len6gyisnhmb.com/an/public/mb_prod.js
3.125.159.65200 OK 6.9 kB URL GET HTTP/2 len6gyisnhmb.com/an/public/mb_prod.js
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type JavaScript source, ASCII text
Hash 4c251a605ed14aba9f4200c57424d402
3dad41db79a996ba09c2158f0d515e340e223bf0
652f215ad19bacd08219bdb551bbdfa176b36c131f8aa4c3907f7eb4a0ea0aa4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /an/public/mb_prod.js HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:14 GMT
content-type: application/javascript
content-length: 6913
last-modified: Tue, 16 Apr 2024 16:36:06 GMT
etag: "661ea8f6-1b01"
cache-control: no-store; must-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2
x011bt.com/gif/test
49.12.126.251200 OK 43 B IP 49.12.126.251:443
ASN #24940 Hetzner Online GmbH
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectx011bt.com
Fingerprint00:B8:94:7F:91:E8:3F:7E:83:3C:A3:82:1D:BE:74:E1:CF:20:23:7D
ValidityThu, 18 Apr 2024 14:53:37 GMT - Wed, 17 Jul 2024 14:53:36 GMT
File type GIF image data, version 89a, 1 x 1
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gif/test HTTP/1.1
Host: x011bt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Tue, 23 Apr 2024 21:10:14 GMT
content-type: image/gif
content-length: 43
x-frame-options: SAMEORIGIN
x-xss-protection: 1
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
access-control-expose-headers: Content-Length,Content-Type
pragma: no-cache
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
set-cookie: uid=7188645370153402368; Domain=.x011bt.com; Path=/; Expires=Fri, 05 Mar 2027 13:38:58 GMT; HttpOnly; Secure; SameSite=None
x-response-time: 0
cache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate
X-Firefox-Spdy: h2
rstat.rockmostbet.com/public/rstat_pixel_spa.js
162.55.5.93200 OK 13 kB URL GET HTTP/2 rstat.rockmostbet.com/public/rstat_pixel_spa.js
IP 162.55.5.93:443
ASN #24940 Hetzner Online GmbH
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectrstat.rockmostbet.com
FingerprintE6:73:BE:80:71:82:78:1C:16:B0:7C:C9:F7:36:67:FF:8B:C8:B0:A9
ValidityWed, 27 Mar 2024 11:01:39 GMT - Tue, 25 Jun 2024 11:01:38 GMT
File type JavaScript source, ASCII text
Hash 0a79ac8fabc17c9fee41cf845ec61bd0
e93d27b7afc6b6a7ac00acdf85fa9c9284d86354
ca83e633f0f7b5ed13d1f5b33b526876bee0220b1e95156dad1da775682406a2
GET /public/rstat_pixel_spa.js HTTP/1.1
Host: rstat.rockmostbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/javascript
etag: "sccjlza3d"
last-modified: Mon, 22 Apr 2024 13:46:47 GMT
server: Caddy
x-content-type-options: nosniff
content-length: 13081
date: Tue, 23 Apr 2024 21:10:32 GMT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-5PMSX62
142.250.74.168200 OK 78 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5PMSX62
IP 142.250.74.168:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (13419)
Hash f449de2c039d4b97e6344b2a7aa80eeb
9f88cb4e3744653cfa6a7f159c42ef727bb85b50
e459c5ee375086e1a26a2ca9e4f3d0870e1549340823bb91d867a17a2dc7c4e3
GET /gtm.js?id=GTM-5PMSX62 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 23 Apr 2024 21:10:14 GMT
expires: Tue, 23 Apr 2024 21:10:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77935
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
len6gyisnhmb.com/an/band/t4k.json?
3.125.159.65200 OK 86 B URL POST HTTP/2 len6gyisnhmb.com/an/band/t4k.json?
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
Hash 6f0ab0c9d87bf6424869ee2a46ddbc3f
fcd6a7c0dedf0d043402fbdbdb887096e9b7327e
b1d9ae42d61e2c3ad4e8a1bbed9e5724b46aa8525822a716d5db77d9a1a842ca
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /an/band/t4k.json? HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 720
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:14 GMT
content-length: 86
x-frame-options: SAMEORIGIN
x-xss-protection: 1
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
access-control-expose-headers: Content-Length,Content-Type
pragma: no-cache
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
set-cookie: uid=7188645369884966912; Domain=len6gyisnhmb.com; Path=/; Expires=Fri, 05 Mar 2027 13:38:58 GMT; HttpOnly; Secure; SameSite=None
x-response-time: 5
cache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate
X-Firefox-Spdy: h2
len6gyisnhmb.com/an/band/t4k.json?
3.125.159.65200 OK 86 B URL POST HTTP/2 len6gyisnhmb.com/an/band/t4k.json?
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
Hash 6d41f9e8971cf087accd01cce3b27e5c
1ce7b6f8d78cbb0a3bb639e867d1050b1ec0543a
739e82901ccce87e591a63423b7519356fc75b8a0c5b3170ad02e4ac469e17d5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /an/band/t4k.json? HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 807
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:14 GMT
content-length: 86
x-frame-options: SAMEORIGIN
x-xss-protection: 1
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
access-control-expose-headers: Content-Length,Content-Type
pragma: no-cache
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
set-cookie: uid=7188645369884966912; Domain=len6gyisnhmb.com; Path=/; Expires=Fri, 05 Mar 2027 13:38:58 GMT; HttpOnly; Secure; SameSite=None
x-response-time: 4
cache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-9Q6VE8VYRH&l=dataLayer&cx=c
142.250.74.168200 OK 100 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-9Q6VE8VYRH&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File type JavaScript source, ASCII text, with very long lines (4179)
Hash e0269e854e04a35b975e8ba550542814
7414ad73d8f8c424c5893b1797a8da99e32d1811
c475ff6cb7bc61ab279161c5cc9ff98398218459aea6cf4ef9aaecb0dc4ee22e
GET /gtag/js?id=G-9Q6VE8VYRH&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 23 Apr 2024 21:10:15 GMT
expires: Tue, 23 Apr 2024 21:10:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 99688
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
track.abdsp.com/pixel?auth=d799av&event=visit&uid=undefined&affId=126916&site=len6gyisnhmb.com&ln=en-US
88.214.206.91200 OK 0 B URL GET HTTP/1.1 track.abdsp.com/pixel?auth=d799av&event=visit&uid=undefined&affId=126916&site=len6gyisnhmb.com&ln=en-US
IP 88.214.206.91:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoDaddy.com, Inc.
