 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H2 200 dk.DhNZVpfS.svg
leoncasino.gcdn.co/assets/ 255 B
322 B 96ms
95ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://leoncasino.gcdn.co/assets/dk.DhNZVpfS.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7b5c100e1b0aa1c62163469418edde10b3afc5d381b8290c0a9325b1d65ca4fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67ee4b2e-94"
age: 896558
traceparent: 00-21af578ed27d3d5f79c20841d6859207-65a5b4a6a2fbcdf3-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Apr 2025 08:47:42 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 148
x-cached-since: 2025-04-06T13:43:44+00:00
server: nginx

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
fonts.gstatic.com/s/roboto/v47/ 22 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 138788
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 08:13:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 08:13:14 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22796
x-xss-protection: 0
server: sffe

GET
H2 200 981x411-10.png
cdnimages2.gcdn.co/SC/Leonbets/registrationBanner/ 2 MB
2 MB 95ms
95ms Image
image/png 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/registrationBanner/981x411-10.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d75f88aec411c8c541ba059f6e74e57463e346916e895a323fa2dbf74172820a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "1ccad7-62b302364463f"
age: 727418
traceparent: 00-cf707c3f1dc295fedad0a2dd325d8035-853a7260119943c4-01
expires: Fri, 07 Feb 2025 11:49:59 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/png
last-modified: Wed, 08 Jan 2025 11:26:52 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1886935
x-cached-since: 2025-04-08T12:42:44+00:00
server: nginx

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame BDC9 4 KB
2 KB 111ms
31ms Document
text/html 37.157.2.14
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/Serving/TrackPoint/?pm=3164319&ADFPageName=Leon_All_Pages&ADFdivider=%7C&ord=959467696570&ADFtpmode=2&loc=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&Set1=da-DK%7Cda-DK%7C1600x1200%7C24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.14 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

7bad3ad85f7cace42ed07236ae1e76691303059ceeb2d09ce83b5a05d7356de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3917.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 16 Apr 2025 22:46:23 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
604 B 123ms
33ms Image
image/gif 37.157.6.237
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=2220017443996948830&stamp=cNlUd-onvlwDvP-67D9Y4w2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: private
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 / Show response
track.adform.net/serving/container/ Frame D161 1 KB
1 KB 94ms
31ms Document
text/html 37.157.6.243
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://track.adform.net/serving/container/?pm=3024289&lid=139925013&ctype=0&media=0&PageName=Leon_All_Pages&rnd=1575705238&cpref=&loc=https%3a%2f%2f3917.info%2fregistration%3fqtag%3da31492_t36018_c1246_sNALEON%26retentionId%3df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3drussia%26utm_campaign%3dKingQONK%26utm_medium%3dNALEON

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

653a14f36effc8bf0aab3cba3f831dfe669db04ebcff1448697e95b920c0e6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3917.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 16 Apr 2025 22:46:23 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
605 B 121ms
32ms Image
image/gif 37.157.6.237
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=3764960264081281523&stamp=8qsRP0W_WsEDvP-67D9Y4w2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: private
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 seg Show response
secure.adnxs.com/ 0
1 KB 44ms
44ms Script
application/javascript 185.89.211.116
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://secure.adnxs.com/seg?add=37094581&t=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.236.203.100; 185.236.203.100; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 9eb59f8a-e5aa-41ca-88d2-8d0f26ab00d8
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Apr 2025 22:46:22 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx/1.23.4

GET
H2 200 sunSw.DL-onBB5.svg
leoncasino.gcdn.co/assets/ 364 B
410 B 74ms
74ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://leoncasino.gcdn.co/assets/sunSw.DL-onBB5.svg
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/assets/7fbe0154.DT236yJP.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 0565ef51f5934a1fc6f8a6e25f958de335b791559e5e0c100b2649acbe64f92b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://leoncasino.gcdn.co/assets/7fbe0154.DT236yJP.css

Response headers

cache: HIT
content-encoding: br
etag: "67d03035-f0"
age: 3062334
traceparent: 00-aa62e3d5c93b2cac4dc0887d569a7fb7-205ac49f3a116d03-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Mar 2025 12:44:37 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 240
x-cached-since: 2025-03-12T12:07:28+00:00
server: nginx

GET
H2 200 moonSw.DTmx5t_S.svg
leoncasino.gcdn.co/assets/ 326 B
343 B 75ms
74ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://leoncasino.gcdn.co/assets/moonSw.DTmx5t_S.svg
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/assets/7fbe0154.DT236yJP.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 1248692f89afc35d90d402e22d5db4ddccd51391372bb1db5ecc317385255fe9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://leoncasino.gcdn.co/assets/7fbe0154.DT236yJP.css

Response headers

cache: HIT
content-encoding: br
etag: "67d03035-d1"
age: 3062334
traceparent: 00-612f8fb1ef6e3a93095ecd7e403cf300-f7abe662b67ed093-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Mar 2025 12:44:37 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 209
x-cached-since: 2025-03-12T12:07:28+00:00
server: nginx

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
fonts.gstatic.com/s/roboto/v47/ 22 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 138788
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 08:13:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 08:13:14 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22796
x-xss-protection: 0
server: sffe

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ 39 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 139878
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 07:55:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 07:55:03 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2
fonts.gstatic.com/s/roboto/v47/ 26 KB
26 KB 67ms
64ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

884933fb5789b478d2da68a4cb0bd5cc138d995f1fea9a957ba29cb3c00f1bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 138789
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 08:13:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 08:13:14 GMT
last-modified: Wed, 08 Jan 2025 18:23:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26428
x-xss-protection: 0
server: sffe

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2
fonts.gstatic.com/s/roboto/v47/ 26 KB
0 67ms
67ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

884933fb5789b478d2da68a4cb0bd5cc138d995f1fea9a957ba29cb3c00f1bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 138789
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 08:13:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 08:13:14 GMT
last-modified: Wed, 08 Jan 2025 18:23:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26428
x-xss-protection: 0
server: sffe

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2
fonts.gstatic.com/s/roboto/v47/ 26 KB
0 67ms
67ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

884933fb5789b478d2da68a4cb0bd5cc138d995f1fea9a957ba29cb3c00f1bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 138789
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 08:13:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 08:13:14 GMT
last-modified: Wed, 08 Jan 2025 18:23:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26428
x-xss-protection: 0
server: sffe

GET
H2 200 100_super_hot@3x-min.jpg
cdnimages2.gcdn.co/SC/Leonbets/egs_image/ 65 KB
65 KB 65ms
50ms Image
image/jpeg 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages2.gcdn.co/SC/Leonbets/egs_image/100_super_hot@3x-min.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e469f6ef51a3dd21e20c0c393a73912c0a6656bb1cfb6afbf94f4149b87bbc16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
etag: "102cb-5a35beccce4df"
age: 1310956
traceparent: 00-d04ec4c05e06bd11f0ecb09a988eaaa6-6c5d36a264162de8-01
expires: Fri, 31 Jan 2025 16:56:29 GMT
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/jpeg
last-modified: Wed, 15 Apr 2020 22:34:53 GMT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=2592000, public
x-id: fr5-hw-edge-gc16
pragma: public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 66251
x-cached-since: 2025-04-01T18:37:07+00:00
server: nginx

GET
H2 200 ZeusvsHadesGodsofWar@513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 70 KB
70 KB 65ms
51ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ZeusvsHadesGodsofWar@513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7f177164b2855b506f4fe529f086c020223dcba933047b156a8903287231fb1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "646b81b2-1186c"
age: 58093421
traceparent: 00-e1d008cae648170de2427737cdb4bb63-4d5389f5f66b14af-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 71788
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Mon, 22 May 2023 14:52:34 GMT
server: nginx
x-cached-since: 2023-06-14T13:42:42+00:00

GET
H2 200 BigCatchBonanzaPerfectHoul%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 48 KB
48 KB 66ms
52ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/BigCatchBonanzaPerfectHoul%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 29584a24e989014c65a825ba13e5f00699985f9db1a19929cf68de13a590dca6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "666c1724-c090"
age: 26482501
traceparent: 00-ad8fc5d8b6b2cf677d9877d066c9b0fd-dc912141bc7483ba-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 49296
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Fri, 14 Jun 2024 10:10:44 GMT
server: nginx
x-cached-since: 2024-06-14T10:31:22+00:00

GET
H2 200 BigCatchBonanza%40513x767-1@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 54 KB
54 KB 65ms
51ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/BigCatchBonanza%40513x767-1@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 885e57ababf76bfcaa51c6ceb302f736b67270ae7ef3065c15fb88e7aa603463

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "65a145b2-d714"
age: 39775352
traceparent: 00-0cd76550d896d6acb0e8e9a9eeb88081-3453221a62122d84-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 55060
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Fri, 12 Jan 2024 13:59:14 GMT
server: nginx
x-cached-since: 2024-01-12T14:03:51+00:00

GET
H2 200 CandyBonanza@4x@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 55 KB
55 KB 57ms
55ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/CandyBonanza@4x@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 3db89b6edc5985147c39e767b376b4c95c652a12c4ab74d9532ff197de6ff64f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "da52-5c36239d468c4"
age: 1167723
traceparent: 00-caae59f0afd8ddc8ac8767230dca6683-b14e5f9b79fc4908-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 55890
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Fri, 28 May 2021 11:32:07 GMT
server: nginx
x-cached-since: 2025-04-03T10:24:20+00:00

GET
H2 200 SugarRush1000%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 52 KB
53 KB 54ms
54ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/SugarRush1000%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e71a6658206528519440857b23b3484706207806fe6c2084760b6f9ffef6b6f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "d16a-613f071a01683"
age: 10925594
traceparent: 00-9a6e8215247744c4a74b44b66c1b7ff7-bc1e6e9612290c46-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 53610
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Mon, 18 Mar 2024 14:47:59 GMT
server: nginx
x-cached-since: 2024-12-11T11:53:09+00:00

GET
H2 200 ProsperityFortuneTree@513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 82 KB
82 KB 51ms
51ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ProsperityFortuneTree@513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: a35403fefd9c6e3b56d37a50514dadc2076c9eac97ba67702cfabbcfba8cff32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "6376704f-146dc"
age: 58091260
traceparent: 00-66c6a1af34cde353a1c9bbed596a4a53-9d48af8d478f96da-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 83676
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 17 Nov 2022 17:33:03 GMT
server: nginx
x-cached-since: 2023-06-14T14:18:43+00:00

GET
H2 200 GatesofLeon%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 65 KB
65 KB 45ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/GatesofLeon%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 5a78e85ec1a3797df966c5d5f916a671b64f039135120a8c82e37df2fbf141f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "6523e019-104d4"
age: 47992350
traceparent: 00-a8cd83d520539395f0d83a6d369fc43d-d4c2610e45f118b5-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 66772
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Mon, 09 Oct 2023 11:12:25 GMT
server: nginx
x-cached-since: 2023-10-09T11:33:53+00:00

GET
H2 200 SizzlingEggs@4x@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 36 KB
36 KB 46ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/SizzlingEggs@4x@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 5aa358475c5b4645d3fcb10ceea8de5dfeef5354534eea05439fc51503150b6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "6273a3e8-90a2"
age: 58085616
traceparent: 00-88fd44793fc5a5c0b41f0661a86c819d-747def773544eac2-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 37026
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 05 May 2022 10:16:08 GMT
server: nginx
x-cached-since: 2023-06-14T15:52:47+00:00

GET
H2 200 3CoinVolcano%C3%90%C2%B5s%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 58 KB
58 KB 46ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/3CoinVolcano%C3%90%C2%B5s%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: aab0a67cb39ea7b57f9f847887b5d4cfbb6e841234f595efbea20e44fa59e1ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "e7e2-6263b2527a05a"
age: 13952003
traceparent: 00-a59cf47f1c276c5f21b07fb72fe0cc18-b0a1d26a0392ed1e-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 59362
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 06 Nov 2024 09:28:48 GMT
server: nginx
x-cached-since: 2024-11-06T11:13:00+00:00

GET
H2 200 SweetBonanza1000%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 49 KB
49 KB 48ms
48ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/SweetBonanza1000%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 06c04007d5c6b8876839e519b1049b0ba54b82646ee4b85fd509dfad90fdba78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "66506b4d-c43a"
age: 28295224
traceparent: 00-fb28d70978d228da8573ae064423d3b8-fedbb9bb1e8c3552-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 50234
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Fri, 24 May 2024 10:26:21 GMT
server: nginx
x-cached-since: 2024-05-24T10:59:19+00:00

GET
H2 200 Playboy%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 32 KB
32 KB 48ms
48ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/Playboy%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e152f22664039f14e4de935effd50f316ad4cffa5c683c5ae77861f8511e1ca0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "65267b2b-7fa2"
age: 25319221
traceparent: 00-08e294b1043fd0c8879ede319b435a51-d2c395ebd8b1774b-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 32674
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 11 Oct 2023 10:38:35 GMT
server: nginx
x-cached-since: 2024-06-27T21:39:22+00:00

GET
H2 200 SugarRush@513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 54 KB
54 KB 44ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/SugarRush@513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d235fc7a2d05cdc624f8c9b61faace20390f377b8b852a1af7cf0a6e5c4df325