Subject*.abdsp.com
Fingerprint0C:DE:3C:92:C6:65:66:CA:5D:03:50:3E:BE:8F:01:A8:05:90:F5:05
ValidityMon, 28 Aug 2023 18:49:45 GMT - Sat, 28 Sep 2024 18:49:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?auth=d799av&event=visit&uid=undefined&affId=126916&site=len6gyisnhmb.com&ln=en-US HTTP/1.1
Host: track.abdsp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 23 Apr 2024 21:10:15 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin: *
gba.lnabew.com/api/features/sdk-37XKiQozDmPb1Eb3
142.132.154.151200 OK 1.8 kB URL GET HTTP/2 gba.lnabew.com/api/features/sdk-37XKiQozDmPb1Eb3
IP 142.132.154.151:443
ASN #24940 Hetzner Online GmbH
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectgba.lnabew.com
FingerprintE1:B4:D9:65:5D:E7:6B:CD:F7:67:CE:41:D3:D7:29:0A:EE:B1:DA:EB
ValidityWed, 06 Mar 2024 11:29:12 GMT - Tue, 04 Jun 2024 11:29:11 GMT
Hash c2c5f515d84b49312ff8fcadbddf1a72
3a1234b0343ec452c21fd3f340bad8e78589e38d
be3ec35bd09d21287155fb479381811794b4e1e8359271e72329a9492150a923
GET /api/features/sdk-37XKiQozDmPb1Eb3 HTTP/1.1
Host: gba.lnabew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: x-sse-support
alt-svc: h3=":443"; ma=2592000
cache-control: no-store
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 23 Apr 2024 21:10:15 GMT
etag: W/"185b-OhI0sDQ+xFLCH9PzQLrY54WJ440"
expires: 0
pragma: no-cache
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-powered-by: Express
x-sse-support: enabled
content-length: 1750
X-Firefox-Spdy: h2
len6gyisnhmb.com/favicon.ico
3.125.159.65200 OK 2.2 kB URL GET HTTP/2 len6gyisnhmb.com/favicon.ico
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type gzip compressed data, from Unix
Hash 7253997cb0e1055cf92217de85446663
6b8e063b97612a0c7d33f8b6a66ec08a2b9669d5
50cb1cb54c014bb28133c3e9ccfeb0567bc738660dcbe3b3bae83371575e2739
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906615.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:15 GMT
content-type: image/x-icon
last-modified: Mon, 22 Apr 2024 11:19:30 GMT
vary: Accept-Encoding
etag: W/"662647c2-1536"
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/1910.97dce531.chunk.js
172.67.172.109200 OK 329 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/1910.97dce531.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (65459)
Size 329 kB (329167 bytes)
Hash 09dc5034f56c712f5eae147755967029
f8afda87bd80760e61f438cd26ec239317fed2bd
10f4b81fcf08663df200ff6b1b9aa7928841df4e7db6f98e8305e049eeebcc92
GET /spa-static/1.4.1453/static/js/1910.97dce531.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:14 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1122de"
expires: Tue, 23 Apr 2024 23:44:42 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 5132
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDj9HoD1NiQq1vjAjVol42tqSg%2FHJGfW8ZkbtZ7LLveKr2l8MEamL8jq6nKL41ukHLUYReA4X5qrldFgYzkcw5jRpe%2Bv7UOEXq6wA91EW967vm8%2F9ndoP8b%2BBKCkhRi89HAL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6d74bc356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mostauthor.com/multiauth/test_cookie_set?testcookie=v9r1kstiudf9h904via87
185.26.99.196200 OK 0 B URL GET HTTP/2 mostauthor.com/multiauth/test_cookie_set?testcookie=v9r1kstiudf9h904via87
IP 185.26.99.196:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostauthor.com
Fingerprint07:D4:3A:B9:45:C0:FE:05:F4:6C:4F:1E:98:58:68:64:B2:84:63:25
ValiditySat, 13 Apr 2024 10:46:22 GMT - Fri, 12 Jul 2024 10:46:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /multiauth/test_cookie_set?testcookie=v9r1kstiudf9h904via87 HTTP/1.1
Host: mostauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-methods: GET
access-control-allow-headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
access-control-max-age: 600
content-length: 0
allow: GET,HEAD
date: Tue, 23 Apr 2024 21:10:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
mostauthor.com/multiauth/test_cookie_set?testcookie=l3w1la4dw0he0v0porks5
185.26.99.196200 OK 0 B URL GET HTTP/2 mostauthor.com/multiauth/test_cookie_set?testcookie=l3w1la4dw0he0v0porks5
IP 185.26.99.196:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostauthor.com
Fingerprint07:D4:3A:B9:45:C0:FE:05:F4:6C:4F:1E:98:58:68:64:B2:84:63:25
ValiditySat, 13 Apr 2024 10:46:22 GMT - Fri, 12 Jul 2024 10:46:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /multiauth/test_cookie_set?testcookie=l3w1la4dw0he0v0porks5 HTTP/1.1
Host: mostauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-methods: GET
access-control-allow-headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
access-control-max-age: 600
content-length: 0
allow: GET,HEAD
date: Tue, 23 Apr 2024 21:10:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
mostauthor.com/multiauth/test_cookie_set?testcookie=v9r1kstiudf9h904via87
185.26.99.196200 OK 10 B URL GET HTTP/2 mostauthor.com/multiauth/test_cookie_set?testcookie=v9r1kstiudf9h904via87
IP 185.26.99.196:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostauthor.com
Fingerprint07:D4:3A:B9:45:C0:FE:05:F4:6C:4F:1E:98:58:68:64:B2:84:63:25
ValiditySat, 13 Apr 2024 10:46:22 GMT - Fri, 12 Jul 2024 10:46:21 GMT
Hash f7f86d583c92292a7025fc1f25657a1f
92659f2f702a5b18d44a58055c6cd77173630ae2
3b9de8f3bb4d65ebe964703b38c9ce2f3b40a58b33484e6eed8f92bbd5f10a4f
GET /multiauth/test_cookie_set?testcookie=v9r1kstiudf9h904via87 HTTP/1.1
Host: mostauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
X-Multiauth-Version: authy
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 10
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
vary: origin, access-control-request-method, access-control-request-headers
set-cookie: test_cooke_v9r1kstiudf9h904via87=1; SameSite=None; Secure; Max-Age=3600
date: Tue, 23 Apr 2024 21:10:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
mostauthor.com/multiauth/test_cookie_set?testcookie=l3w1la4dw0he0v0porks5
185.26.99.196200 OK 10 B URL GET HTTP/2 mostauthor.com/multiauth/test_cookie_set?testcookie=l3w1la4dw0he0v0porks5
IP 185.26.99.196:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostauthor.com
Fingerprint07:D4:3A:B9:45:C0:FE:05:F4:6C:4F:1E:98:58:68:64:B2:84:63:25
ValiditySat, 13 Apr 2024 10:46:22 GMT - Fri, 12 Jul 2024 10:46:21 GMT
Hash f7f86d583c92292a7025fc1f25657a1f
92659f2f702a5b18d44a58055c6cd77173630ae2
3b9de8f3bb4d65ebe964703b38c9ce2f3b40a58b33484e6eed8f92bbd5f10a4f
GET /multiauth/test_cookie_set?testcookie=l3w1la4dw0he0v0porks5 HTTP/1.1
Host: mostauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
X-Multiauth-Version: authy
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 10
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
vary: origin, access-control-request-method, access-control-request-headers
set-cookie: test_cooke_l3w1la4dw0he0v0porks5=1; SameSite=None; Secure; Max-Age=3600
date: Tue, 23 Apr 2024 21:10:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
mostauthor.com/multiauth/test_cookie_get?testcookie=v9r1kstiudf9h904via87
185.26.99.196200 OK 0 B URL OPTIONS HTTP/2 mostauthor.com/multiauth/test_cookie_get?testcookie=v9r1kstiudf9h904via87
IP 185.26.99.196:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostauthor.com
Fingerprint07:D4:3A:B9:45:C0:FE:05:F4:6C:4F:1E:98:58:68:64:B2:84:63:25
ValiditySat, 13 Apr 2024 10:46:22 GMT - Fri, 12 Jul 2024 10:46:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /multiauth/test_cookie_get?testcookie=v9r1kstiudf9h904via87 HTTP/1.1
Host: mostauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-methods: GET
access-control-allow-headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
access-control-max-age: 600
content-length: 0
allow: GET,HEAD
date: Tue, 23 Apr 2024 21:10:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
mostauthor.com/multiauth/test_cookie_get?testcookie=v9r1kstiudf9h904via87
185.26.99.196200 OK 21 B URL OPTIONS HTTP/2 mostauthor.com/multiauth/test_cookie_get?testcookie=v9r1kstiudf9h904via87
IP 185.26.99.196:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostauthor.com
Fingerprint07:D4:3A:B9:45:C0:FE:05:F4:6C:4F:1E:98:58:68:64:B2:84:63:25
ValiditySat, 13 Apr 2024 10:46:22 GMT - Fri, 12 Jul 2024 10:46:21 GMT
Hash e5b21ef9d336c6fe5ab6050fb9ab9d1f
3ce3fe564d8af003fe58f2d082571e7cba1a217c
0fb430e2fdf26d7e3ee13660211ba451888eb9d8a6c1de1731a8fd1121418823
GET /multiauth/test_cookie_get?testcookie=v9r1kstiudf9h904via87 HTTP/1.1
Host: mostauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
X-Multiauth-Version: authy
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Cookie: test_cooke_v9r1kstiudf9h904via87=1; test_cooke_l3w1la4dw0he0v0porks5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 21
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
vary: origin, access-control-request-method, access-control-request-headers
date: Tue, 23 Apr 2024 21:10:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
mostauthor.com/multiauth/test_cookie_get?testcookie=l3w1la4dw0he0v0porks5
185.26.99.196200 OK 0 B URL OPTIONS HTTP/2 mostauthor.com/multiauth/test_cookie_get?testcookie=l3w1la4dw0he0v0porks5
IP 185.26.99.196:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostauthor.com
Fingerprint07:D4:3A:B9:45:C0:FE:05:F4:6C:4F:1E:98:58:68:64:B2:84:63:25
ValiditySat, 13 Apr 2024 10:46:22 GMT - Fri, 12 Jul 2024 10:46:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /multiauth/test_cookie_get?testcookie=l3w1la4dw0he0v0porks5 HTTP/1.1
Host: mostauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-methods: GET
access-control-allow-headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
access-control-max-age: 600
content-length: 0
allow: GET,HEAD
date: Tue, 23 Apr 2024 21:10:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
mostauthor.com/multiauth/test_cookie_get?testcookie=l3w1la4dw0he0v0porks5
185.26.99.196200 OK 21 B URL OPTIONS HTTP/2 mostauthor.com/multiauth/test_cookie_get?testcookie=l3w1la4dw0he0v0porks5
IP 185.26.99.196:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostauthor.com
Fingerprint07:D4:3A:B9:45:C0:FE:05:F4:6C:4F:1E:98:58:68:64:B2:84:63:25
ValiditySat, 13 Apr 2024 10:46:22 GMT - Fri, 12 Jul 2024 10:46:21 GMT
Hash e5b21ef9d336c6fe5ab6050fb9ab9d1f
3ce3fe564d8af003fe58f2d082571e7cba1a217c
0fb430e2fdf26d7e3ee13660211ba451888eb9d8a6c1de1731a8fd1121418823
GET /multiauth/test_cookie_get?testcookie=l3w1la4dw0he0v0porks5 HTTP/1.1
Host: mostauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
X-Multiauth-Version: authy
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Cookie: test_cooke_v9r1kstiudf9h904via87=1; test_cooke_l3w1la4dw0he0v0porks5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 21
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
vary: origin, access-control-request-method, access-control-request-headers
date: Tue, 23 Apr 2024 21:10:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
mostauthor.com/multiauth/ping
185.26.99.196200 OK 0 B URL OPTIONS HTTP/2 mostauthor.com/multiauth/ping
IP 185.26.99.196:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostauthor.com
Fingerprint07:D4:3A:B9:45:C0:FE:05:F4:6C:4F:1E:98:58:68:64:B2:84:63:25
ValiditySat, 13 Apr 2024 10:46:22 GMT - Fri, 12 Jul 2024 10:46:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /multiauth/ping HTTP/1.1
Host: mostauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-methods: GET
access-control-allow-headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
access-control-max-age: 600
content-length: 0
allow: GET,HEAD
date: Tue, 23 Apr 2024 21:10:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
rstat.rockmostbet.com/lib.js
162.55.5.93200 OK 237 kB URL GET HTTP/2 rstat.rockmostbet.com/lib.js
IP 162.55.5.93:443
ASN #24940 Hetzner Online GmbH
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectrstat.rockmostbet.com
FingerprintE6:73:BE:80:71:82:78:1C:16:B0:7C:C9:F7:36:67:FF:8B:C8:B0:A9
ValidityWed, 27 Mar 2024 11:01:39 GMT - Tue, 25 Jun 2024 11:01:38 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (29927), with LF, NEL line terminators
Size 237 kB (236698 bytes)
Hash 48273a7de383fdd018d7a9af9b494807
c1bf1e6413bd647efc6d33e7126b7f155429a6de
bc88de7a8de8e3126ed7f3d65a6984901d28c439edef1ce7761deb4b55700ac9
GET /lib.js HTTP/1.1
Host: rstat.rockmostbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://len6gyisnhmb.com
access-control-expose-headers: Content-Length,Content-Type
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
date: Tue, 23 Apr 2024 21:10:33 GMT
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
pragma: no-cache
server: Caddy
set-cookie: uid=7188645446904971264; Domain=.rockmostbet.com; Path=/; Expires=Sun, 24 Jan 2027 23:19:31 GMT; HttpOnly
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 0
x-xss-protection: 1
content-length: 236698
X-Firefox-Spdy: h2
mostauthor.com/multiauth/ping
185.26.99.196200 OK 126 B URL OPTIONS HTTP/2 mostauthor.com/multiauth/ping
IP 185.26.99.196:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostauthor.com
Fingerprint07:D4:3A:B9:45:C0:FE:05:F4:6C:4F:1E:98:58:68:64:B2:84:63:25
ValiditySat, 13 Apr 2024 10:46:22 GMT - Fri, 12 Jul 2024 10:46:21 GMT
Hash 737697d239a040bb5e3ad17548ba2e75
ea83e13836e82a6afd8d877b97ce885b2668c288
3924c305d2bf14c93404f904cf9398ff87ff246717dc8830a5b26f4226f33bc7
GET /multiauth/ping HTTP/1.1
Host: mostauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
X-Multiauth-Version: authy
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Cookie: test_cooke_v9r1kstiudf9h904via87=1; test_cooke_l3w1la4dw0he0v0porks5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 401 Unauthorized
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
content-encoding: br
date: Tue, 23 Apr 2024 21:10:15 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/9841.b9d1be56.chunk.js
172.67.172.109200 OK 273 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/9841.b9d1be56.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (65459)
Size 273 kB (273027 bytes)
Hash 6c060fc68917f6c5d204afffa70c36b3
7c3e5e721693f7f247c63c88905fc8cd984f254b
8aecd4aee03088c58a6af8462b2d4f0329055b790a9a6e6190a6c604874bf08c
GET /spa-static/1.4.1453/static/js/9841.b9d1be56.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-53662"
expires: Tue, 23 Apr 2024 23:44:48 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 5128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvBBKeDxSLnYxRDHGkJUBnjkdTzVLh1150OI1NqtBlsPCkhzm4FzhVO%2FwMgJt0B%2FuXf0q9Tj%2FxIA6H0AhC0ChHbqK8YaxuVmN55hjUN8yFBtZllSat6SdGnBwvIQGOD5Cno%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6df7b2956af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
142.250.74.164200 OK 1.1 kB URL GET HTTP/2 www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
IP 142.250.74.164:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73
ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
Hash 9fa69dd6558a90d463a3d22188c53c85
42194f065064412911bd35c42cda58bb97329aa9
7fa28bf6fa9479fa8e4fdc39a5b618e6b113902fe33b0d73cd6eec518b1d424f
GET /recaptcha/api.js?onload=onloadcallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 23 Apr 2024 21:10:16 GMT
date: Tue, 23 Apr 2024 21:10:16 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
len6gyisnhmb.com/an/lib.js
3.125.159.65200 OK 188 kB URL GET HTTP/2 len6gyisnhmb.com/an/lib.js
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type gzip compressed data, from Unix
Size 188 kB (188245 bytes)
Hash de897197c746b712f4a7ed386f1fb8f4
389bda962655879d8ee3515b7b338c719dbf3c51
13830f3a675f3dca5ccfe2ff07018d5ee798b61f0eea14a9cc805de44370a741
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /an/lib.js HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:14 GMT
content-type: text/javascript
x-frame-options: SAMEORIGIN
x-xss-protection: 1
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
access-control-expose-headers: Content-Length,Content-Type
pragma: no-cache
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
set-cookie: uid=7188645369884966912; Domain=len6gyisnhmb.com; Path=/; Expires=Fri, 05 Mar 2027 13:38:58 GMT; HttpOnly; Secure; SameSite=None
x-response-time: 0
cache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/5747.c917a4cc.chunk.js
172.67.172.109200 OK 11 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/5747.c917a4cc.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (30325), with no line terminators
Hash d748d5bdc193189a894d47f9d3eac5f6
7ed2db8eb9488a959e1daa6bb629b488d06d8fce
d5d894c97f86143708d85d5b84866c2f8aa089e025cd2aeb8668776879c7a542
GET /spa-static/1.4.1453/static/js/5747.c917a4cc.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-7675"
expires: Tue, 23 Apr 2024 23:48:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAxm%2FrGbAtxlgclO7p%2FyoKXp%2B91%2Fbr0qILlEXpolSnCS7Uym97EuoH682OKsxUHys1MCilZ5mjoKjgBi5Z4iinw7HsqcAnFvH6F5C0De5IpsuiU9cNISx%2F7dUde%2FdptziRfE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e1bd7d56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/logo
3.125.159.65200 OK 19 kB URL GET HTTP/2 len6gyisnhmb.com/api/v1/logo
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type gzip compressed data, from Unix
Hash f3570ec74bc430e5c762393dcc59ea62
8e07c37ec38484e3ca065f9d90035ee2ca52e727
f91e9c78fcf975619e8fe84b3ffd3ddbd8daabdc10927eb97988ba7b86775dd4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/logo HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
sentry-trace: d2414d3176d9425a9c0db1501fa538d2-a50a24bf3ac703bb-0
baggage: sentry-environment=production,sentry-release=23cb614f47bbc2f7b6eb478dcdfdec2f50952808,sentry-public_key=4a626086556647d191e62e9bef5eb347,sentry-trace_id=d2414d3176d9425a9c0db1501fa538d2,sentry-sample_rate=0.1
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906616.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
etag: W/"700b79acaa2b8e3e49d50986dbaee065"
x-request-id: 631c9e670a85e67a08d4287558c67e8a
vary: Accept-Encoding, Accept-Language
expires: Tue, 23 Apr 2024 21:10:16 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/css/2774.9c25f683.chunk.css
172.67.172.109200 OK 66 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/2774.9c25f683.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 29174c50f9fe4f03618e8d9bac8d5cb4
39fa4fe42273c2418cc2a10c9e5f3f2cde949b06
74aedabbf071f4d6da918941ca030c91497aaa0393cc635f988cb0b16703c620
GET /spa-static/1.4.1453/static/css/2774.9c25f683.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-37009"
expires: Tue, 23 Apr 2024 23:44:48 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 5128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FR6CAdQyOdd3%2BVdSC%2FAK0A67F6ewBKkoInpeqa0zBhXoPRRuCw%2F8STK7p%2BR89mbsiAVV4UELCmwjCmci%2F6FTWRayzNZwPTKt%2BA8zUqk5cvoXm0VNki85FhXw0qy23tjm2464"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6df7b2f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/9980.b7ca328c.chunk.js
172.67.172.109200 OK 26 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/9980.b7ca328c.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 4b54da7ae583b72d67493013f54afa53
1af010a063dd3f1435b929f0bbcd7efe3228957b
4f54160505367f8db8269ae1dacdd5c0de3d07f4e92f14b4c49409aa3e5e93a3
GET /spa-static/1.4.1453/static/js/9980.b7ca328c.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-14fbc"
expires: Tue, 23 Apr 2024 23:48:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f53YdgXOneyHKnDL87Wach%2FQq86ATYHD5S7WLMVSsi1ZCigXnxZUD%2B5SVvLUuse3J1w9VhSL5mKri319M9WGfK8mn7xNYj8D1FCqw%2Fc0bLK4qjYKvB1d5Bw0HwdjtWkztwTg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e1ad7656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/9980.f95b1d27.chunk.css
172.67.172.109200 OK 21 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/9980.f95b1d27.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type Unicode text, UTF-8 text, with very long lines (51024), with no line terminators
Hash d3490d7ba420d8b9e7563d697f4969a6
c61a8b87a548d5f3219358c67187990fc511f9a0
fc8c00d0a2ca5e2353c48bfd97f91a23ac9fb0fa90f7a2d95c264defd7e914e6
GET /spa-static/1.4.1453/static/css/9980.f95b1d27.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-c756"
expires: Tue, 23 Apr 2024 23:48:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qn976%2FSBWGRM7qouKQbNzn79aiDBiLe8iw0GX2oskr5d%2BKkPBI2Psf84cDa1dnQrQ8rl3gpPVdpczBL2nfX7JS16sFEbEa060rWHD0ebaXIEVc65YcPuOHErW6W%2FWomhMBho"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e1ad7556af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
rstat.rockmostbet.com/band/t4k.json?