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "62bde2af-d61a"
age: 58093003
traceparent: 00-4aaccb62e454fa3a992757fcde8bc56c-cee325b3a1adbee4-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 54810
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 30 Jun 2022 17:51:43 GMT
server: nginx
x-cached-since: 2023-06-14T13:49:40+00:00

GET
H2 200 LuckofPandaBonusCombo%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 42 KB
42 KB 45ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/LuckofPandaBonusCombo%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 86670461975ded78c109a17b5d554792df91987df6402f49c804e06d9bfe49c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "66ed6c56-a8e6"
age: 18005793
traceparent: 00-ed55001fc6ef1c79563bc41d121948bb-63c12e214e8ee08c-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 43238
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Fri, 20 Sep 2024 12:36:38 GMT
server: nginx
x-cached-since: 2024-09-20T13:09:50+00:00

GET
H2 200 MightyWildPantherGrandGoldEdition%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 34 KB
34 KB 44ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/MightyWildPantherGrandGoldEdition%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 2be76c76ffb44df9fbcc7ff4893a46bbc3ed8359c038288799651891e0e03991

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "86fa-614ba2d425ead"
age: 3945172
traceparent: 00-4b68595a04b88746381bd18601d3949c-170cacea9f1606d0-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 34554
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 28 Mar 2024 15:28:36 GMT
server: nginx
x-cached-since: 2025-03-02T06:53:31+00:00

GET
H2 200 RoyaltyofOlympus%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 43 KB
43 KB 47ms
47ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/RoyaltyofOlympus%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 98709f1b06fa482317f89e4c672d5012880b38a936cee10e62a3e38ad7667a8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "66bdb08a-aab0"
age: 21130618
traceparent: 00-dd7ce55d2ce433b912ed5dc7444d2f2d-92ce506c62e8392a-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 43696
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 15 Aug 2024 07:38:50 GMT
server: nginx
x-cached-since: 2024-08-15T09:09:25+00:00

GET
H2 200 GatesOfOlympus2@4x@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 52 KB
53 KB 44ms
43ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/GatesOfOlympus2@4x@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: c6dc107a9a5bf2c4ec15559952128c7cd629918c4a0ba72c369f8aaf83661e14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "63614cca-d146"
age: 58094188
traceparent: 00-bf78bfc70d6e48569f70b95dc068a37b-c4e2e28e27de40fe-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 53574
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 01 Nov 2022 16:43:54 GMT
server: nginx
x-cached-since: 2023-06-14T13:29:55+00:00

GET
H2 200 DancingJoker%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 43 KB
44 KB 44ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/DancingJoker%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 04f5934125e3ce611e5226b9f49c31ecf8bea48a951b570b561b28bebd43e43c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "ad1c-632e2e8b2923e"
age: 41916
traceparent: 00-b221c8992dea74f58a59514bee1470ff-d1a64f76fffd704e-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 44316
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 16 Apr 2025 10:40:08 GMT
server: nginx
x-cached-since: 2025-04-16T11:07:47+00:00

GET
H2 200 3BlazingVolcanoesPowerCombo%40513x767-1@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 58 KB
58 KB 45ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/3BlazingVolcanoesPowerCombo%40513x767-1@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 2a39c72f97f956ef0cb8507c1443047fa35f587f079a05d66fcffb58c468c0ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "e6f6-632e291457871"
age: 41916
traceparent: 00-964d291230450287cd207635a5c03ca1-b39d2c492de129d7-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 59126
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 16 Apr 2025 10:15:41 GMT
server: nginx
x-cached-since: 2025-04-16T11:07:47+00:00

GET
H2 200 CerealThrillers%40513x767-1@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 43 KB
43 KB 46ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/CerealThrillers%40513x767-1@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 6314c74d7d0796469d04650181fb2729fa4e83760f3996e98b39a7b0dbec478e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "ac6c-632e2e06aa136"
age: 41916
traceparent: 00-2a7d0076aee93e9171d75b62df68f023-af7d212f59d9aadd-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 44140
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 16 Apr 2025 10:37:49 GMT
server: nginx
x-cached-since: 2025-04-16T11:07:47+00:00

GET
H2 200 LuckyRumblePowerSurge%40513x767-1@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 61 KB
61 KB 53ms
52ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/LuckyRumblePowerSurge%40513x767-1@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d45d7ad71e730616282bdae9bfb3bb682577ae06c348c4077c0e559e9a6d506c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "f32a-632e2970e7fe3"
age: 41916
traceparent: 00-f9696d0fa30a12f577d72bb7267f3fea-69df622ccac2789b-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 62250
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 16 Apr 2025 10:17:18 GMT
server: nginx
x-cached-since: 2025-04-16T11:07:47+00:00

GET
H2 200 ChocobingoDelights%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 38 KB
38 KB 46ms
46ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ChocobingoDelights%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: a85f27b04fa3b29c3b906d45d2bfd6c1c2b6c543bbc7f7c8821d2454be747498

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "963c-632e267a57bc8"
age: 41916
traceparent: 00-25c51b203c7e270148900b79295293f6-1213d39d20c99fee-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 38460
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 16 Apr 2025 10:04:03 GMT
server: nginx
x-cached-since: 2025-04-16T11:07:47+00:00

GET
H2 200 KnightFight%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 53 KB
53 KB 45ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/KnightFight%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: ca20c8a732bb733965f89578baf2d6a32ddf03c376980ad5ee5839f5a329956b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "d29e-632e2b186be45"
age: 41916
traceparent: 00-57b719783cff897825a325aacdb6fc95-c5d94e98fc3753b2-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 53918
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 16 Apr 2025 10:24:42 GMT
server: nginx
x-cached-since: 2025-04-16T11:07:47+00:00

GET
H2 200 RoyaltyofOlympusExtreme%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 34 KB
34 KB 45ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/RoyaltyofOlympusExtreme%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 6788860af9fb8bb66be8082c6339f67dc742d577b5b7c04fa3fb3f3a40df9192

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "86ca-632cebcbad2b1"
age: 124343
traceparent: 00-924d610a6dd9a94cc5932653ab4a3d96-1a16f65cfd6e87bb-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 34506
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 10:36:11 GMT
server: nginx
x-cached-since: 2025-04-15T12:14:00+00:00

GET
H2 200 MaxFury%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 63 KB
63 KB 45ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/MaxFury%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 64ecb5d4d57d5e79dfa6f40c16605406f1a0ce6a9a183d1b7ac537001167b837

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "fb16-6326b1916bab8"
age: 549773
traceparent: 00-4fa6cc30a86ba07a58233b2af5cba41c-25c6c8f0ca3ecee0-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 64278
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 10 Apr 2025 11:43:44 GMT
server: nginx
x-cached-since: 2025-04-10T14:03:30+00:00

GET
H2 200 Tessahuntandtheeyeofhorus%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 46 KB
47 KB 47ms
46ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/Tessahuntandtheeyeofhorus%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: ef1de119825d4c1a82b7f5a7e8e2a034106abf31105cd7db43e32e3cac2c501c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "b9c4-632cec8c7d1a9"
age: 124343
traceparent: 00-a23b36379e5c989fa491c8a678dc2197-21a5a82c0ed13233-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 47556
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 10:39:33 GMT
server: nginx
x-cached-since: 2025-04-15T12:14:00+00:00

GET
H2 200 3rdBase%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 49 KB
49 KB 45ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/3rdBase%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 39399c556efcb2299489a3f3f254a72bf7a29440298e650fcb84904c5ff7f12c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "c254-632e293f81594"
age: 41916
traceparent: 00-8c09f2e9028a046e9ea58bb84305b08e-060c86d19b8a6995-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 49748
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 16 Apr 2025 10:16:26 GMT
server: nginx
x-cached-since: 2025-04-16T11:07:47+00:00

GET
H2 200 TombstoneSlaughterElGordosRevenge%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 28 KB
29 KB 45ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/TombstoneSlaughterElGordosRevenge%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e6ffe8e3903229bb7ccecd760a0e0eb160550752d094ebbc4c09eaf48f7287af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "71c0-62cc373aeeaa6"
age: 6775132
traceparent: 00-339cea32630f1fbe42e4dfeaa7edbeb3-6a5ac0cb68fac191-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 29120
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 28 Jan 2025 12:37:11 GMT
server: nginx
x-cached-since: 2025-01-28T12:47:31+00:00

GET
H2 200 SweetDreamBonanzaClaw2000%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 43 KB
43 KB 46ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/SweetDreamBonanzaClaw2000%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f5e02c74df7d3b1bcef23fd076a7ef9dffec25ed2ba7727e596088e3047d82af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "acf6-63259f046d796"
age: 232851
traceparent: 00-11409bd811853ba3d36b505c8fca3952-b0ecd9fcd0980797-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 44278
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 09 Apr 2025 15:15:24 GMT
server: nginx
x-cached-since: 2025-04-14T06:05:32+00:00

GET
H2 200 Loaded%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 38 KB
38 KB 46ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/Loaded%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: a5c763b83a62ae50e276d21347b71e047464e609ade2c5b8f92bd5b231ca47b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "65269139-9764"
age: 27002004
traceparent: 00-b83da4f5950e883a79df0a0b100d3821-d09f3a44a2ff0712-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 38756
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 11 Oct 2023 12:12:41 GMT
server: nginx
x-cached-since: 2024-06-08T10:12:59+00:00

GET
H2 200 HotChilliBells%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 49 KB
49 KB 47ms
47ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/HotChilliBells%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7a2534a5e29cdaa13644ee0d93edfae85ad391625c5d6ada1a83e62d4c5ad7a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "c328-62c72847c7e26"
age: 1557281
traceparent: 00-a3ecedbfef9957dc9b99f3947e5bcb84-dc516149533b7e4b-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 49960
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Fri, 24 Jan 2025 12:03:40 GMT
server: nginx
x-cached-since: 2025-03-29T22:11:42+00:00

GET
H2 200 PowerSun%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 53 KB
53 KB 48ms
47ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/PowerSun%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: af8957715d433e42f9c4acc18f11f2002a4e7c3a5ed14b190b7411f17f8f96a4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "d390-63026405fe4ab"
age: 3051280
traceparent: 00-302251f855b41e24260222a8724e40f4-203341471443ff24-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 54160
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 12 Mar 2025 14:45:07 GMT
server: nginx
x-cached-since: 2025-03-12T15:11:43+00:00

GET
H2 200 20Coins%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 48 KB
48 KB 45ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/20Coins%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 49306ec0e98182c6d09d630785806e1f9fd723d90b95d0c462f497953b8ca8e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "be52-609b67971e5f4"
age: 2047983
traceparent: 00-7c3c618b8250cb20e5659469c37a0abc-f9b9332d5fa3da61-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 48722
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 09 Nov 2023 11:26:26 GMT
server: nginx
x-cached-since: 2025-03-24T05:53:20+00:00

GET
H2 200 BustaNut%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 49 KB
49 KB 47ms
46ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/BustaNut%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 325db1c19be35d186140e1093e923789f981a66e190beaec1d37fa27a2323d37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "c41c-630d840d24c63"
age: 2286192
traceparent: 00-71936db37f5b8c834cb8d19adf87a317-123d018e9847dde1-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 50204
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Fri, 21 Mar 2025 11:06:58 GMT
server: nginx
x-cached-since: 2025-03-21T11:43:11+00:00

GET
H2 200 ChargetheCloversHittheBonus%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 41 KB
41 KB 45ms
41ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ChargetheCloversHittheBonus%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7609720f0c2eff335c69877fc7846d2961226ec47f6c70f67e1b55c7049e04b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "a30c-630398b58eb22"
age: 1328357
traceparent: 00-b34094692374f63f1ed63daf71af6c9c-96eea129ef018636-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 41740
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 13 Mar 2025 13:46:09 GMT
server: nginx
x-cached-since: 2025-04-01T13:47:06+00:00

GET
H2 200 YummyBonanza%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 34 KB
35 KB 55ms
47ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/YummyBonanza%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 2f16075cb95bdb6579aa305bda71d26f075999c340ccfc9331756503681c50a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "8996-62629840e7221"
age: 1478631
traceparent: 00-a3a6add0d16d4973dd716ddc4d50f1ef-b666d3fdf13109d8-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 35222
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 05 Nov 2024 12:26:51 GMT
server: nginx
x-cached-since: 2025-03-30T20:02:32+00:00

GET
H2 200 TaleoftheRedDragon%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 78 KB
78 KB 46ms
46ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/TaleoftheRedDragon%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 92d33df8a35c82072e3971f48eb06f1de4ce7b28a1afef6f47b4e2aa0b51bc9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "13814-62cedb4401fae"
age: 6325594
traceparent: 00-ec4b63068293c361d87f19747a488dcf-a49a49fd5ce6bdf7-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 79892
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 30 Jan 2025 15:01:43 GMT
server: nginx
x-cached-since: 2025-02-02T17:39:49+00:00

GET
H2 200 SlapShot%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 45 KB
45 KB 47ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/SlapShot%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 894d8928c7d4bfed5c8a459b725b8398c4a9bf95a6e978f6b189d0a2cad9f23b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "b420-632d148cd6c56"
age: 111225
traceparent: 00-26ae7a0efe846822f0db2b2ce0729877-f992ab9657ddf254-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 46112
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 13:38:31 GMT
server: nginx
x-cached-since: 2025-04-15T15:52:38+00:00