162.55.5.93200 OK 86 B URL POST HTTP/2 rstat.rockmostbet.com/band/t4k.json?
IP 162.55.5.93:443
ASN #24940 Hetzner Online GmbH
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectrstat.rockmostbet.com
FingerprintE6:73:BE:80:71:82:78:1C:16:B0:7C:C9:F7:36:67:FF:8B:C8:B0:A9
ValidityWed, 27 Mar 2024 11:01:39 GMT - Tue, 25 Jun 2024 11:01:38 GMT
Hash 98cf600e1faec7a97d37017caa9048cc
205543e317a4c6465709910da0a0a6e20a82e9a2
feb8d092aea0d823201e83dec6f755a726ff3af78e8b682187436ce13a29d1a1
POST /band/t4k.json? HTTP/1.1
Host: rstat.rockmostbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 710
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://len6gyisnhmb.com
access-control-expose-headers: Content-Length,Content-Type
cache-control: no-cache, no-store, must-revalidate
date: Tue, 23 Apr 2024 21:10:34 GMT
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
pragma: no-cache
server: Caddy
set-cookie: uid=7188645446904971264; Domain=.rockmostbet.com; Path=/; Expires=Sun, 24 Jan 2027 23:19:31 GMT; HttpOnly
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 57
x-xss-protection: 1
content-type: text/plain; charset=utf-8
content-length: 86
X-Firefox-Spdy: h2
len6gyisnhmb.com/api/v1/tagged-translations/get?locale=ru&tags[]=spa_translations
3.125.159.65200 OK 228 kB URL GET HTTP/2 len6gyisnhmb.com/api/v1/tagged-translations/get?locale=ru&tags[]=spa_translations
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type gzip compressed data, from Unix
Size 228 kB (228027 bytes)
Hash ff1c65cf0c1f94b96d2436b6f9cecfb6
9038df445c8baac2d301eae1585066ce10cfa18f
80b3bd0a1464336d5ec83fad5d7856d8d626f494f7f0b66286d09e6181f76262
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/tagged-translations/get?locale=ru&tags[]=spa_translations HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
DNT: 1
Connection: keep-alive
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906615.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:15 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
etag: W/"7b39b50060f54ba2eb74480cfa8ae23b"
x-request-id: 76f241e29c83ceb2f412d4535858b4c5
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:16 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
rstat.rockmostbet.com/band/t4k.json?
162.55.5.93200 OK 86 B URL POST HTTP/2 rstat.rockmostbet.com/band/t4k.json?
IP 162.55.5.93:443
ASN #24940 Hetzner Online GmbH
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectrstat.rockmostbet.com
FingerprintE6:73:BE:80:71:82:78:1C:16:B0:7C:C9:F7:36:67:FF:8B:C8:B0:A9
ValidityWed, 27 Mar 2024 11:01:39 GMT - Tue, 25 Jun 2024 11:01:38 GMT
Hash 1e67661b3c5f42e6ec4cae9073a73c88
55d08d78f82b93f2b66fe3470d8b1732f560244e
42e6dd9b1d3333041ce1c66cd43bc058547dcc18f248153e1bdf9e7cdf5fbb25
POST /band/t4k.json? HTTP/1.1
Host: rstat.rockmostbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 614
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://len6gyisnhmb.com
access-control-expose-headers: Content-Length,Content-Type
cache-control: no-cache, no-store, must-revalidate
date: Tue, 23 Apr 2024 21:10:34 GMT
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
pragma: no-cache
server: Caddy
set-cookie: uid=7188645446904971264; Domain=.rockmostbet.com; Path=/; Expires=Sun, 24 Jan 2027 23:19:31 GMT; HttpOnly
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 59
x-xss-protection: 1
content-type: text/plain; charset=utf-8
content-length: 86
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/in.e626d1bb4e16e732e1dd.svg
172.67.172.109200 OK 171 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/in.e626d1bb4e16e732e1dd.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Size 171 kB (170740 bytes)
Hash 209ae8e9585774eb4fe32c001f7c63cc
8227e6a26db90382b3b07a416a49d995b35f994e
dd68b8ac425f8b0e1a479337e4fb6e8c647241f5042e63ba4cd9853e5e3b661b
GET /spa-static/1.4.1453/static/media/in.e626d1bb4e16e732e1dd.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-440"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NqMELrN%2FxRHI5d7yVRfFkqjIeEsbrKSe%2FX3if8YFuC01G2YvTFRJvNbewu1wsmxBuNpfPxQuiprB8EEiiJwocyz2eDU7luaVpK%2F7m8pnPl3BBdfD7dvTa%2FfyVo%2BNYX%2B09JLf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e45fbc56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/749.a6f14f8b.chunk.js
172.67.172.109200 OK 7.0 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/749.a6f14f8b.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (20648), with no line terminators
Hash bca459569f900842957e2d313203f823
be8ebe00fefca0f607536ea5693108b44a1ec5b4
6593e6671804b44178c60b1c6098f54bfc241d573d9a5ffdf5891f5581c2f397
GET /spa-static/1.4.1453/static/js/749.a6f14f8b.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-50a8"
expires: Tue, 23 Apr 2024 22:57:35 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 7961
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DO5EZ81fzu26eTK56YvELEcKmPAylxWhEYLFwXkulHdFRavqxWfFX%2BElhKabpDNuG6sy9yl1Dk%2FX49j6IPBRltbmQ%2FZtO0d2gThlq%2BfGNhKbG3dnO%2BPTOrT2xPhdpD6qDXlf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e1bd8456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/footer_links
3.125.159.65200 OK 201 B URL GET HTTP/2 len6gyisnhmb.com/api/v1/footer_links
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type gzip compressed data, from Unix
Hash 4e5aaa713e3b177fd5cc77c0cbb70326
313a1cf034bf1dd680971f8db395efd62dbc8dac
a72f470e9fc196bea756a96d1e2bf8b5140f6b68f442a0a4634a75ba85398784
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/footer_links HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906616.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: 6c8915df362068f78012b97b7373cbdb
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:16 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
len6gyisnhmb.com/an/band/t4k.json?