GET
H2 200 JellyCandy%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 33 KB
33 KB 46ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/JellyCandy%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f31cf594a38c196a546a7774ad954ccbd9c0080f0402e29902ce1e2d87d9b14b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "8400-632ba3f90c54b"
age: 217248
traceparent: 00-8f4827eaff9254c4acb78ed59998677c-e8f1c40bf0351066-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 33792
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Mon, 14 Apr 2025 10:09:32 GMT
server: nginx
x-cached-since: 2025-04-14T10:25:35+00:00

GET
H2 200 BookofTheForest%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 52 KB
53 KB 46ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/BookofTheForest%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 2afb3adb6d9ed63857bcd832f1ac2f8b09bd238a516d8ded516c69c48d119f18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "d1fe-632e2fe941686"
age: 40590
traceparent: 00-a9e371679330a41e15e8cb381bc91e30-d1420f61ad64fa79-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 53758
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 16 Apr 2025 10:46:15 GMT
server: nginx
x-cached-since: 2025-04-16T11:29:53+00:00

GET
H2 200 hamstermania%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 33 KB
33 KB 47ms
47ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/hamstermania%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f213b0d9db9a4786db47fe6ecf2999b080421f32acae0caecf2bffada69705f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "824e-632d1419ad999"
age: 119029
traceparent: 00-e2109bba780168eba26f8ddb1f346118-1e773a17b3da732a-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 33358
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 13:36:30 GMT
server: nginx
x-cached-since: 2025-04-15T13:42:34+00:00

GET
H2 200 WolfPiggiesChase%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 51 KB
51 KB 53ms
49ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/WolfPiggiesChase%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f9bcb6b83eac1469aa716c6319799b094d2bf64b783404cdacc342d359bf4a17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "cb00-632428bd5e602"
age: 730703
traceparent: 00-7b64289862a785d1d0ab592c21e55d1b-de89028f15c178d6-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 51968
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 08 Apr 2025 11:20:55 GMT
server: nginx
x-cached-since: 2025-04-08T11:48:00+00:00

GET
H2 200 DolphinsPearlDeluxeBuyBonus%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 48 KB
49 KB 46ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/DolphinsPearlDeluxeBuyBonus%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 866ad0a38285f094e566c3ee20dbf194b12035d8279f0d30dd82d46eb7ae8827

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "c19e-6327c9c4122f3"
age: 480051
traceparent: 00-a549a489aa54f6c61ce7217b448e0fbd-09de14037aeecb4e-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 49566
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Fri, 11 Apr 2025 08:37:19 GMT
server: nginx
x-cached-since: 2025-04-11T09:25:32+00:00

GET
H2 200 VegasFortune%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 52 KB
53 KB 48ms
47ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/VegasFortune%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 34b446a19d416e0bbdc99348aa09e0fd6489c29e865064952b9d706e268ec6f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "d1ca-632ced108ecdc"
age: 124343
traceparent: 00-34938b96fbe1ee71ba63ffe8e1056b03-d707fda5ec70dd9c-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 53706
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 10:41:51 GMT
server: nginx
x-cached-since: 2025-04-15T12:14:00+00:00

GET
H2 200 GoldisallMine10KWAYS%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 51 KB
51 KB 47ms
46ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/GoldisallMine10KWAYS%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: a9930e96e6496a74593e72b3b9de596856a76144c4fdb5e47f066647a77d82ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "cc42-632cf9e39975f"
age: 124164
traceparent: 00-4ca9476a3ce64eb1afb4b204b6afa330-42b4575781813b71-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 52290
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 15 Apr 2025 11:39:14 GMT
server: nginx
x-cached-since: 2025-04-15T12:16:59+00:00

GET
H2 200 978x720_%23830e00-10@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 103 KB
103 KB 46ms
46ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%23830e00-10@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7bbbaddf8de057536895d4defa665a2df224361385e1a59432e7b593cd576a64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "19be0-63086e94ba6a1"
age: 2637490
traceparent: 00-d984ff0e9de8e86d59b835262be45944-0e2deea130847c42-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 105440
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Mon, 17 Mar 2025 10:04:18 GMT
server: nginx
x-cached-since: 2025-03-17T10:08:13+00:00

GET
H2 200 1-167@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 88 KB
88 KB 46ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/1-167@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 968ad3c148342a0c1613a0628afa5d07e18e690066b2a17c5e3b3912811f0ef4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "66cd7ab0-15ef6"
age: 19962221
traceparent: 00-3ba3b912f907764eb4f65f36e9652094-76e66c625562ac70-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 89846
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 27 Aug 2024 07:05:20 GMT
server: nginx
x-cached-since: 2024-08-28T21:42:42+00:00

GET
H2 200 978x720_25024c@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 86 KB
86 KB 47ms
47ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_25024c@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f6ec592f1f900f6dd6482d1970da531252007ec0ae26eb795932b0944640406b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "1569c-62f77f89770c5"
age: 3742361
traceparent: 00-ff5a9d47d1d4e6a48a1ad9415a7f771b-7a228f29c37d6c7c-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 87708
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Mon, 03 Mar 2025 22:49:38 GMT
server: nginx
x-cached-since: 2025-03-04T15:13:42+00:00

GET
H2 200 978x720_%237900b0@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 77 KB
78 KB 46ms
46ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%237900b0@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 81b60fdc8726d70baff06ac63d79f1c00441dc82fe0792cf2c3f6bdc2bf8f950

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "135ca-62cd4c8d96ba7"
age: 6313414
traceparent: 00-319721ea47b6d811a364be778c3d650f-9d15de6d492d2918-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 79306
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 29 Jan 2025 09:17:54 GMT
server: nginx
x-cached-since: 2025-02-02T21:02:49+00:00

GET
H2 200 978x720_%230069bd@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 112 KB
112 KB 48ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%230069bd@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d020e9f6f9c65cf8dc918e29c7158873cda6a472d09b072fb9bdac7daa512b4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "1bed0-632a7300aba50"
age: 263970
traceparent: 00-d3f014fc51042b2b007c4ab0f69b8e8f-29c04119f521a70f-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 114384
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Sun, 13 Apr 2025 11:25:07 GMT
server: nginx
x-cached-since: 2025-04-13T21:26:53+00:00

GET
H2 200 978x720_%23710c11-2@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 70 KB
70 KB 47ms
46ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%23710c11-2@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 1d23598113941aa69a345fa89d24aa781b9daacb6851bb485b1587b7a7fd2c0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "118b2-62ddb19a4b906"
age: 5469547
traceparent: 00-4e3782fa66ab0a7c7d7b2c282e5d32a5-4aabd942e7197acf-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 71858
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 11 Feb 2025 10:15:11 GMT
server: nginx
x-cached-since: 2025-02-12T15:27:16+00:00

GET
H2 200 LeonCrasher%40513x767-1@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 35 KB
35 KB 45ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/LeonCrasher%40513x767-1@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d1f24332209af88b0e8ef4ee9a3f6449e3feba7b91002ef8aa05ef2cbd4090cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "8b3c-63037f2d8b4a4"
age: 2976736
traceparent: 00-82b313dc3952e4dbba27db05dc9a6413-e259d7b698f4ee38-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 35644
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 13 Mar 2025 11:51:55 GMT
server: nginx
x-cached-since: 2025-03-13T11:54:07+00:00

GET
H2 200 HighFlyer%40513x767-2@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 23 KB
23 KB 46ms
46ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/HighFlyer%40513x767-2@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 29866824bec05e49f0da667916ab6df20b08699c8d14ffa309d3e13db57744a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "5a72-62275f3922e16"
age: 12915027
traceparent: 00-2e22fa3aa2413037d3e2a16cfbc9b03d-28c98926310bbbb9-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 23154
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 19 Sep 2024 09:57:33 GMT
server: nginx
x-cached-since: 2024-11-18T11:15:56+00:00

GET
H2 200 Cricket%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 41 KB
41 KB 44ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/Cricket%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 3cb330bc656b3a84d8286e3fe2839866d8017763344ebe67999e6f07ecb063e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "a2b6-6315114f56a45"
age: 1769230
traceparent: 00-f6fc166282c28db30ccd9bdaa29f5db0-2c44100757beb800-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 41654
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 27 Mar 2025 11:16:14 GMT
server: nginx
x-cached-since: 2025-03-27T11:19:13+00:00

GET
H2 200 Plinko%40513x767-11@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 30 KB
31 KB 45ms
45ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/Plinko%40513x767-11@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 4790eb72c6ede618c748339410218632fdafaf85d89ccdeeadad77031fc977c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "7982-62d784a606852"
age: 5995756
traceparent: 00-2d2ccf9e76b95483b0b47a0a1221e19d-7526064d43a24dbe-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 31106
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 06 Feb 2025 12:22:07 GMT
server: nginx
x-cached-since: 2025-02-06T13:17:07+00:00

GET
H2 200 Mines@513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 53 KB
53 KB 45ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/Mines@513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 7069e270c323343b6963cb0e7f87b08e43e60d7774872d378ffc1b7cc642a475

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "d46c-5ef64cde7fd4f"
age: 9649221
traceparent: 00-1c6e8f8b02957443fbf62122e893b71e-424e12f432647467-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 54380
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Fri, 09 Dec 2022 13:05:13 GMT
server: nginx
x-cached-since: 2024-12-26T06:26:02+00:00

GET
H2 200 Aquarings%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 34 KB
34 KB 44ms
44ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/Aquarings%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f7b735736aaab153ef13fe90c0bae8113f29f12507762c33adbcc30413bacfdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "86fe-62f6eb0d11d3f"
age: 3824632
traceparent: 00-4567c9bc231f09bd5926f49989b37ccd-d07dae7c9ddf2de4-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 34558
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Mon, 03 Mar 2025 11:45:19 GMT
server: nginx
x-cached-since: 2025-03-03T16:22:31+00:00

GET
H2 200 ChickenRoad_1x@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 31 KB
31 KB 47ms
47ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ChickenRoad_1x@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 871af49a9cc9a1b1a629ff544c07352e566301557e48acf961102876420216dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "7bf2-630afc8f8a2ec"
age: 2373447
traceparent: 00-eea29b6cb6ef82571816d3efd9277eac-d95e4bfa9f7db7c0-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 31730
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 19 Mar 2025 10:50:09 GMT
server: nginx
x-cached-since: 2025-03-20T11:28:56+00:00

GET
H2 200 CarCrash%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 25 KB
26 KB 47ms
47ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/CarCrash%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 64c9a88646785fdb5c6d95f1bf63fddc0dbbd24590796422cda55ad8eb9de733

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "658a-62b471a6dcd05"
age: 8062099
traceparent: 00-cbf02dc265c829cf6872f61c94013f77-3c43999f317753e6-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 25994
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 09 Jan 2025 14:50:46 GMT
server: nginx
x-cached-since: 2025-01-13T15:18:04+00:00

GET
H2 200 SuperHeli%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 11 KB
11 KB 47ms
46ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/SuperHeli%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d87f605267ec8542a70c5a08fdc4f6aab247fcd8bb48de066a8f55c5f99e9ec1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "2b80-62bc0235678c8"
age: 660089
traceparent: 00-604165a75e27a9febb3f225545889943-4a0cdac84a151d2c-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 11136
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 15 Jan 2025 15:14:46 GMT
server: nginx
x-cached-since: 2025-04-09T07:24:54+00:00

GET
H2 200 tower_513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 22 KB
22 KB 56ms
55ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/tower_513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 210f9363f97be240e29e0918b2b8ad99e1505e968260bab401f79c8a070c52cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "57fe-6315482695fd7"
age: 1754401
traceparent: 00-0f5f865b00dd72a8f25e67ee0641801a-c2ebbcffbbfa4d5a-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 22526
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Thu, 27 Mar 2025 15:21:35 GMT
server: nginx
x-cached-since: 2025-03-27T15:26:22+00:00

POST
H2 200 api-1 Show response
3917.info/ 939 B
938 B 152ms
147ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7faee1dcf6a8ab4a4908ec733232b08938ae5ca964e2bc2c800a9bf730e9c2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-requested-uri: /ru-ru/registration
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome
x-app-language: ru_RU
x-app-theme: DARK

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:23 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

GET
H3 200 img.gif
my.rtmark.net/ Frame D161 43 B
382 B 153ms
87ms Image
image/gif 2606:4700:4400::ac40:92ea
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&lr=1&partner=f469aaad822fba1aa077e95bcb6e8be0a43d41561cec8d17479068d0b45e401f

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=3024289&lid=139925013&ctype=0&media=0&PageName=Leon_All_Pages&rnd=1575705238&cpref=&loc=https%3a%2f%2f3917.info%2fregistration%3fqtag%3da31492_t36018_c1246_sNALEON%26retentionId%3df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3drussia%26utm_campaign%3dKingQONK%26utm_medium%3dNALEON

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:92ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://track.adform.net/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 931737eaba452d83-ARN
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H3 200 img.gif
my.rtmark.net/ Frame D161 43 B
419 B 148ms
83ms Image
image/gif 2606:4700:4400::ac40:92ea
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&lr=1&partner=b2db1bd650534aabbd1dd7f8cffd90f16e93697552e0030bf08989e2c9474777