3.125.159.65200 OK 86 B URL POST HTTP/2 len6gyisnhmb.com/an/band/t4k.json?
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
Hash 9d21741cc602b9defcb0f4811916e777
d611fd9d1f7d9e260b50297bc128934bb2ff06b1
a6eff7ce4ce7108ed735a81cdb47d498ef5e1731e5919ef9a7afb02c5a67eab9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /an/band/t4k.json? HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1286
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-length: 86
x-frame-options: SAMEORIGIN
x-xss-protection: 1
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
access-control-expose-headers: Content-Length,Content-Type
pragma: no-cache
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
set-cookie: uid=7188645369884966912; Domain=len6gyisnhmb.com; Path=/; Expires=Fri, 05 Mar 2027 13:38:58 GMT; HttpOnly; Secure; SameSite=None
x-response-time: 1
cache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/436.98648afd.chunk.js
172.67.172.109200 OK 6.4 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/436.98648afd.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (5175), with no line terminators
Hash aabc13e858d4696f8f47596e6a641087
164fd68a430cff0b03f6f47a704502423e82d56e
8711be86f67e4b61f5c87cefb14ff23f7dd26b464d4a94731fa9cf4e4ba4cea4
GET /spa-static/1.4.1453/static/js/436.98648afd.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1437"
expires: Wed, 24 Apr 2024 00:17:45 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3151
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y7S0a6dRs0moH9egBVQL0R04HQiWClQsCvd2tW01Of6nmGolyra1gdZdL9kckED765f7CY2MMN5nmvWMTNtAlMWRiaRUegP%2BiP4bLZXMh%2BYyzYDsqF6M%2F4TPDRXZyo8%2F10Yo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e32eb656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/vn.25540177a9e64be64b71.svg
172.67.172.109200 OK 18 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/vn.25540177a9e64be64b71.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash a0081482192375c70656860e843b3c8d
24e774309e19b9ad9a3d6727d1f49f4fb82b723e
42db427a67708ab79be29119530cedf2108f7a4bcebfdf754a1d8faeedfadb77
GET /spa-static/1.4.1453/static/media/vn.25540177a9e64be64b71.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1f2"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2erO0zyeCEM6tWu98pqL7VdE9wdCpUxIPlUoouqarV15Lvqe5ouBpzH5IWxW4AHzoVBYEpPF6SeIqsdSh7AisSq%2BP3UninIQ%2BSXFYERxSxGHs4rm2No1XNTM8MiSzEXv06yn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5086956af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/upload/images/payment_logo_image/RU/MasterCard_Logo.svg.png
3.125.159.65200 OK 79 kB URL GET HTTP/2 len6gyisnhmb.com/upload/images/payment_logo_image/RU/MasterCard_Logo.svg.png
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type PNG image data, 1200 x 720, 8-bit/color RGBA, non-interlaced
Hash add110018a550bb3c5e21270a21c18e5
66a968d12638c29cfb83ca0f8ad9853b05a0424b
fdc9c897634962f8aa2f73198e33607b546f4b2e27a0aaeed3fb5093aa4e3d20
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/images/payment_logo_image/RU/MasterCard_Logo.svg.png HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/png
content-length: 78748
etag: "add110018a550bb3c5e21270a21c18e5"
last-modified: Tue, 13 Feb 2024 08:39:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17C8DF17563C0B1B
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 21:10:17 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/search.628993403998d6163ff4.svg
172.67.172.109200 OK 68 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/search.628993403998d6163ff4.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 4bb357fe4e98d5951141caa0289afdee
fc500f01c5fac623457321a015ded0af8c1ac133
ea382edc29e1da6e3deb63d616ab190898cfe1eacd53c6ad0e878f3b9a0f24f7
GET /spa-static/1.4.1453/static/media/search.628993403998d6163ff4.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-107"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FldoJ9v6F2KXOHnhKuNDWWnai5Dzz2s5bO%2BQtJFDGK%2BcVlVKHzdTEqdo6gEp9qXVrP61n3QgScJWj1EbYzlaFS1C1fB96LUfSaPi3PPgFNyGw84Ev5HoikN9uExmBbCp2x7c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e85bde56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/universal_banner/MAIN_SLIDER/A04-05.24_Cashback_Tinkoff_Sbarbank_RU/A04-05.24_ONE_HUNDRED_PERCENT1_RU.webp
172.67.172.109200 OK 93 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/universal_banner/MAIN_SLIDER/A04-05.24_Cashback_Tinkoff_Sbarbank_RU/A04-05.24_ONE_HUNDRED_PERCENT1_RU.webp
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type RIFF (little-endian) data, Web/P image
Hash 04a2d679bdd31bdcd9d2e3dc9e82ebe9
f9b8a8c5459b3e3821b0149af5e32184c4cf796d
e54338cd777d398717e208ff7637205fcd1ab415ed3c6cc6f32e0cf8b2fc9673
GET /upload/images/universal_banner/MAIN_SLIDER/A04-05.24_Cashback_Tinkoff_Sbarbank_RU/A04-05.24_ONE_HUNDRED_PERCENT1_RU.webp HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/webp
content-length: 92564
etag: "04a2d679bdd31bdcd9d2e3dc9e82ebe9"
last-modified: Fri, 12 Apr 2024 09:51:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: d9f9c3a4ae1ee6a8dbb2d3b306070026e56ac66c25360192e0f990b84c8e2bf2
x-amz-request-id: 17C5809034672D7D
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 517
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2NN%2Bs2i4VA7kcBvfvwShhL8YxGDczoZ2Uxf9wmo5bIfa2qGv1hR5HkKQ6vBU9mFBKPHGSPHEGoBXn3nIoZsG5ZOsrrSuqbF7ZM797A2diD%2FYQ4f%2Fa3OyRrSwd0AtU7uRKYupOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e9ed5a56af-OSL
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/universal_banner/MAIN_SLIDER/Promo_Risk-Free_Bet/RU_Risk-free_bet.webp
172.67.172.109200 OK 79 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/universal_banner/MAIN_SLIDER/Promo_Risk-Free_Bet/RU_Risk-free_bet.webp
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type RIFF (little-endian) data, Web/P image
Hash 751a82bb6076550c186886d4ff14a7c2
592eb57c20f869ac3db746d80bd05a90ff13079f
515a49ccb31da476a15c960d80702d280e2a5efcd0acd208bbf788a7f9f4cfef
GET /upload/images/universal_banner/MAIN_SLIDER/Promo_Risk-Free_Bet/RU_Risk-free_bet.webp HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/webp
content-length: 79076
etag: "751a82bb6076550c186886d4ff14a7c2"
last-modified: Wed, 27 Mar 2024 09:58:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: d9f9c3a4ae1ee6a8dbb2d3b306070026e56ac66c25360192e0f990b84c8e2bf2
x-amz-request-id: 17C0974F72AE8F05
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 517
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KY4ytvLH2QSuZdxReDpw3WAmybNaJAfSewE6bBVhGStIk1YyWclprYnwrBZk3VrZIdc0CVN%2FXAESqEKmbn2SQXgQJ6GKy%2Bcgfo5VhpiKzhzY69PbAP58eBk%2FJ%2F3vUmGNSjE%2FZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e9ed5d56af-OSL
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/universal_banner/sobyt/S04.24Atalanta%20-%20Fiorentina/RU-1-Risk-Free-MOSTBET.webp
172.67.172.109200 OK 128 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/universal_banner/sobyt/S04.24Atalanta%20-%20Fiorentina/RU-1-Risk-Free-MOSTBET.webp
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type RIFF (little-endian) data, Web/P image
Size 128 kB (127878 bytes)
Hash 642115bbc61fa6391f2229c2bb681ee2
70b55c1951d4430b7fc132edd186268bc50d1db3
d4a6a713f1e16492270429e1b11ec888bdeab6ca2c8d2999e9dd93e3081a3c51
GET /upload/images/universal_banner/sobyt/S04.24Atalanta%20-%20Fiorentina/RU-1-Risk-Free-MOSTBET.webp HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/webp
content-length: 127878
etag: "642115bbc61fa6391f2229c2bb681ee2"
last-modified: Fri, 19 Apr 2024 11:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: a1fa336c2fd2dc07ed124b8a56fe646ff71a960ff9616c4268e18a83b1883276
x-amz-request-id: 17C8616B48750448
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 2533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=he89N8k%2BK5IttU8Oblp%2F9Pc2%2F8g46iwZgnrTvlLjxNCV78j7IRSkOxUWPdOnIxKSRAmC%2BmD0dsHnS%2F2ZU0QE1am2LMoPSdfLly8YtviSxv1BVIkLm2tP9NPg6G314FKPVhmRkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e9ed6856af-OSL
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/universal_banner/MAIN_SLIDER/BNPD/All/RU__welcome_bonus.webp
172.67.172.109200 OK 72 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/universal_banner/MAIN_SLIDER/BNPD/All/RU__welcome_bonus.webp
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type RIFF (little-endian) data, Web/P image
Hash 7f9e900bff9be636656d95e85327c417
6c5d456301f7532e474f026676ac0032fd8f84e8
bbf91bc415535461fbd2baea3ef8ea9c861f2ca7c2d16325629866cd37684cfd
GET /upload/images/universal_banner/MAIN_SLIDER/BNPD/All/RU__welcome_bonus.webp HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/webp
content-length: 72332
etag: "7f9e900bff9be636656d95e85327c417"
last-modified: Wed, 27 Mar 2024 09:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17C72DE911BB0198
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 6840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Nhq2k%2BO1NiVysvqolEyZ31yIuY03PE%2B8xN4BSlemAjh4SKDTl2UtCgaC5P30JYQuFzZWXL1YXDSKMi%2F2uB5mEP3Qkn9C1qkXE%2BSutNQnpTQ%2BlFu%2F7TuYW7JeWS%2FJHujZXzWTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ea1d9e56af-OSL
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/gr.c51a52c416ea428fe41f.svg
172.67.172.109200 OK 92 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/gr.c51a52c416ea428fe41f.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 0bed56a8b6014fe10fef1d8c24049a17
1962066d7bd840227e8a873c7d8faf4204f36219
565e017faa966d20d9a4051a1853c366bbd59ebaaced77fed32f850b8a9c5099
GET /spa-static/1.4.1453/static/media/gr.c51a52c416ea428fe41f.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-43d"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fB9iRf45Igv1AsaUK2s634c9jWbgvDuD2GmaT3%2Bp4RRM23sKVb8BZ%2BMIrRmmrQANiSqXHOAwQyNb%2Bg8BTcwOWF5ZApC%2FM6DgGLkpcdG1d4KBQrYmSKNkeMZcaF21Uswggfn7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4d83f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/universal_banner/sobyt/S04.27Juventus%20-%20Milan/RU-1-MOSTBET.webp
172.67.172.109200 OK 138 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/universal_banner/sobyt/S04.27Juventus%20-%20Milan/RU-1-MOSTBET.webp
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type RIFF (little-endian) data, Web/P image
Size 138 kB (138480 bytes)
Hash b6ca9818cf9016d8d04a6827b4e870d2
e56995544388f41e0e605cf8dbf5a4f3f4af2bd5
7b0779b29cb60f598a16aba2d4bddbbb8851e4cdaccaa6b5b8384655dedafcb8
GET /upload/images/universal_banner/sobyt/S04.27Juventus%20-%20Milan/RU-1-MOSTBET.webp HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/webp
content-length: 138480
etag: "b6ca9818cf9016d8d04a6827b4e870d2"
last-modified: Mon, 22 Apr 2024 13:55:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17C8FE2151C26077
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FJ2Q6RsbgDwNFuhUqiOb17AzKwV%2BCtcmZLIH%2BPLeIz4NClWoPodW5ulXm877COTCTBD7YoquaC5Ji6tNhhXppMMvOz3o346o%2FPYj30RKVrxnwzbg5bWeqMJb1f8v0k22jM9YjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e9ed6156af-OSL
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/universal_banner/MAIN_SLIDER/Telegram/%D0%B2%D0%B0%D1%83%D1%87%D0%B5%D1%80%D1%8B/RU-Bonus-Telegram-MOSTBET.png
172.67.172.109200 OK 306 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/universal_banner/MAIN_SLIDER/Telegram/%D0%B2%D0%B0%D1%83%D1%87%D0%B5%D1%80%D1%8B/RU-Bonus-Telegram-MOSTBET.png
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type PNG image data, 721 x 390, 8-bit/color RGBA, non-interlaced
Size 306 kB (305766 bytes)
Hash 1b56078ef954310e9723018c77a535a3
bf07cbccf00275781d516af492e7afe50f129e77
93eb51246559fa91894be84ee26dfcb0363ad6b06b6d2b15c6fc2f850008135f
GET /upload/images/universal_banner/MAIN_SLIDER/Telegram/%D0%B2%D0%B0%D1%83%D1%87%D0%B5%D1%80%D1%8B/RU-Bonus-Telegram-MOSTBET.png HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/png
content-length: 305766
etag: "1b56078ef954310e9723018c77a535a3"
last-modified: Fri, 15 Mar 2024 10:58:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding, Accept
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17C819C56E5F1001
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LXFhSH0dxJv7nXDG9FTZu6BpuD5zKTnJw%2F%2BVJrAtNkTVBSze0oyeDSEhrag3xbnXJL0dPgBylhkKjPP23WVqAQ65HudXg8oMiScQJObloiDuBlOfmJfbprrGAxkcPrGYPPQy5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e9ed5f56af-OSL
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/allsports/sports?ss=all<r=0
3.125.159.65200 OK 172 kB URL GET HTTP/2 len6gyisnhmb.com/api/v1/allsports/sports?ss=all<r=0
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type gzip compressed data, from Unix
Size 172 kB (172061 bytes)
Hash 1122d7ea055ffbba5f3e78b70e99c1e8
878f58f95d4bad79e8eceeaf3320f2da8bfa8651
1acf13ff655f9b1e751eba6d7efcbdcaa064d33c829316a59782b709458bb1d2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/allsports/sports?ss=all<r=0 HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: b17cd0b680112625177dde68700cc847
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:18 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/clock.ed0062116c2768cf4cb5.svg
172.67.172.109200 OK 178 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/clock.ed0062116c2768cf4cb5.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Size 178 kB (177453 bytes)
Hash ca32db42333fc98912f158b574b20415
fc359a5f7933c142b1198b64b8bebce27ae500bf
7f210b46035cf41f2f5dd9acb12c7194a24a61615474836879ba1a8d0499ec4b
GET /spa-static/1.4.1453/static/media/clock.ed0062116c2768cf4cb5.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-133"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ioqWikU3r2OIUZPjb36xk214nV55SaGRpOAjOEqsQC8xza7%2FeDneTWnLxgfCnmkeG9X%2BXJKYPGjHpqm0qkVZNkysVFCnkM2LFR%2FHxg1Wg7StA50Jrfm9P%2FA5m6dHUf4iFxvC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ea7de856af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/coupon.0c9776d2319ec242e279.svg
172.67.172.109200 OK 125 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/coupon.0c9776d2319ec242e279.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Size 125 kB (124611 bytes)
Hash 1e34a1086e393d7f964f49828d096188
0765688ea9b9bc4a0371cbb8b31f53713975aff0
056e5aba40bd2ca1f654b0db322563f02b15206347dc46025f09de6d5ececb8f
GET /spa-static/1.4.1453/static/media/coupon.0c9776d2319ec242e279.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-130"
expires: Tue, 23 Apr 2024 22:52:18 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRkvs5MubGtyWamhL%2BMly8%2Bay%2Fp2Nv5W8WGnHFaaMIEVQ8NHqh9nduJ9S1QiJ0b5fxlSeprJGl%2BkglADbIw10hs8XMs529C1nCHmGJ7ToV3YNRfoebCR1tnjm5GUzIOplz4L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eabe1d56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/house.443c2cc7f0bf720a41a1.svg
172.67.172.109200 OK 1.4 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/house.443c2cc7f0bf720a41a1.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 300ea553be6be7cc031ee5a7601fee1b
b2c0ea16f00cbc6c89ef46add609f5583a91af38
640b7b829f5d636a746a0356aa5ddf0cffb44f1218560a14663f9ff751bdada9
GET /spa-static/1.4.1453/static/media/house.443c2cc7f0bf720a41a1.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-16e"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DBj%2BcnHacGh%2FhguUi5C59eThY%2BMSllAhzjo8QgEWD9dfMufk6S%2BQDqkPKYcOpUgbJ7UpG37%2FvBvjMVbbdxyGeXf4g11HAv5dasQkYHdEZvXtLLY%2BUoBwkQLihL386dn0wQEM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ea7de756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
172.67.172.109200 OK 2.8 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 4215586e16d04a30e809312731510834
349d9fc34f96027346165a08fde1a378d763108d
c1caf5332041d88410f84025f8e5c34fe335060059f5b7b8da33193389af193d
GET /spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-4a4"
expires: Wed, 24 Apr 2024 00:37:50 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4tSkQJS55W4K1Iy1a1tGU1a7nDnppFlwimb49WxZqpitscvvbNOA8SxspjwtlkUOPkfgOo8YGlihBmn0ElWs1C3ye0Lhx5BX792NY%2Bveft2%2BnI%2FE%2FXpvBotPiWzhkIW0U95"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ed98a656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn-mst.com/casino/game/21225/game_df187ee9de834fbbf02cfb51904d8ccb.jpg
172.67.204.105200 OK 30 kB URL GET HTTP/2 cdn-mst.com/casino/game/21225/game_df187ee9de834fbbf02cfb51904d8ccb.jpg
IP 172.67.204.105:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectcdn-mst.com
Fingerprint4D:A1:09:0C:B8:2C:19:D1:9C:4F:9A:8F:28:BC:3E:3E:8F:AD:84:C9
ValidityTue, 16 Apr 2024 06:15:23 GMT - Mon, 15 Jul 2024 06:15:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 248x169, components 3
Hash 336e7529e2c8cdaf69e2f275c168df57
9400eb5193f8e4814a7b043e2de2b9f640f95a90
0f2d550ab9a17145bb041cee802e4fa1b11712bccaef01d918f9c69b90b56ac5
GET /casino/game/21225/game_df187ee9de834fbbf02cfb51904d8ccb.jpg HTTP/1.1
Host: cdn-mst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/jpeg
content-length: 29488
last-modified: Thu, 30 Nov 2023 05:57:41 GMT
etag: "65682455-7330"
expires: Wed, 24 Apr 2024 18:50:32 GMT
cache-control: max-age=86400
vary: Accept-Encoding
cf-cache-status: HIT
age: 8113
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xy74xGt9D8mo0asNVInH5Iq9SKG1GXlKdGgUJaPKZuz8LJ4Z9L9e5LjlLSaE%2BQDHXQkYDqFoBXABwJFQwG40HdIMrZt3v%2BSyj5Xk5%2FVuR4m8kTA16zQtttQA05OQbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ee3cfc56a2-OSL