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:92ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://track.adform.net/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 931737eaba472d83-ARN
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H2 200 mascot-animated.DZ53syVI.svg
leoncasino.gcdn.co/assets/ 6 KB
3 KB 50ms
50ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://leoncasino.gcdn.co/assets/mascot-animated.DZ53syVI.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 25a8c8fc0ec69024fb9e371f30b57ff861589f90041c8069599cad5ad96a92b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67c575ad-a92"
age: 3676669
traceparent: 00-9bd7c7caa1cda7e0d205ef99438df84f-4a59ab50a43759f0-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/svg+xml
last-modified: Mon, 03 Mar 2025 09:26:05 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2706
x-cached-since: 2025-03-05T09:28:34+00:00
server: nginx

GET
H2 200 mascot.C4J6IXOg.svg
leoncasino.gcdn.co/assets/ 11 KB
0 0ms
0ms Image
image/svg+xml 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://leoncasino.gcdn.co/assets/mascot.C4J6IXOg.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 86ac12bafdcfdceeca1301bec6db2de3b5d02cf3982a6f11da62e2c383f61662

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
content-encoding: br
etag: "67ee4b2e-1035"
age: 819009
traceparent: 00-41a2ddf9a1637abf7dd818994deb9e39-ce7acc1536efb796-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Apr 2025 08:47:42 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4149
x-cached-since: 2025-04-07T11:16:13+00:00
server: nginx

GET
H2 200 40BulkyFruits6Reels%40513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 48 KB
48 KB 54ms
54ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/40BulkyFruits6Reels%40513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 97d35f3c38191e6c4833bf8aafd6ce552d90e3c3f9013888d25840a63d710540

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "bebe-6075a38f9449f"
age: 2855060
traceparent: 00-f7d8e7ac5ba586cadc8435411637c392-5af1c728bca61599-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 48830
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 10 Oct 2023 10:32:24 GMT
server: nginx
x-cached-since: 2025-03-14T21:42:03+00:00

GET
H2 200 JuicyFruitsSunshineRich@513x767@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/ 31 KB
31 KB 52ms
51ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/egs/JuicyFruitsSunshineRich@513x767@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: de9f85da0700b931f1d540bd27b21f12d2512f6fa2d7f408b8ed46e1c7757995

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "6397097f-7c50"
age: 58086302
traceparent: 00-ab5c9580ef00a0aa444f526cb02f5771-f5f57c1bc1444e97-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 31824
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Mon, 12 Dec 2022 10:59:11 GMT
server: nginx
x-cached-since: 2023-06-14T15:41:21+00:00

GET
H2 200 plf
c1.adform.net/imatch/ Frame BDC9 0
384 B 30ms
29ms Image
text/plain 37.157.2.14
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.14 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Wed, 16 Apr 2025 22:46:23 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame BDC9 43 B
199 B 205ms
59ms Image
image/gif 54.78.68.121
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2220017443996948830&Expiration=1746053183
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.78.68.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-68-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame BDC9 0
235 B 173ms
50ms Image
text/plain 95.100.184.137
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=2220017443996948830
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.184.137 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-184-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Expires: Tue, 15 Apr 2025 22:46:23 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Date: Wed, 16 Apr 2025 22:46:23 GMT
Connection: keep-alive

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame BDC9 0
214 B 219ms
45ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=2220017443996948830
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Pragma: no-cache

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame BDC9 0
59 B 147ms
44ms Image
text/plain 3.122.92.109
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2220017443996948830&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.92.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-92-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: text/plain; charset=UTF-8
content-length: 0

GET /
rtb-csync.smartadserver.com/redir/ Frame BDC9 0
0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame BDC9 43 B
672 B 266ms
53ms Image
image/gif 2607:ae80:4::50
FREEWHEEL

General

Check archive.org

Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2220017443996948830
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:4::50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1744843583653050-579
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Keep-Alive: timeout=8, max=100
Date: Wed, 16 Apr 2025 22:46:23 GMT
Content-Type: image/gif
Server: nginx

GET
H2

200

bswsync
crb.kargo.com/api/v1/ Frame BDC9
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=2220017443996948830
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=2220017443996948830&dsp_id=70&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

43 B
385 B

154ms
43ms

Image
image/gif

3.79.137.198
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=2220017443996948830&dsp_id=70&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Server: 3.79.137.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-79-137-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
x-rejected: consent
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 43
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/gif
vary: Origin
x-accel-expires: 0

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: //crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=2220017443996948830&dsp_id=70&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Apr 2025 22:46:23 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame BDC9
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2220017443996948830&expiration=1746053183
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2220017443996948830&expiration=1746053183&C=1

43 B
338 B

99ms
95ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2220017443996948830&expiration=1746053183&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sJnLpFvCQxhfQzAluWptn4RFAvxKqbaSI7jWJatejEUfxh4dp4XHcFFZFMeSylmS7%2BlrFG%2Fgk%2Bfmp0n9UBEptZP%2B6g66cEcX6XqzIlV2fiSuqyqp7TF3e5iDpNm6TF4MEJzKB3VmctlZDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 931737eed9c168af-BUD
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: no-cache
location: /rum?cm_dsp_id=111&external_user_id=2220017443996948830&expiration=1746053183&C=1
cf-cache-status: DYNAMIC
pragma: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wU3dAqOJbq6b4sPWCudlUNr9mn3nFDbDMJ9AlizTA1tZ7hGvcqW5BFg9ERg92b%2F6WFDaYQkKLd5EEUwLzbI%2FbkJuoDmnwi8LRFz21crMvxuF4FkgP44gocGCXR3WnFJlPCXJcppJIWi3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 931737ee097568af-BUD
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 16 Apr 2025 22:46:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BDC9
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2220017443996948830&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2220017443996948830&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=2220017443996948830&gdpr=&sInitiator=external
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=5392076440452082538&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MzMzMDM3M0VGOTk3QjIxOQ&gdpr=

170 B
232 B

80ms
79ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MzMzMDM3M0VGOTk3QjIxOQ&gdpr=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 16 Apr 2025 22:46:24 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location: https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MzMzMDM3M0VGOTk3QjIxOQ&gdpr=
frontend-id: 11
pragma: no-cache
expires: Sat, 01 Jan 2011 12:00:00 GMT
access-control-allow-origin: *
content-length: 0
uip-status: Ok
date: Wed, 16 Apr 2025 22:46:23 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame BDC9 0
344 B 195ms
44ms Image
text/plain 3.120.214.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=2220017443996948830&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Content-Length: 0
Date: Wed, 16 Apr 2025 22:46:23 GMT
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame BDC9 0
324 B 229ms
59ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2220017443996948830
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Wed, 16 Apr 2025 22:46:23 GMT
x-powered-by: Undertow/1
server: nginx
access-control-allow-credentials: true

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame BDC9
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=2220017443996948830
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMjIyMDAxNzQ0Mzk5Njk0ODgzMBAAGg0Iv-aAwAYSBQjoBxAAQgBKAA
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1

70 B
148 B

244ms
77ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

content-length: 70
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: image/gif
server: Kestrel

Redirect headers

cache-control: no-cache, no-store
timing-allow-origin: *
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
date: Wed, 16 Apr 2025 22:46:23 GMT

GET
H2 404 tpid=2220017443996948830
sync.crwdcntrl.net/map/c=6466/tp=ADFM/ Frame BDC9 49 B
222 B 195ms
58ms Image
image/gif 54.72.126.129
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2220017443996948830
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.126.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-126-129.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame BDC9 43 B
279 B 179ms
74ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2220017443996948830
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 185.236.203.100
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 16 Apr 2025 22:46:22 GMT
content-type: image/gif
vary: Accept

GET
H/1.1 200
OK /
cm.adsafety.net/ Frame BDC9 43 B
577 B 142ms
44ms Image
image/gif 217.79.178.221
MYLOC-AS WIIT AG

General

Check archive.org

Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2220017443996948830
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 217.79.178.221 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS: cm49.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Transfer-Encoding: chunked
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *
Date: Wed, 16 Apr 2025 22:46:23 GMT
Content-Type: image/gif
Last-Modified: Wed, 16 Apr 2025 22:46:23 GMT
Server: nginx

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame BDC9 170 B
409 B 229ms
73ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjIyMDAxNzQ0Mzk5Njk0ODgzMA

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 16 Apr 2025 22:46:23 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2

200

setuid
secure.adnxs.com/ Frame BDC9
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=5392076440452082538&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=3764960264081281523

43 B
1 KB

42ms
41ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=3764960264081281523

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 185.236.203.100; 185.236.203.100; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: dd4d3b83-c35c-4f0e-9570-befec72079e3
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Apr 2025 22:46:24 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://secure.adnxs.com/setuid?entity=91&code=3764960264081281523
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Wed, 16 Apr 2025 22:46:23 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 plf
c1.adform.net/imatch/ Frame BDC9 0
384 B 40ms
34ms Image
text/plain 37.157.2.14
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.14 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Wed, 16 Apr 2025 22:46:23 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame BDC9 0
225 B 156ms
44ms Image
text/html 103.231.98.109
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2220017443996948830
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame BDC9 43 B
444 B 178ms
47ms Image
image/gif 65.9.66.47
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-47.fra56.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Age: 68450
Connection: keep-alive
Via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
Content-Length: 43
X-Amz-Cf-Id: JWGsEWrxJYANLJL2rN_dE7YOjoVkgH0QZ6lEfUZpJNgF5fRGUURJTQ==
Date: Wed, 16 Apr 2025 03:45:34 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.24.0
X-Amz-Cf-Pop: FRA56-C1

GET
H2

200

ux
ad.360yield.com/ Frame BDC9
Redirect Chain

https://a.audrte.com/a?adform_uid=2220017443996948830
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bTlraXRpMm0tMkNZV2wwWkRSZkNzeFc5QzVOY05NQS1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1...
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bTlraXRpMm0tMkNZV2wwWkRSZkNzeFc5QzVOY05NQS1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYXplcmlvbiJ9XX0%3D&aruid=m9kiti2m-2CYWl0ZDRfCsxW9C5NcNMA-ad&gdpr=0&gdpr_consent=
https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D%7BPUB_USER_ID%7D%26p%3D560038091

43 B
198 B

58ms
58ms

Image
image/gif

54.78.68.121
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D%7BPUB_USER_ID%7D%26p%3D560038091
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Server: 54.78.68.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-68-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: image/gif

Redirect headers

x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
Location: https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D%7BPUB_USER_ID%7D%26p%3D560038091
Content-Length: 0
Date: Wed, 16 Apr 2025 22:46:24 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame BDC9
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2220017443996948830&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2220017443996948830&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=85865831291594523781619140060813144678&noredirect=1

35 B
591 B

31ms
31ms

Image
image/gif

37.157.2.14
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=85865831291594523781619140060813144678&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Server

37.157.2.14 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=85865831291594523781619140060813144678&noredirect=1
dcs: dcs-prod-irl1-1-v077-0b9b62126.edge-irl1.demdex.com 1 ms
pragma: no-cache
x-tid: 9qf1BYFfRcU=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Wed, 16 Apr 2025 22:46:24 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame BDC9
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2220017443996948830
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217003105219008436128

35 B
601 B

120ms
29ms

Image
image/gif

37.157.5.49
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217003105219008436128

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Server

37.157.5.49 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=217003105219008436128
pragma: no-cache
access-control-allow-methods: GET, OPTIONS
expires: 0
access-control-allow-origin: *
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date: Wed, 16 Apr 2025 22:46:24 GMT
server: AAWebServer
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame BDC9
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7494046129921587561

35 B
591 B

75ms
30ms

Image
image/gif

37.157.5.49
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7494046129921587561

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Server

37.157.5.49 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7494046129921587561
Content-Length: 0
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Date: Wed, 16 Apr 2025 22:46:24 GMT
Server: nginx
Connection: keep-alive

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame BDC9
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=JrJaFLKF1U5bws5

35 B
591 B

29ms
29ms

Image
image/gif

37.157.2.14
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=JrJaFLKF1U5bws5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Server

37.157.2.14 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
location: https://c1.adform.net/serving/cookie/match?party=1084&cid=JrJaFLKF1U5bws5
pragma: no-cache
via: 1.1 google
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 16 Apr 2025 22:46:24 GMT
server: PingMatch/v2.0.30-830-g0d2790f#main-gcp-migration edge-prod-euw1-9f0f@europe-west1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame BDC9 70 B
149 B 95ms
77ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

content-length: 70
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame BDC9 43 B
1 KB 208ms
64ms Image
image/gif 162.19.138.120
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=2220017443996948830

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame BDC9
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1071776081
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Maj3CmrhOjTBNWSSXK76gO

35 B
591 B

30ms
29ms

Image
image/gif

37.157.5.49
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Maj3CmrhOjTBNWSSXK76gO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Server

37.157.5.49 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=Maj3CmrhOjTBNWSSXK76gO
pragma: no-cache
via: 1.1 google
expires: Tue, 03 Jul 2001 06:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
date: Wed, 16 Apr 2025 22:46:24 GMT
last-modified: Wed, 16 Apr 2025 22:46:24 GMT
vary: Origin
server: Weborama Collect Frontend

GET
H2 200 um
sync.teads.tv/ Frame BDC9 23 B
163 B 212ms
69ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=2220017443996948830
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

expires: Wed, 16 Apr 2025 22:46:24 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
pragma: no-cache
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: image/gif
server: pekko-http/1.0.1

GET
H2 204 /
s.ad.smaato.net/c/ Frame BDC9 0
66 B 137ms
43ms Image
text/plain 34.1.242.226
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2220017443996948830
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.1.242.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 226.242.1.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

via: 1.1 google
date: Wed, 16 Apr 2025 22:46:24 GMT
cache-control: no-cache, must-revalidate

GET
H2 200 2220017443996948830
match.contentexchange.me/adform/ Frame BDC9 0
49 B 215ms
67ms Image
text/plain 91.185.218.28
MNSHA-AS Mainstre...