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
172.67.172.109200 OK 104 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Size 104 kB (103885 bytes)
Hash 4215586e16d04a30e809312731510834
349d9fc34f96027346165a08fde1a378d763108d
c1caf5332041d88410f84025f8e5c34fe335060059f5b7b8da33193389af193d
GET /spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-4a4"
expires: Wed, 24 Apr 2024 00:37:50 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8gSRdOxeYfxqCbsOctRZFHhS3qzne3f%2B4xbzvNMiYn2Bd66dUWQQcwPXU0TDUh9NFFJ4po9U24rtxA2XldCE4jafTzK%2F2k7Z0fmQdNPLkw2X3JswNiEyslesdQ344u2QENIt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eda8ba56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/volleyball.svg
172.67.172.109200 OK 32 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/volleyball.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash f4028dee6c7ef23f8c2369961f68b3c5
c76c6958f5a5d49665f9e5f94fe61802666361c7
a4e1905ba76bc268e5af7aff25ed51aa63f7a78ad694b88bcfa78577e4146be4
GET /upload/images/sport%20icons/volleyball.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"f4028dee6c7ef23f8c2369961f68b3c5"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17B18D42C3A6774C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102013/ctime:1654102013/gid:33/gname:www-data/mode:33188/mtime:1654102013/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 6834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=az%2F%2BnXZJGiX%2ByWOwWvWXZByKP93WuwuNKpDecJQKM8kTOf79N2wEMfeszjChvgKUFWtOHTbmKY8fDxO8GdqM%2FrMaQNw00iUV73ba8L%2BQ0priMr31rv%2Bgm9bhdyvyMK2WXJifbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec0f4056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
172.67.172.109200 OK 30 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 4215586e16d04a30e809312731510834
349d9fc34f96027346165a08fde1a378d763108d
c1caf5332041d88410f84025f8e5c34fe335060059f5b7b8da33193389af193d
GET /spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-4a4"
expires: Wed, 24 Apr 2024 00:37:50 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nYl529LkKt4RMXqOFx7V35zc81vUOZBjKopuWuNhW8yijW7TrLhYPXo%2FDmGSSvhy%2F0NVhdVFyGEiJFbUTczUwNN8s6GkCs9JcZH7X8P43UQYzFJi4U4TEjEh8wasMyxBAkxG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eda8b556af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn-mst.com/casino/game/81246/game_705422a0d82b28326f82517cc06775ad.jpg
172.67.204.105200 OK 29 kB URL GET HTTP/2 cdn-mst.com/casino/game/81246/game_705422a0d82b28326f82517cc06775ad.jpg
IP 172.67.204.105:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectcdn-mst.com
Fingerprint4D:A1:09:0C:B8:2C:19:D1:9C:4F:9A:8F:28:BC:3E:3E:8F:AD:84:C9
ValidityTue, 16 Apr 2024 06:15:23 GMT - Mon, 15 Jul 2024 06:15:22 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 248x186, components 3
Hash 5c7521f233632c6239fffb89dc3d612a
2ff328f037c14eb50817f4bb64c22c89985062c5
9513223ee357959174caef4dfffb0212950d619991e4f8d5250115802187743d
GET /casino/game/81246/game_705422a0d82b28326f82517cc06775ad.jpg HTTP/1.1
Host: cdn-mst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/jpeg
content-length: 29306
last-modified: Tue, 23 Jan 2024 17:35:25 GMT
etag: "65aff8dd-727a"
expires: Wed, 24 Apr 2024 05:25:49 GMT
cache-control: max-age=86400
vary: Accept-Encoding
cf-cache-status: HIT
age: 56321
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yq5n1SsFMurhmKtDiDJShYN%2FsM4zJnOC%2BSsMa7upCVe1GI0z7Av6VZEaId4onZOmJwjxtt1oOjyOuijkAu2MmvnXwsQc21kYp0wfxZ%2BsMJn6f9%2BwSY2as3bDkUalLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ee4d2056a2-OSL
X-Firefox-Spdy: h2
cdn-mst.com/casino/game/81256/game_693006c37da61e01bd426093695b8807.png
172.67.204.105200 OK 28 kB URL GET HTTP/2 cdn-mst.com/casino/game/81256/game_693006c37da61e01bd426093695b8807.png
IP 172.67.204.105:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectcdn-mst.com
Fingerprint4D:A1:09:0C:B8:2C:19:D1:9C:4F:9A:8F:28:BC:3E:3E:8F:AD:84:C9
ValidityTue, 16 Apr 2024 06:15:23 GMT - Mon, 15 Jul 2024 06:15:22 GMT
File type PNG image data, 248 x 178, 8-bit colormap, non-interlaced
Hash 80fd6c0c2e996818ca72143035061891
502e43c4a5172bf4c15995ad12f02fb9e4f03603
622345fc3858b99e0a2dd32d40054edb61fe894c280f8dcc822861f1f1768ec2
GET /casino/game/81256/game_693006c37da61e01bd426093695b8807.png HTTP/1.1
Host: cdn-mst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/png
content-length: 28073
last-modified: Tue, 23 Jan 2024 17:35:25 GMT
etag: "65aff8dd-6da9"
expires: Wed, 24 Apr 2024 01:06:09 GMT
cache-control: max-age=86400
vary: Accept-Encoding
cf-cache-status: HIT
age: 72179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g9itgGXC%2BtEFfC0YszHye4X1hweplB8VfTJod8SF8UEYrq8bl0D3GJJ3COT4%2FDpZvQkvMPuu9ltX266FD9Yxnd7i5LuA75lXiEqWR1oOpAxLk2ERBK%2BOv1Ep8kT9AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ee5d2456a2-OSL
X-Firefox-Spdy: h2
cdn-mst.com/casino/game/81532/game_c01341ed8cd9581318dd71d655d362cb.jpg
172.67.204.105200 OK 10 kB URL GET HTTP/2 cdn-mst.com/casino/game/81532/game_c01341ed8cd9581318dd71d655d362cb.jpg
IP 172.67.204.105:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectcdn-mst.com
Fingerprint4D:A1:09:0C:B8:2C:19:D1:9C:4F:9A:8F:28:BC:3E:3E:8F:AD:84:C9
ValidityTue, 16 Apr 2024 06:15:23 GMT - Mon, 15 Jul 2024 06:15:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Hash 3f188a7000738a05908a691b93c2623c
3e56849a4f031d022d93fb799f2d764d151a58b6
1fcda21bc31ebc2d46dfb85f0ae53671cd25daa2a66977764522f2ad7c7defd9
GET /casino/game/81532/game_c01341ed8cd9581318dd71d655d362cb.jpg HTTP/1.1
Host: cdn-mst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/jpeg
content-length: 10172
cf-bgj: h2pri
cache-control: max-age=86400
etag: "65aff8de-27bc"
expires: Wed, 24 Apr 2024 10:32:52 GMT
last-modified: Tue, 23 Jan 2024 17:35:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 37181
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Aj3rnKeqPruGGmr4Ttc2cGFMHz3PmfB4dWgUvyPejUr7%2B7Chn%2F2psP5lCMjx%2BNYg6oThxD88lDJ9TbAsZXeHakr8booxNj6xCReISrgYd4kut%2Fjt0BeAtRz8bvVpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ee7d3e56a2-OSL
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
172.67.172.109200 OK 98 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 4215586e16d04a30e809312731510834
349d9fc34f96027346165a08fde1a378d763108d
c1caf5332041d88410f84025f8e5c34fe335060059f5b7b8da33193389af193d
GET /spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-4a4"
expires: Wed, 24 Apr 2024 00:37:50 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w24OlR3iQ3v6dmH32LZO4aOyDEBHXe6NL9cd6PlVjLINarKMJtC%2FgnllcEhlebC990YruKI%2BNhV8yQzd%2F1SPH5PDw74BGl6rjbdCcqWS6PVSxomZTQ0eRzXjNTIkkaxXuLs0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eda8bc56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
172.67.172.109200 OK 118 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Size 118 kB (117461 bytes)
Hash 4215586e16d04a30e809312731510834
349d9fc34f96027346165a08fde1a378d763108d
c1caf5332041d88410f84025f8e5c34fe335060059f5b7b8da33193389af193d
GET /spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-4a4"
expires: Wed, 24 Apr 2024 00:37:50 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYBskJXF83m9mXXAPx3HVNsNLUT7PZ6ymfvOQlPcUezvIaoywWiTI23AsYCI56XboTnC6P2XXM5eM3vvQsISTkRgdDfmTQalTGRSsj898S2DZ%2B6lNB4EqfYHn7KiNmnXUiAZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6edb8bf56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
172.67.172.109200 OK 96 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 4215586e16d04a30e809312731510834
349d9fc34f96027346165a08fde1a378d763108d
c1caf5332041d88410f84025f8e5c34fe335060059f5b7b8da33193389af193d
GET /spa-static/1.4.1453/static/media/field.d2ca7ec12cadaf9b1f9c.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-4a4"
expires: Wed, 24 Apr 2024 00:37:50 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZW4GHw4bJKNyK8mbx%2FDLeFSn7GWvmGEZx1SvPs8NCXXDblM2KXuZYfm6JDSkhQLEPG7bPEdsIG7UXzHgUFy53UP9qipRgea6ZM5qhs7kzZ2BRmZAXSJWWU1oUOVfp%2FgW5d6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6edb8c356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
mostbet.amarix.com/images/mines/logo-248x178.png
104.21.3.14200 OK 57 kB URL GET HTTP/2 mostbet.amarix.com/images/mines/logo-248x178.png
IP 104.21.3.14:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectamarix.com
Fingerprint01:6D:07:DA:03:DB:03:C4:26:41:AD:7D:6B:91:C0:7F:78:E7:33:67
ValidityFri, 01 Mar 2024 22:57:19 GMT - Thu, 30 May 2024 22:57:18 GMT
File type PNG image data, 248 x 178, 8-bit/color RGB, non-interlaced
Hash 0aa7f371da968144d24d0bfdabbc0014
f7d40cce30e6bab7135a243f246eb4b264c3aa3c
4793ff9e46e70ee0651faa6aff07f367576eb7d0932f986a6b61274918e59bf5