General

Check archive.org

Download Go to Show image

Full URL: https://match.contentexchange.me/adform/2220017443996948830?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.185.218.28 , Slovenia, ASN51859 (MNSHA-AS Mainstream doo Beograd, RS),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Wed, 16 Apr 2025 22:46:24 GMT
server: nginx/1.24.0
content-length: 0

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58679/ Frame BDC9
Redirect Chain

https://pixel.onaudience.com/?mapped=2220017443996948830&partner=68
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=1
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1

0
108 B

84ms
71ms

Image
text/html

2a00:1288:80:807::1
YAHOO-DEB Yahoo-U...

General

Check archive.org

Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Wed, 16 Apr 2025 22:46:24 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

Redirect headers

strict-transport-security: max-age=31536000
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1
content-length: 257
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: text/html
content-language: en
server: ATS

GET
H2 200 xuid
eb2.3lift.com/ Frame BDC9 37 B
140 B 168ms
60ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=2220017443996948830&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame BDC9 0
44 B 173ms
43ms Image
text/plain 52.29.164.62
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=2220017443996948830
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.164.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-164-62.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Wed, 16 Apr 2025 22:46:24 GMT
server: awselb/2.0

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58679/ Frame BDC9
Redirect Chain

https://pixel.onaudience.com/?partner=290&mapped=2220017443996948830
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=1
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1

0
17 B

113ms
70ms

Image
text/html

2a00:1288:80:807::1
YAHOO-DEB Yahoo-U...

General

Check archive.org

Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Wed, 16 Apr 2025 22:46:24 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

Redirect headers

strict-transport-security: max-age=31536000
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1
content-length: 257
date: Wed, 16 Apr 2025 22:46:24 GMT
content-type: text/html
content-language: en
server: ATS

GET
H2 200 plf
c1.adform.net/imatch/ Frame BDC9 0
384 B 38ms
34ms Image
text/plain 37.157.2.14
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.14 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=2220017443996948830&agencyId=9040&advertiserId=2176059&src=tp&rnd=52795

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Wed, 16 Apr 2025 22:46:23 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 978x720_%23351f0a@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 82 KB
82 KB 53ms
53ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720_%23351f0a@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: ba009a5509737a888b7a854c05a4f5ed5ce5e1c0c628b81680315ae7337e52a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "146a6-631ca719dd274"
age: 1169154
traceparent: 00-93790cc5666726bd12058f14e4304b16-f59f3526a5128595-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 83622
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Wed, 02 Apr 2025 12:03:39 GMT
server: nginx
x-cached-since: 2025-04-03T10:00:29+00:00

GET
H2 200 978x720-1939@x2.webp
cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/ 84 KB
84 KB 48ms
47ms Image
image/webp 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to Show image

Full URL: https://cdnimages3.gcdn.co/HRJLWPLB/images/SC/Leonbets/lb_action_backgrounds/978x720-1939@x2.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: a930fcc273bd348536263c4f1dbbce957de8b39392cd296f9e77ddf8431d1091

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

cache: HIT
x-id-fe: fr5-hw-edge-gc16
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc16
etag: "1503e-6312797e18ae6"
age: 1884291
traceparent: 00-0817e6f159d3cfc66f529914ec566cee-64e46b0ee8c39454-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 86078
date: Wed, 16 Apr 2025 22:46:23 GMT
content-type: image/webp
last-modified: Tue, 25 Mar 2025 09:46:21 GMT
server: nginx
x-cached-since: 2025-03-26T03:21:32+00:00

GET
H2 200 b3b80119.d.m.BSetxRBy.js Show response
leoncasino.gcdn.co/js/ 3 KB
1 KB 49ms
49ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://leoncasino.gcdn.co/js/b3b80119.d.m.BSetxRBy.js
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/vite-plugin-import-retry.dca3f5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 9f021a2ea24fa795e0e55276607d53979972b8eb427bd31e4bcef5d4a96e7a2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer

Response headers

cache: HIT
content-encoding: gzip
etag: W/"67f93a4e-ac6"
age: 213843
traceparent: 00-d4c0cd85f7bd8ad0c64cd898fff2818b-5ba6085d8a2be5b7-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Wed, 16 Apr 2025 22:46:25 GMT
content-type: application/javascript
last-modified: Fri, 11 Apr 2025 15:50:38 GMT
vary: Accept-Encoding
x-id-fe: fr5-hw-edge-gc35
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc35
access-control-allow-origin: *
x-cached-since: 2025-04-14T11:22:22+00:00
server: nginx

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2
fonts.gstatic.com/s/roboto/v47/ 20 KB
20 KB 65ms
64ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e921785496ed2d98c2257c88a6f838afa6acbee05cb8467048501bfe2a301461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 139615
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 07:59:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 07:59:30 GMT
last-modified: Wed, 08 Jan 2025 18:23:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20408
x-xss-protection: 0
server: sffe

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2
fonts.gstatic.com/s/roboto/v47/ 40 KB
40 KB 73ms
68ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d758e85352971dffe51a5992405eb8f9b316b1bed82495445c328699ee400830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://3917.info
Referer: https://fonts.googleapis.com/

Response headers

age: 160845
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 02:05:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 02:05:40 GMT
last-modified: Wed, 08 Jan 2025 18:23:13 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40572
x-xss-protection: 0
server: sffe

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 225 KB
76 KB 295ms
136ms Script
application/javascript 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/8e2531cb.d.m.Cd-ywRhB.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

f4f1faf8be133e8514e33efedc9f908dc42f70e156034d8693c00a473ec9d6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "67f118e9-12c2f"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Wed, 16 Apr 2025 23:46:26 GMT
access-control-allow-origin: *
content-length: 76847
date: Wed, 16 Apr 2025 22:46:26 GMT
content-type: application/javascript
last-modified: Sat, 05 Apr 2025 11:50:01 GMT

POST
H2 200 api-1 Show response
3917.info/ 2 KB
1 KB 221ms
216ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

22f276d2675b8f63aa19d8c4f01bf898e3d58469cfc0f3ff09410855c78a6e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-requested-uri: /ru-ru/registration
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome
x-app-language: ru_RU
x-app-theme: DARK

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:26 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

POST
H2 200 web Show response
5a0ef96fd84066141eb932d11ca5b39bb17a78cb.csftr.com/shield-fp/v1/api/ 398 B
630 B 337ms
188ms XHR
application/json 2606:4700:3108::ac42:28c3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://5a0ef96fd84066141eb932d11ca5b39bb17a78cb.csftr.com/shield-fp/v1/api/web
Requested by: Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 170edea1b75bd7e599768621f41ca7057b17cc797800538480c34064d657e338

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://3917.info/

Response headers

x-request-id: e286c652-69f8-4163-b4a3-4140a8a308df
content-encoding: gzip
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 19
access-control-allow-credentials: true
cf-ray: 931737fdab18829d-ARN
access-control-allow-origin: https://3917.info
date: Wed, 16 Apr 2025 22:46:26 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?scid=dd8eead3-1836-73b2-3af9-d2e0f1696912&cid=71598811
https://mc.yandex.ru/sync_cookie_image_start?cid=71598811&redirect_domain=mc.yandex.com&scid=dd8eead3-1836-73b2-3af9-d2e0f1696912&token=10639.TfOYMgzyeJdVy8n3DQGIvPzfaWbNANfr1DC35INAA4LJ99Xp2mybiMC...
https://mc.yandex.com/sync_cookie_image_decide?cid=71598811&scid=dd8eead3-1836-73b2-3af9-d2e0f1696912&token=10639.BJJE4wVRyRhlIiA74MBjrZR3k0-T97q3l-Ba8VlZLpaZKIaOLB096CLfa2bvpIl3-yhrKjh_ZXdM6dW-E3r...
https://mc.yandex.ru/sync_cookie_image_finish?cid=71598811&redirect_domain=mc.yandex.com&scid=dd8eead3-1836-73b2-3af9-d2e0f1696912&token=10639.Fl7CKvrTze-8iXlww3JlXK9fiHLKwVi1bVmBJe1UEbvy_f_VS8t6Hd...

43 B
585 B

67ms
67ms

Image
image/gif

2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?cid=71598811&redirect_domain=mc.yandex.com&scid=dd8eead3-1836-73b2-3af9-d2e0f1696912&token=10639.Fl7CKvrTze-8iXlww3JlXK9fiHLKwVi1bVmBJe1UEbvy_f_VS8t6HdAagrEUAJzBl-mfTKhllECt5alLBsNFSI0sbkfPuEmP10b-WuCRP37tKTvFXh3tpElgSfhMzZ72ugrC7zNDeKKG-fWkOc4lFnd1daJ4vf5JKTQhlV2-d_jQhtKv2jXIzfE7Vayo44gVTiBWcX8fsbblTY2WZ2KF_Q%2C%2C.Ge79nMJqtJatXHgiJL1VAR3JxjA%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
location: https://mc.yandex.ru/sync_cookie_image_finish?cid=71598811&redirect_domain=mc.yandex.com&scid=dd8eead3-1836-73b2-3af9-d2e0f1696912&token=10639.Fl7CKvrTze-8iXlww3JlXK9fiHLKwVi1bVmBJe1UEbvy_f_VS8t6HdAagrEUAJzBl-mfTKhllECt5alLBsNFSI0sbkfPuEmP10b-WuCRP37tKTvFXh3tpElgSfhMzZ72ugrC7zNDeKKG-fWkOc4lFnd1daJ4vf5JKTQhlV2-d_jQhtKv2jXIzfE7Vayo44gVTiBWcX8fsbblTY2WZ2KF_Q%2C%2C.Ge79nMJqtJatXHgiJL1VAR3JxjA%2C

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
577 B 75ms
69ms Image
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "67f118e9-2b"
expires: Wed, 16 Apr 2025 23:46:26 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Wed, 16 Apr 2025 22:46:26 GMT
last-modified: Sat, 05 Apr 2025 11:50:01 GMT
content-type: image/gif

POST
H2 200 api-1 Show response
3917.info/ 131 B
450 B 143ms
141ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fb45faeedf18726357a721a464b6fbd4b126b79a06975ad1549faff1184ff439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-requested-uri: /ru-ru/registration
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome
x-app-language: ru_RU
x-app-theme: DARK

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:26 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame 2FAB 5 KB
3 KB 419ms
77ms Document
text/html 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

0b389bcc6c7609fd630b631c95a0eaf18a875fff4adaa5a246196e8b3b77bf39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://3917.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 2065
content-type: text/html
date: Wed, 16 Apr 2025 22:46:26 GMT
etag: "67f118e9-811"
expires: Wed, 16 Apr 2025 23:46:26 GMT
last-modified: Sat, 05 Apr 2025 11:50:01 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

POST
H2 200 api-1 Show response
3917.info/ 131 B
449 B 146ms
144ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a232be737590c3ef216c58a0f00be7fe08f87fef97e62c13bbacaa1a79e12830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-requested-uri: /ru-ru/registration
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome
x-app-language: ru_RU
x-app-theme: DARK

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:26 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

GET
H2

200

1 Show response
mc.yandex.com/watch/71598811/
Redirect Chain

https://mc.yandex.com/watch/71598811?wmode=7&page-url=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3...
https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source...

576 B
781 B

75ms
74ms

Fetch
application/json

2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/71598811/1?wmode=7&page-url=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ada-DK%3Av%3A1661%3Acn%3A1%3Adp%3A0%3Als%3A1111040780795%3Ahid%3A954453224%3Az%3A120%3Ai%3A20250417004626%3Aet%3A1744843586%3Ac%3A1%3Arn%3A1020933593%3Arqn%3A1%3Au%3A1744843586347294455%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2060%3Awv%3A2%3Ads%3A8%2C143%2C202%2C3%2C1508%2C0%2C%2C179%2C1%2C2373%2C2373%2C0%2C2306%3Aco%3A0%3Acpf%3A1%3Ans%3A1744843578299%3Agi%3AR0ExLjEuNTEwODY3MTYyLjE3NDQ4NDM1ODI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1744843587%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9BE%D0%9E%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

9cb55464c112d791eb9f57a2da61e87480334e86ebaad53b820d605ca69deaf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 16-Apr-2025 22:46:26 GMT
access-control-allow-origin: https://3917.info
content-length: 576
x-xss-protection: 1; mode=block
last-modified: Wed, 16-Apr-2025 22:46:26 GMT
content-type: application/json; charset=utf-8

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/71598811/1?wmode=7&page-url=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ada-DK%3Av%3A1661%3Acn%3A1%3Adp%3A0%3Als%3A1111040780795%3Ahid%3A954453224%3Az%3A120%3Ai%3A20250417004626%3Aet%3A1744843586%3Ac%3A1%3Arn%3A1020933593%3Arqn%3A1%3Au%3A1744843586347294455%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2060%3Awv%3A2%3Ads%3A8%2C143%2C202%2C3%2C1508%2C0%2C%2C179%2C1%2C2373%2C2373%2C0%2C2306%3Aco%3A0%3Acpf%3A1%3Ans%3A1744843578299%3Agi%3AR0ExLjEuNTEwODY3MTYyLjE3NDQ4NDM1ODI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1744843587%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9BE%D0%9E%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
expires: Wed, 16-Apr-2025 22:46:26 GMT
access-control-allow-origin: https://3917.info
x-xss-protection: 1; mode=block
last-modified: Wed, 16-Apr-2025 22:46:26 GMT

POST
H2 200 1
mc.yandex.com/watch/71598811/ 43 B
85 B 76ms
75ms Ping
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/71598811/1?page-url=goal%3A%2F%2F3917.info%2FzInit&page-ref=https%3A%2F%2F3917.info%2Fregistration%3Fqtag%3Da31492_t36018_c1246_sNALEON%26retentionId%3Df118d479-a61f-4ae9-84df-e9864c36975c%26utm_source%3Drussia%26utm_campaign%3DKingQONK%26utm_medium%3DNALEON&charset=utf-8&uah=chm%0A%3F0&hittoken=1744843586_b1ead95d5e0964e07732179edc5a65bed5b234fe03f0c7535a2f9e48034a4c86&browser-info=ar%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A3%3Aen%3Autf-8%3Ala%3Ada-DK%3Av%3A1661%3Acn%3A1%3Adp%3A1%3Als%3A1111040780795%3Ahid%3A954453224%3Az%3A120%3Ai%3A20250417004626%3Aet%3A1744843587%3Ac%3A1%3Arn%3A287513095%3Arqn%3A2%3Au%3A1744843586347294455%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1744843578299%3Agi%3AR0ExLjEuNTEwODY3MTYyLjE3NDQ4NDM1ODI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1744843587%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%3A%20%D0%91%D0%BE%D0%BB%D0%B5%D0%B5%204000%20%D0%B8%D0%B3%D1%80%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%B2%D1%8B%D0%B2%D0%BE%D0%B4%20%D1%81%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B2%20%7C%20%D0%9BE%D0%9E%D0%9D&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(42009092)ti(0)&force-urlencoded=1&site-info=%7B%22type%22%3A%7B%22web%22%3A%22desktop%22%7D%2C%22webVersion%22%3A%226.110.1%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 16-Apr-2025 22:46:26 GMT
access-control-allow-origin: https://3917.info
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Wed, 16-Apr-2025 22:46:26 GMT

POST
H2 200 api-1 Show response
3917.info/ 195 B
494 B 161ms
159ms Fetch
application/json 194.182.175.73
exoscale Akenes SA

General

Check archive.org

Download Go to

Full URL

https://3917.info/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/a17a5642.d.m.d2egGL5n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.182.175.73 Vienna, Austria, ASN61098 (exoscale Akenes SA, CH),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1b753306b35f25bf6a7a96acee1544f7b3a622f809ceceac6cc8e95930889f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
x-app-os: linux
x-requested-uri: /ru-ru/registration
x-app-version: 6.110.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome
x-app-language: ru_RU
x-app-theme: DARK

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Wed, 16 Apr 2025 22:46:27 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.18.0 (Ubuntu)
content-language: da-DK
x-frame-options: SAMEORIGIN

GET
H2 200 cnjqphyx Show response
widget.intercom.io/widget/ 7 KB
3 KB 180ms
45ms Script
application/javascript 143.204.98.128
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://widget.intercom.io/widget/cnjqphyx
Requested by: Host: 3917.info
URL: https://3917.info/ru-ru/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-128.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7d55b3d6438a1397088373d6e3953b4a8a632d861e1694939ffa55fdf53b88c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://3917.info/

Response headers

content-encoding: gzip
x-amz-version-id: zZBrjxUON2IODv6b_M4iKqeF4zGFSWE8
etag: "283a5d88dfad1aa2704bcd54803ab355"
age: 48
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: QGXbbgmFpZP5VXwCupgW768ixAiGQUFFvslBB5N-1D0Js7GqVbQ2GA==
date: Wed, 16 Apr 2025 22:45:48 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding, Origin
last-modified: Wed, 16 Apr 2025 15:54:53 GMT
cache-control: max-age=300, s-maxage=300, public
cross-origin-resource-policy: cross-origin
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2674
x-amz-cf-pop: FRA50-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET frame-modern.e9190fdf.js
js.intercomcdn.com/ Frame 65AA 0
0

GET vendor-modern.67942466.js
js.intercomcdn.com/ Frame 65AA 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2220017443996948830&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID

Domain: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.e9190fdf.js

Domain: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendor-modern.67942466.js

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
realtimesegmenta.org/	1970-01-21 05:25:21	Name: _subid Value: 356cs7f1t2e9
realtimesegmenta.org/	1970-01-21 04:42:09	Name: 3d68f Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjY1OVwiOjE3NDQ4NDM1Nzh9LFwiY2FtcGFpZ25zXCI6e1wiMjI1XCI6MTc0NDg0MzU3OH0sXCJ0aW1lXCI6MTc0NDg0MzU3OH0ifQ.G2MvCuZQym_GRS3853rHIhR-DkF9_fmgGVMDXXrqz_A
3917.info/	1970-01-21 14:16:43	Name: eua Value: syFTG5xheOkWSiUoL5sV8yfzua4rFB/aCuCGysLEWnDLhyvzlFPnRjTN5vn/cobNDizvsMP6hf+Id8v0fILTdUdnk8we6OLSmoxFdgBNF3a+/PKrNYH1XfxvWL+7d5UFQOFMpVIsVAyZN+Xd3UOW0FkoriRqM8ky1hbhU/FZOBItX3K9SyX3cf9SBrcKLYy6Fv3pFr0myEVbk/ldMr2l2c4mhROVTKYzZ2Mv+q9nDPAsufSTLggCCqf6mE3jxl0d/4M/QYQsZQdY+g==
3917.info/	1970-01-21 14:16:43	Name: ABTestSeed Value: 14
3917.info/	1970-01-21 05:23:55	Name: qtag Value: a31492_t36018_c1246_sNALEON
3917.info/	1970-01-21 05:23:55	Name: qtag_rfrr Value: a31492_t36018_c1246_sNALEON-null
3917.info/	1970-01-21 13:26:19	Name: ipfrom Value: 185.236.203.100
3917.info/	1970-01-21 04:42:09	Name: utm_source Value: russia
3917.info/	1970-01-21 04:42:09	Name: utm_medium Value: NALEON
3917.info/	1970-01-21 04:42:09	Name: utm_campaign Value: KingQONK
3917.info/	1970-01-21 04:42:09	Name: retentionId Value: f118d479-a61f-4ae9-84df-e9864c36975c
3917.info/	1970-01-21 14:16:43	Name: x-app-language Value: ru_RU
3917.info/	1970-01-21 14:16:43	Name: firstTheme Value: DARK
.adnxs.com/	1970-01-21 06:50:19	Name: XANDR_PANID Value: M6iu361Wzy667wifQw9bV9_MjJj0hOx7pKRDwyOM_a_IJU9lfotjk1TicHJaoPbGa9TdbujWdMUifXn4ZnM_IriU2t6xX6BQnBcfeG_6aeU.
.adnxs.com/	1970-01-21 06:50:19	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 06:50:19	Name: uuid2 Value: 5392076440452082538
.3917.info/	1970-01-21 14:16:43	Name: _ga Value: GA1.1.510867162.1744843582
.adform.net/	1970-01-21 05:23:55	Name: C Value: 1
.eskimi.com/	1970-01-21 05:23:55	Name: __eConsent Value: 1
.eskimi.com/	1970-01-21 05:23:55	Name: __eDId Value: 3c4e9a5a-c2c6-49e8-9460-dbc415cf4f0b
.eskimi.com/	1970-01-21 05:00:53	Name: __eP Value: 1
3917.info/	1970-01-21 05:23:55	Name: adformfrpid Value: 4444917300866796500
.adform.net/	1970-01-21 04:42:09	Name: CM Value: 1%7C1
.adform.net/	1970-01-21 06:07:07	Name: uid Value: 3764960264081281523
.adform.net/	1970-01-21 05:00:53	Name: CM14 Value: 1744929983_1744843583_1744843583_1_Hu7u4e4e4R7uAeAREREeEREREA
.seadform.net/	1970-01-21 06:07:07	Name: uid Value: 2220017443996948830
pool.admedo.com/	1970-01-21 13:26:19	Name: tuuid Value: 6ef81509-9178-4277-ac90-8d47b8313a4b
pool.admedo.com/	1970-01-21 13:26:19	Name: c Value: 1744843583
pool.admedo.com/	1970-01-21 13:26:19	Name: tuuid_lu Value: 1744843583
my.rtmark.net/	1970-01-21 13:26:19	Name: ID Value: 0881ad6489944efae19b3023adeedf48
.semasio.net/	1970-01-21 13:26:19	Name: SEUNCY Value: 3330373EF997B219
.eyeota.net/	1970-01-21 04:40:44	Name: SERVERID Value: 24130~DM
.casalemedia.com/	1970-01-21 13:26:19	Name: CMID Value: aAAzP7mqPtgAIPupATUozgAA
.casalemedia.com/	1970-01-21 06:50:19	Name: CMPS Value: 4534
.casalemedia.com/	1970-01-21 06:50:19	Name: CMPRO Value: 4534
.ads.stickyadstv.com/	1970-01-21 06:07:07	Name: uid-bp-617 Value: 2220017443996948830
.ads.stickyadstv.com/	1970-01-21 05:23:55	Name: UID Value: 8c9996ed31a34a7293f21e3c44e95be2
.rlcdn.com/	1970-01-21 13:26:19	Name: rlas3 Value: /hqbIFzMDc3Fojuhxk9ly4ohXls5OOUvZOxySaRabpE=
cm.adsafety.net/	1970-01-21 13:26:19	Name: cache0 Value: ZHgzeXg5czBXcVgwYWhGa1JrL05sQT09
.rlcdn.com/	1970-01-21 06:07:07	Name: pxrc Value: CL/mgMAGEgUI6AcQABIGCMLqARAA
.kargo.com/	1970-01-21 13:26:19	Name: ktcid Value: e3aa520b-a75c-0576-5fba-91e417a87d04
.adnxs.com/	1970-01-21 06:50:19	Name: anj Value: dTM7k!M41.CxrEQF']wIg2In8=Sj41!4=!f6#'#9T[9-.=%++`+p6AgAMP-IVD.rteLRtVQr'S-0l'VN8ZAN3FR@PsXH%!:ij[89*_e
.demdex.net/	1970-01-21 08:59:55	Name: demdex Value: 85865831291594523781619140060813144678
.agkn.com/	1970-01-21 13:26:19	Name: ab Value: 0001%3AXy9ktf%2BnJtRgA%2B101D2TR3zaU5novf16
.dpm.demdex.net/	1970-01-21 08:59:55	Name: dpm Value: 85865831291594523781619140060813144678
.adfarm1.adition.com/	1970-01-21 06:50:19	Name: UserID1 Value: 7494046129921587561
.audrte.com/	1970-01-21 05:02:19	Name: arcki2 Value: m9kiti2m-2CYWl0ZDRfCsxW9C5NcNMA-ad!20250127!1744843584190!ip#185.236.203.100:50634
.audrte.com/	1970-01-21 05:02:19	Name: arcki2_adform Value: 2220017443996948830!20250127!1744843584190
.w55c.net/	1970-01-21 14:09:31	Name: wfivefivec Value: JrJaFLKF1U5bws5
.weborama.fr/	1970-01-21 14:06:38	Name: AFFICHE_W Value: mhFFIEzVucya52
.w55c.net/	1970-01-21 05:23:55	Name: matchadform Value: 5
.doubleclick.net/	1970-01-21 14:02:19	Name: IDE Value: AHWqTUnB8qCyNuXROmtNxqzxitF0cMlGALj1HgvEkX2ejJuwFThiv9HqKXKN4f2viMU
.audrte.com/	1970-01-21 05:02:19	Name: arcki2_ddp2 Value: m9kiti2m-2CYWl0ZDRfCsxW9C5NcNMA-ad!20250127!1744843584417
.onaudience.com/	1970-01-21 04:42:09	Name: done_redirects252 Value: 1
.onaudience.com/	1970-01-21 13:26:19	Name: cookie Value: f4357805ff0a187d
3917.info/	1970-01-21 13:26:19	Name: shield_FPC Value: SC2vDSLyJQRAVycBBLOm6hzgBRDxwHOKbp
.3917.info/	1970-01-21 14:16:43	Name: _ga_JZZNGY93CC Value: GS1.1.1744843582.1.1.1744843585.0.0.0
.yandex.ru/	1970-01-21 13:26:19	Name: yashr Value: 6698879371744843586
.yandex.ru/	1970-01-21 14:16:43	Name: bh Value: YMLmgMAGahncyumIDvKst6UL+/rw5w3r//32D8TTz4cI
.3917.info/	1970-01-21 13:26:19	Name: _ym_uid Value: 1744843586347294455
.3917.info/	1970-01-21 13:26:19	Name: _ym_d Value: 1744843586
.mc.yandex.com/	1970-01-21 04:40:44	Name: sync_cookie_csrf Value: 1450704165fake
.yandex.com/	1970-01-21 14:16:43	Name: i Value: XPTpKOg5LGFRya2yFUUpIWa83N+5VxfUTVGDvMA6RkXY3YtOfCEUbKYoHvmdR+lmfSdGK/PcLZ1shzLOAJOGwhSnW74=
.yandex.com/	1970-01-21 13:26:19	Name: yandexuid Value: 1189853171744843586
.yandex.com/	1970-01-21 13:26:19	Name: yashr Value: 8840855391744843586
.3917.info/	1970-01-21 04:41:55	Name: _ym_isad Value: 2
5a0ef96fd84066141eb932d11ca5b39bb17a78cb.csftr.com/	1970-01-21 14:16:43	Name: shd_persistent Value: 71bbe163-0cf3-4ccf-8bfa-82570a454bd3
.mc.yandex.ru/	1970-01-21 04:40:44	Name: sync_cookie_csrf Value: 6953669fake
.mc.yandex.com/	1970-01-21 04:42:09	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 14:16:43	Name: yandexuid Value: 1189853171744843586
.yandex.ru/	1970-01-21 14:16:43	Name: yuidss Value: 1189853171744843586
.yandex.ru/	1970-01-21 14:16:43	Name: i Value: XPTpKOg5LGFRya2yFUUpIWa83N+5VxfUTVGDvMA6RkXY3YtOfCEUbKYoHvmdR+lmfSdGK/PcLZ1shzLOAJOGwhSnW74=
.yandex.ru/	1970-01-21 14:16:43	Name: yp Value: 1744929986.yu.2948010421744843586
.yandex.ru/	1970-01-21 13:26:19	Name: ymex Value: 1747435586.oyu.2948010421744843586
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1936278571744843586
.yandex.com/	1970-01-21 13:26:19	Name: yuidss Value: 1189853171744843586
.yandex.com/	1970-01-21 13:26:19	Name: ymex Value: 1776379586.yrts.1744843586
.yandex.com/	1970-01-21 13:26:19	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 14:16:43	Name: bh Value: KgI/MGDC5oDABmoZ3MrpiA7yrLelC/v68OcN6//99g/E08+HCA==
.3917.info/	1970-01-21 04:40:45	Name: _ym_visorc Value: b

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON Message: [DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2220017443996948830 Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B09B020C010000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON Message: [GroupMarkerNotSet(crbug.com/242999)!:A0809B020C010000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://3917.info/registration?qtag=a31492_t36018_c1246_sNALEON&retentionId=f118d479-a61f-4ae9-84df-e9864c36975c&utm_source=russia&utm_campaign=KingQONK&utm_medium=NALEON Message: [GroupMarkerNotSet(crbug.com/242999)!:A080C5000C010000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1fjq7.trk.elasticemail.com
3917.info
5a0ef96fd84066141eb932d11ca5b39bb17a78cb.csftr.com
a.audrte.com
a1.adform.net
aa.agkn.com
acdn.adnxs.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
c1.adform.net
c1li7tt5ck.com
cdnimages2.gcdn.co
cdnimages3.gcdn.co
cm.adsafety.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
crb.kargo.com
d1cr9zxt7u0sgu.cloudfront.net
dmp.adform.net
dpm.demdex.net
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js.intercomcdn.com
leoncasino.gcdn.co
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
mc.yandex.com
mc.yandex.ru
my.rtmark.net
o237537.ingest.us.sentry.io
pdw-adf.userreport.com
pixel-us.r2drtb.com
pixel.onaudience.com
pj.l.liftdsp.com
pm.w55c.net
pool.admedo.com
ps.eyeota.net
ps.l.liftdsp.com
realtimesegmenta.org
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
se.semasio.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
sync.crwdcntrl.net
sync.teads.tv
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
widget.intercom.io
www.googletagmanager.com
x.bidswitch.net
js.intercomcdn.com
rtb-csync.smartadserver.com
103.231.98.109
104.18.26.193
142.250.186.130
143.204.98.128
151.101.129.108
162.19.138.120
18.196.128.37
18.66.121.111
185.89.211.116
188.42.63.48
188.42.63.49
194.182.175.73
2.16.97.41
2001:4860:4802:32::36
217.79.178.221
2400:52e0:1e00::1082:1
2600:9000:2156:3200:16:3a8f:8380:93a1
2600:9000:223f:2000:5:e0f4:e840:93a1
2606:4700:3036::ac43:a091
2606:4700:3108::ac42:28c3
2606:4700:4400::ac40:92ea
2607:ae80:4::50
2a00:1288:80:807::1
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:828::2008
2a02:6b8::1:119
2a03:90c0:41:2801::62
2a06:98c1:3121::3
3.120.214.218
3.122.92.109
3.79.137.198
34.1.242.226
34.120.195.249
34.254.143.3
35.190.24.218
35.206.140.87
35.210.130.15
35.214.136.108
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.14
37.157.5.49
37.157.6.237
37.157.6.243
37.157.6.245
37.157.6.254
37.252.171.52
37.252.172.123
37.252.173.215
4.232.99.2
52.29.164.62
54.38.113.3
54.72.126.129
54.74.164.45
54.78.68.121
65.9.66.47
69.173.144.138
76.223.111.18
77.243.51.122
85.114.159.118
88.214.195.17
91.134.188.169
91.185.218.28
95.100.184.137
03a5fda0dedb4bc1630184c5f31da408e9655a2a8a2a33ef27be0e96d88970a7
046036e7f874f492979b65f952a66e194b8f1739f24a64d40b2052f944114bc5
049e51bec3a57f5d4f4ff4d0a592ce5a25e418fa08841f345cc7b7ba2e6b1581
04f5934125e3ce611e5226b9f49c31ecf8bea48a951b570b561b28bebd43e43c
0565ef51f5934a1fc6f8a6e25f958de335b791559e5e0c100b2649acbe64f92b
0574282d30f05a4565b45f1ca37dc0efdf22ce4047228ff9029cf5d95a5d6961
06c04007d5c6b8876839e519b1049b0ba54b82646ee4b85fd509dfad90fdba78
0b389bcc6c7609fd630b631c95a0eaf18a875fff4adaa5a246196e8b3b77bf39
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cb38a56362f0b982f99152ccce762a65d0b435b1337984a21dd5b96925770d3
0e4ed35fdb0dce3e90d737820098164b1a6e33bba7fe36430dd522493778dc29
10668c14df35c733f8269fe678393f8de093352470afcacb67059c26a651939d
1248692f89afc35d90d402e22d5db4ddccd51391372bb1db5ecc317385255fe9
13b710020acb4a4914b3773ceee2b981f8c96e443e66616feb8c449825aa0992
1407537c6ec7e37f33b45b259b172c870c09cf19a3a529c73ccd6d37fbbe24e0
14b7a03c801bac68f96425f2063f7518368964f93c48cf93242dc5920bf3609c
152add0de253a858678d73d9988ee6214da2dc169ad58e26e2f95e472b50fed6
155705ad90a321b396a52fbab695bc92f9a2046aac18371fb9a172657e97c2a6
166492bed181420589ed5d3c45e9f66e3e7df75710294e8bd65f1faf8dd2b771
170edea1b75bd7e599768621f41ca7057b17cc797800538480c34064d657e338
19d604622f3b0f64eb979249c8f278e009412d0f617a81b9106c894737bc5396
1ae73f949ce1ca94b58f32ac5fab711d948e93073d8432e06228d5dc3a69321a
1b753306b35f25bf6a7a96acee1544f7b3a622f809ceceac6cc8e95930889f50
1d23598113941aa69a345fa89d24aa781b9daacb6851bb485b1587b7a7fd2c0b
1ddede917c6530f1ac5a6829d55464b198132ae71fe2f02e715bd89c55afc538
1e078ab22e121ca794750ebc6dc8ed24b222b889aea9e1a3a71fc645d331d03f
203f5bac0643f4cce81da3c8a7aac6dd38f9ec0f87cef8d5bcdcbf00763387d6
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
20e01011eaf7681129c2d12bb24544d4a010a78d0bb572effeff110fb9be1238
210f9363f97be240e29e0918b2b8ad99e1505e968260bab401f79c8a070c52cc
22aea14693655e0fa33cc4aa8606714bcd6cfc66c6bc320ee70661116034ad1f
22eb05f821c7cc95e715dc17de449edd34c22e15cd62eeb916824dc6b87b31aa
22f276d2675b8f63aa19d8c4f01bf898e3d58469cfc0f3ff09410855c78a6e9e
23a5b7d715c6cc355832ef81340d8345ead5f086f5523d5da6c363700d79728f
23eceedfe982abfba21106b59483f2824b7660dd2038cd05c6030311841b9585
255eeb56877c6d0d16fc8e76bdfeff90afdf1ef6fbc20b723248d334f49a1fd6
25a8c8fc0ec69024fb9e371f30b57ff861589f90041c8069599cad5ad96a92b0
25d002e623903b320eb203f271ef153ee2df8a51e2aed4878c7598d9f6a6ca6d
2908de2f63299db485f9b3ac86491df38d46d4c0d2d4880947322463d6208a57
29584a24e989014c65a825ba13e5f00699985f9db1a19929cf68de13a590dca6
29866824bec05e49f0da667916ab6df20b08699c8d14ffa309d3e13db57744a7
2a08069de293510765caaf22b0bb7d07cce01078d57d484b60c3b4dc912a92d1
2a39c72f97f956ef0cb8507c1443047fa35f587f079a05d66fcffb58c468c0ac
2afb3adb6d9ed63857bcd832f1ac2f8b09bd238a516d8ded516c69c48d119f18
2be76c76ffb44df9fbcc7ff4893a46bbc3ed8359c038288799651891e0e03991
2ca169d8759b97b87a8f2441c8865bce8d3d2fe6b489594753229d45003ce2be
2dfbabb87ab7d9cc23483f8666a736ca7aefd4b9708bbc0d7d91d96f98b84a3c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e568df5e0d848cbbef272c08867ac7342e542545f2bb1ed60a3f2107aaba02f
2f16075cb95bdb6579aa305bda71d26f075999c340ccfc9331756503681c50a0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
325db1c19be35d186140e1093e923789f981a66e190beaec1d37fa27a2323d37
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34392590e328c76b4283b5c3c9a9e9b8723bc4068d17e1acb476c092a38f9268
34b446a19d416e0bbdc99348aa09e0fd6489c29e865064952b9d706e268ec6f3
39399c556efcb2299489a3f3f254a72bf7a29440298e650fcb84904c5ff7f12c
397203f5cc129d9af709115c62b8b2bb1869cc718dcf042e4e3b7f1f4b66e1cf
3c584108e1d8685d12332171f34879003c01a21d55ae5bf753b8e034bc020e2c
3cb330bc656b3a84d8286e3fe2839866d8017763344ebe67999e6f07ecb063e3
3cfed3f63b1d868a70f9bd819fcb50897d1daf98d0fd25aee0749cd30dcf4e54
3d0e8b45f9eb5c9c464d49cef63580f2b905615dde847cece1780ee09044467f
3db89b6edc5985147c39e767b376b4c95c652a12c4ab74d9532ff197de6ff64f
3f4c4ddc52bdb985425113afae186ed4231528f8b8a4f98087d37f3890315caa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d385cd009f99cac384a7106fe5a7fac1ffe369d3ac8b5afd92d861aab4214b
477493b29fa0c790b7441e883afe495a98cf79ca041f0b45948913c13605e59c
4790eb72c6ede618c748339410218632fdafaf85d89ccdeeadad77031fc977c4
49306ec0e98182c6d09d630785806e1f9fd723d90b95d0c462f497953b8ca8e9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e231ad4957b413aaef88dd602f78a6b38d22750f39eb98a61fc345645512bab
4e687af4507ee911e92498208c154c59437d0ee76ae1c07cfebe4f056415e095
4f881f37b50120790cdd67f07acbf71a2c1bfef2408a96d9515f08f911ad21c4
533cc1795d0f8c05ba575368c4a1d156021e74d1e72c1e48f6a54c1f9c8c7b06
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
573f75ebb85a1b821230d96866a2cabdc451b0bfbae29c86cf985157faaea0d5
5914be124697c3a8ad4472c47a2ea7fd5313117348b672300fb5a3da2383ab56
59e0478fd8cb2a0b31a2b40a88382d1902c89e89b3cb49c66be7979bb4930383
5a78e85ec1a3797df966c5d5f916a671b64f039135120a8c82e37df2fbf141f1
5aa358475c5b4645d3fcb10ceea8de5dfeef5354534eea05439fc51503150b6f
5b3c42cf36b410b740d14b5fc052792b46464975d99dcfe7ff70428845eb9fd1
62b722eca58786138391eee4ef1d2d49b184341f1a4ba35c5513b40af52b5c18
62e987c4205a8c7beae8edd0b279f351ce9654f43f14618b1ed553fa435ef7e3
6314c74d7d0796469d04650181fb2729fa4e83760f3996e98b39a7b0dbec478e
64c9a88646785fdb5c6d95f1bf63fddc0dbbd24590796422cda55ad8eb9de733
64ecb5d4d57d5e79dfa6f40c16605406f1a0ce6a9a183d1b7ac537001167b837
6516e9411efd44270ddd1ed1af1523a9c63a61a1bf29b697e1aac53302963b36
653a14f36effc8bf0aab3cba3f831dfe669db04ebcff1448697e95b920c0e6a8
6788860af9fb8bb66be8082c6339f67dc742d577b5b7c04fa3fb3f3a40df9192
699ad62b8d6dad5fa04f1f3cb3bc36d95d05d629f9056261e45e0623432c9258
6e212a584c9009c651fc4686e2a5fa73f54eda9b862f1b51a09eb843d32ec25c
7069e270c323343b6963cb0e7f87b08e43e60d7774872d378ffc1b7cc642a475
72eec63e5e08a7445b2edf1b063f2ed8024475656f6136d6e70e24e595ff3141
73609cd3bdcc6e138da8909f69a8b1e9d2e71f1455a2f693b735b93eca250366
7609720f0c2eff335c69877fc7846d2961226ec47f6c70f67e1b55c7049e04b6
7616452b64959448cd071bcccab5980657b344879e098ec1bbc4b0f4b3ed76c7
778e69124b8803db432937687536d0dff7536cc0e0d6ab310d4dda39a64b362e
7944086d95d3bbec57b47727fccd63203a571884932ddcb5ed647fbc9118e83d
79c125054955d4135e4c74bf8eabbb6aea0c0fdd465812bd1cd93de2f56df611
7a2534a5e29cdaa13644ee0d93edfae85ad391625c5d6ada1a83e62d4c5ad7a5
7b06beeb6f55945a908143b45f8a0f4fa0197579c7062f1ba6117b1790ce174c
7b5c100e1b0aa1c62163469418edde10b3afc5d381b8290c0a9325b1d65ca4fc
7bad3ad85f7cace42ed07236ae1e76691303059ceeb2d09ce83b5a05d7356de0
7bbbaddf8de057536895d4defa665a2df224361385e1a59432e7b593cd576a64
7cbd21dc8c356e1ce7e684c4e1784be5711dd48ae69f4075f7d8b4711b9a8013
7e3940a7cbe400ecb841563702098c29277e6eb72f6b5de64050876c44187e69
7e3f1836401d8d45ae3f406467c7bc7b78193dc00028d63d7659a7809bc4c083
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
7f177164b2855b506f4fe529f086c020223dcba933047b156a8903287231fb1a
7faee1dcf6a8ab4a4908ec733232b08938ae5ca964e2bc2c800a9bf730e9c2d0
7fb3ac184892bd95d633c372bc5003ff1aabe61e9055ad55ab2eaa1d0ff751ad
7fed836409217f5ac8eddc5f8193b5c0c5e4e02bc3af1d18b4bc00287b8cfa33
81b60fdc8726d70baff06ac63d79f1c00441dc82fe0792cf2c3f6bdc2bf8f950
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ba473ac573a61b79a7bfe541ccf59cfaaa5c1fb53aa31f6be42cab939a7329
86670461975ded78c109a17b5d554792df91987df6402f49c804e06d9bfe49c4
866ad0a38285f094e566c3ee20dbf194b12035d8279f0d30dd82d46eb7ae8827
86ac12bafdcfdceeca1301bec6db2de3b5d02cf3982a6f11da62e2c383f61662
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
86e1dab1ffaa9690a364b41735fc24d5000206affbaede7bca445f17dd115668
871af49a9cc9a1b1a629ff544c07352e566301557e48acf961102876420216dc
884933fb5789b478d2da68a4cb0bd5cc138d995f1fea9a957ba29cb3c00f1bf7
885e57ababf76bfcaa51c6ceb302f736b67270ae7ef3065c15fb88e7aa603463
88c38dd5fd1531be2d044c85bfd00517c41ce29b03c514d620d80a80241a1f11
894d8928c7d4bfed5c8a459b725b8398c4a9bf95a6e978f6b189d0a2cad9f23b
8b8b8c8405d290df3be8ca6ee47cbaa83b71107d48c84b90302f9a9947bceeb3
8c47d562b25f92f787c36c8a0e589ff2bb81cbd24bccb269415955375e8024df
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91a2ef08e9ac28e95b534e4f66903b68050fff2b253901329f69b3cda1f5860f
92d33df8a35c82072e3971f48eb06f1de4ce7b28a1afef6f47b4e2aa0b51bc9e
93e4836c15371f02d5feecadc36b4d7cf5d0173143cc8329f65755abe04aaf4e
9655e30d07b8a936979f4a5e82b8926f744fa3082131939cf7210dbd6df5f83c
968ad3c148342a0c1613a0628afa5d07e18e690066b2a17c5e3b3912811f0ef4
97d35f3c38191e6c4833bf8aafd6ce552d90e3c3f9013888d25840a63d710540
98596f703ec5e76243f01c178e27e944f494fbda0e8e4dacd6291739b078ac8b
98709f1b06fa482317f89e4c672d5012880b38a936cee10e62a3e38ad7667a8d
9bb2c583bfe0cfe4ce25dcad5944668b5da72f52f04163654804a03238897b42
9c6445ece562b8355a170e09ae782ecce11eacc2081b9963ae10d57053f33b1b
9cb55464c112d791eb9f57a2da61e87480334e86ebaad53b820d605ca69deaf5
9d49ce5010cd80986edadba2402c09cd6ef3177193936ad462dfa90b11589371
9e8fadb0932ffc1f1a4937d9ab37505a34a35b6d0c05fdcb7f00f8290934c9d6
9f021a2ea24fa795e0e55276607d53979972b8eb427bd31e4bcef5d4a96e7a2a
9f37e4d79b64613286fbf83e86ba1a2e41279be0c2ccbd076ca5b50f9386a8b5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a232be737590c3ef216c58a0f00be7fe08f87fef97e62c13bbacaa1a79e12830
a35403fefd9c6e3b56d37a50514dadc2076c9eac97ba67702cfabbcfba8cff32
a5c763b83a62ae50e276d21347b71e047464e609ade2c5b8f92bd5b231ca47b2
a85f27b04fa3b29c3b906d45d2bfd6c1c2b6c543bbc7f7c8821d2454be747498
a8f8226141de6e006f58a114f5bfb77e6b2fa714f87378a11f6ab1451bcc1553
a930fcc273bd348536263c4f1dbbce957de8b39392cd296f9e77ddf8431d1091
a9930e96e6496a74593e72b3b9de596856a76144c4fdb5e47f066647a77d82ba
aab0a67cb39ea7b57f9f847887b5d4cfbb6e841234f595efbea20e44fa59e1ed
ac515cb52140f9a8ac5efdb0fee4f777e586ccac36bb3ef91ebe63d4be71909c
af8957715d433e42f9c4acc18f11f2002a4e7c3a5ed14b190b7411f17f8f96a4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ac4e0498db49358acf3e157c12b7c77625107e351e614938bf09f45ae5700e
b4f07011ff85522869c7752cc7127780dee25dea60479cb4d681fb433f60aa4d
b51df9b028d1354d056ff4ea38e5c12a23d6708075234c0ffc79d38307fd016a
b66c4f17ae44994093f59b2350e8efebdb85a480994ffcc592cf33acd2f380c9
b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582
ba009a5509737a888b7a854c05a4f5ed5ce5e1c0c628b81680315ae7337e52a9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb
c45d41e1863665bba956aec1969a55d646d5dbf961803cf1cec079e354c07f51
c6dc107a9a5bf2c4ec15559952128c7cd629918c4a0ba72c369f8aaf83661e14
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca20c8a732bb733965f89578baf2d6a32ddf03c376980ad5ee5839f5a329956b
ca8875eb173e5cfd610706712c5f3284de51ae3d81735667717567aa80da1c13
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d020e9f6f9c65cf8dc918e29c7158873cda6a472d09b072fb9bdac7daa512b4b
d1d27a4fa7dfa49d65591ad727ea33e2739418dd6975b6cbbe0844e03101d179
d1f24332209af88b0e8ef4ee9a3f6449e3feba7b91002ef8aa05ef2cbd4090cf
d235fc7a2d05cdc624f8c9b61faace20390f377b8b852a1af7cf0a6e5c4df325
d45d7ad71e730616282bdae9bfb3bb682577ae06c348c4077c0e559e9a6d506c
d519960ad125ba557e09f52385c05a82cc7e457d149d535f4ecea1b8b5f4f6c1
d758e85352971dffe51a5992405eb8f9b316b1bed82495445c328699ee400830
d75f88aec411c8c541ba059f6e74e57463e346916e895a323fa2dbf74172820a
d87f605267ec8542a70c5a08fdc4f6aab247fcd8bb48de066a8f55c5f99e9ec1
d892d3e4052fa9f44e2dae665dfa59dd6de5af6a5f143fca6c34b5a468886f88
dca3f558d8b551db233a488f512c5180ee9db08c320ce1c1492ec74160f5a5cc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de9f85da0700b931f1d540bd27b21f12d2512f6fa2d7f408b8ed46e1c7757995
df0876ba5126871e016b56c824adb1a42d170320155ee07ac2ecef4a51428cba
df99bba85c6080060ceef610844a35ba1aff2424dd1dd3509c603de67e1e1cd5
e0b4ab42b9568fe002edf100d43ec29d0565875a99f32b5b3c2b8faec7b099f5
e152f22664039f14e4de935effd50f316ad4cffa5c683c5ae77861f8511e1ca0
e2655942183a3907d0b01bc3c6092ba200f089bf26a8a9f24801f96d27cfd419
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b74989ba78a34e873ea7d3e98f3bf9f832584a81de6a23f942862bd7a40857
e469f6ef51a3dd21e20c0c393a73912c0a6656bb1cfb6afbf94f4149b87bbc16
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e6ffe8e3903229bb7ccecd760a0e0eb160550752d094ebbc4c09eaf48f7287af
e71a6658206528519440857b23b3484706207806fe6c2084760b6f9ffef6b6f5
e8ceb48efc3ae43c8756f9d57267ddbf0676c1951cacb0928b7d4e538e40688d
e921785496ed2d98c2257c88a6f838afa6acbee05cb8467048501bfe2a301461
e98c1e5afb488597d136347b31918042594d447a10e9e5b6cfbbf2388e0e0a4c
ea29b04c57eb9b3a1eeebab1b8406ec885fc05215a1a00c92f8813c075bffd7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1de119825d4c1a82b7f5a7e8e2a034106abf31105cd7db43e32e3cac2c501c
f213b0d9db9a4786db47fe6ecf2999b080421f32acae0caecf2bffada69705f4
f31cf594a38c196a546a7774ad954ccbd9c0080f0402e29902ce1e2d87d9b14b
f34c52d1487cf55ea4c01655d023e549710881660931c7a48b0c93dfe4897e85
f4f1faf8be133e8514e33efedc9f908dc42f70e156034d8693c00a473ec9d6f3
f5e02c74df7d3b1bcef23fd076a7ef9dffec25ed2ba7727e596088e3047d82af
f6387d1daf770ea16213c1b17b4b60e1d5e866c6a36f439d9ee0a8c7eac84693
f6ec592f1f900f6dd6482d1970da531252007ec0ae26eb795932b0944640406b
f7b735736aaab153ef13fe90c0bae8113f29f12507762c33adbcc30413bacfdb
f7d55b3d6438a1397088373d6e3953b4a8a632d861e1694939ffa55fdf53b88c
f808e50433f57a02940e56b9772486c2b226f930ea476ffba11e75aa997dfae7
f8f08d9c84fd3c25ac981bb01f9d27c69dad6b5a178c88c12afdd212acab57d6
f9bcb6b83eac1469aa716c6319799b094d2bf64b783404cdacc342d359bf4a17
fa1475f18518ec85526054b48860423c5059758658276d2c97db4aad56373e32
fa2f835664d8f7c101ea672cea3f862c0baa8159d93e11e2a0aa42a9eb5f0424
fb45faeedf18726357a721a464b6fbd4b126b79a06975ad1549faff1184ff439
fd1792c86362ee56c8ca9479b4bf023862faec59991939d1a4e8d568877df028
fe7eeec260903313f796fbbc404a4a7b3ceb45858307521d473b71e789c99e7c
fe94ea56b20d7c1b1f1822d1f8c4033e576bc98c886881a51a52e6b5601b2cc1
ffc50057b8e2ae8f26f5ad53866f3586abae6f3e985c4c10ccbf947a3c564fe2

3917.info Open in urlscan Pro 194.182.175.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

271 Requests

92 %HTTPS

23 %IPv6

58 Domains

71 Subdomains

53 IPs

15 Countries

7694 kBTransfer

13541 kBSize

80 Cookies

6 Outgoing links

Page URL History

Redirected requests

271 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

3917.info Open in urlscan Pro
194.182.175.73 Public Scan

Screenshot
Live screenshot

Full Image

271
Requests

92 %
HTTPS

23 %
IPv6

58
Domains

71
Subdomains

53
IPs

15
Countries

7694 kB
Transfer

13541 kB
Size

80
Cookies

271 HTTP transactions
3 data transactions