GET /images/mines/logo-248x178.png HTTP/1.1
Host: mostbet.amarix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/png
content-length: 57340
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
last-modified: Thu, 28 Mar 2024 08:24:34 GMT
etag: "66052942-dffc"
expires: Thu, 17 Apr 2025 09:26:59 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 529386
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dahsDa4fgx8X%2BJzpvGZRGrttDY3w65mhR8%2FdhgUQuTcqFy7nIpR4WIJ31lDBp%2Fts%2BX82Xz3eTyt2UL2A1HAOJu6wMW1eeUHwvarWzUgJ99xS%2BsovqpOCYfqPk7ZOnSv%2B8rM0tvE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eeffd656ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
agstatic.com/games/evosw/baccarat.jpg
54.230.111.13200 OK 138 kB URL GET HTTP/2 agstatic.com/games/evosw/baccarat.jpg
IP 54.230.111.13:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerAmazon
Subject*.agstatic.com
Fingerprint0E:4F:35:84:E2:C6:81:0D:F2:72:CC:66:C5:58:96:AA:F8:27:11:08
ValidityWed, 24 May 2023 00:00:00 GMT - Sat, 22 Jun 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, baseline, precision 8, 640x480, components 3
Size 138 kB (137947 bytes)
Hash 6c2072fae8c9c12228003c94af84c198
d7683a8e02d58f60d60793d5418127c65edf43b6
d972886800787d9d78b9c7de3c0b8638dd250db82df0f73eea2dadf9b1b1cdc4
GET /games/evosw/baccarat.jpg HTTP/1.1
Host: agstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 137947
date: Tue, 23 Apr 2024 12:02:17 GMT
last-modified: Tue, 26 Dec 2023 14:01:40 GMT
etag: "6c2072fae8c9c12228003c94af84c198"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kRRYZ2MKnDc7UjYEnXkC0VTpEhEeffuaPRK9F_Q09AyBuaTvn0xPQw==
age: 32882
vary: Origin
X-Firefox-Spdy: h2
upload.cdn-mb.com/upload/images/sport%20icons/waterpolo.svg
172.67.172.109200 OK 2.4 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/waterpolo.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash fd559e4ce6f266199c8dd76b826e8435
1529f6b6d83e339b37f33721e014e32dd5e30532
44bec6e89f7facedfe8b53517b0f57da455ae374e99a2714a40818072fac24c3
GET /upload/images/sport%20icons/waterpolo.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"fd559e4ce6f266199c8dd76b826e8435"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17C727302874E796
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102013/ctime:1654102013/gid:33/gname:www-data/mode:33188/mtime:1654102013/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 4002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kAElIONWKi5yKflgXoRHa%2F1upXkd8Eq4QLWfFsZzDarYr%2FI6X62cS9GLzWWRZam4cQqZ8bbIlt0JLEvTQzqRp4%2FviehwMrogSQu18bnjaCQhrK7vCq8dIsJbs1OOkxmqqZZRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec8fac56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/logo/FaviconNewCom.png
172.67.172.109200 OK 1.0 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/logo/FaviconNewCom.png
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type RIFF (little-endian) data, Web/P image
Hash 3c6e5a5eef891ce795be0df92864d8c2
692789db2b55b099827c756540a2a7fafbf64852
b32ddb04982d98d84db616802b1e1773537d014ce580f28c60c6e8871b2c757d
GET /upload/images/logo/FaviconNewCom.png HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:19 GMT
content-type: image/webp
content-length: 1048
etag: "3c6e5a5eef891ce795be0df92864d8c2"
last-modified: Tue, 23 Jan 2024 22:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding, Accept
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17C05B5AF3D20A79
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-contentmd5: PG5aXu+JHOeVvg35KGTYwg==
cache-control: max-age=345600
cf-cache-status: HIT
age: 4085
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcVLCjNB4y4NKcJM46MSW5vsKXc%2Bz5sm6vOBw59i7yFlNOwS4xIFrotxXeG7v49m08S2DvW%2F4gx4L8%2B2zOkvhtnAwHCxqXaNMmdgJmYyGGaLdQzH9gGqAF8IyM0egAxl%2BnMYbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6f11ce856af-OSL
alt-svc: h3=":443"; ma=86400
code.jivo.ru/js/bundle_ru_RU.js?rand=1713436056
193.17.93.93200 OK 245 kB URL GET HTTP/2 code.jivo.ru/js/bundle_ru_RU.js?rand=1713436056
IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGlobalSign nv-sa
Subject*.jivo.ru
Fingerprint60:0E:83:43:DE:FD:73:77:2E:6A:72:96:0B:4C:79:34:7C:AE:C7:85
ValidityWed, 10 May 2023 09:12:34 GMT - Mon, 10 Jun 2024 09:12:33 GMT
File type Unicode text, UTF-8 text, with very long lines (60985), with no line terminators
Size 245 kB (244833 bytes)
Hash dab6de701d27996404916a2c6d8f8f5b
f17add824d94e022e95a9e45fbdb4a1341b11f72
2e30fab312479552c4ce28afea819a965c076ce8d210adcde5d069f7222ccb61
GET /js/bundle_ru_RU.js?rand=1713436056 HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: application/javascript
content-length: 244833
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: br
etag: "661fba80-3bc61"
last-modified: Wed, 17 Apr 2024 12:03:12 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2024-04-23T10:28:01+00:00
x-node: m9-up-gc229
accept-ranges: bytes
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/tn.8b09464a7524dff3fa47.svg
172.67.172.109200 OK 14 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/tn.8b09464a7524dff3fa47.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash fea87146ed08572e8a492974c932140e
528818aab10c15299ea5d5f8dc15c8c983aa4a25
84116fb50ddb30d2f08991ae4e3762d7191fe4387e1cf05d55a4e3f2e95c3c57
GET /spa-static/1.4.1453/static/media/tn.8b09464a7524dff3fa47.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2dd"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5OT7F5XVb1W2ZVKHj%2FJADyZUuo0VYU3P0e4SuluOD9CxtThM4gUkx5nZlLuHlRh%2FDUD7yzxZVzz6fwBDuhu9FhYl2Z4yzJC0O2V5pVvuUFhZK%2FYPK1WtKavA4AyWGmCBDVU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4e84a56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/user/split-test/stage
3.125.159.65401 Unauthorized 16 kB URL GET HTTP/2 len6gyisnhmb.com/api/v1/user/split-test/stage
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
Hash 4f8100be653f3792c5ace7fc036e8e01
b09ba6c45991ea31eae319b250ce61b430e8c602
81745d7fd8af3525b944812cfa0e4e92439df51b3e9d5810d049787944a2d327
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/user/split-test/stage HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
sentry-trace: d2414d3176d9425a9c0db1501fa538d2-886dcc88460a044e-0
baggage: sentry-environment=production,sentry-release=23cb614f47bbc2f7b6eb478dcdfdec2f50952808,sentry-public_key=4a626086556647d191e62e9bef5eb347,sentry-trace_id=d2414d3176d9425a9c0db1501fa538d2,sentry-sample_rate=0.1
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906616.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 401 Unauthorized
server: nginx
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/json
www-authenticate: Bearer
cache-control: max-age=0, must-revalidate, private
x-request-id: 8aa9f2b31f6d03db68007e4abc02ba7a
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:16 GMT
vary: Accept-Language
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/4805.e52e0403.chunk.js
172.67.172.109200 OK 14 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/4805.e52e0403.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (21612)
Hash 85fbcce6535ea4e2ab9d206c44685158
dc7a509068c66082fe524fcf9c11554ff62a9cf2
a7a8c1a91e534ea372b5ee06cd401bd2109497f819e59fd5b005e0fad315bff4
GET /spa-static/1.4.1453/static/js/4805.e52e0403.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-54b9"
expires: Tue, 23 Apr 2024 23:44:50 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 5125
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ypx9Yj5nsys96zgsd14wYwD3R6BlKXm5axw5CzZq4jFjcA3iwhOq%2BVqEXiL21cSALpGXkSZBmyWZPdbQO4y%2FBzZxQttfoA2qzNE8xyAHQLJX7jkGlWy%2BEWGPqTU8BaxYqCI%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e1ad7156af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
code.jivo.ru/css/f9fd344/widget.css
193.17.93.93200 OK 42 kB URL GET HTTP/2 code.jivo.ru/css/f9fd344/widget.css
IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGlobalSign nv-sa
Subject*.jivo.ru
Fingerprint60:0E:83:43:DE:FD:73:77:2E:6A:72:96:0B:4C:79:34:7C:AE:C7:85
ValidityWed, 10 May 2023 09:12:34 GMT - Mon, 10 Jun 2024 09:12:33 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0bc0635afa9f471f3d66563fdde90bf3
864b6b6ed939dc8291e94e071455e523d998a878
3516b9da57a710eb243eb43e601a16a1a68e1355f976b13ac3e141cd3d32205a
GET /css/f9fd344/widget.css HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:19 GMT
content-type: text/css
content-length: 41689
cache-control: max-age=864000
content-encoding: br
etag: "661fba7f-a2d9"
expires: Sun, 28 Apr 2024 10:27:56 GMT
last-modified: Wed, 17 Apr 2024 12:03:11 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2024-04-18T10:27:56+00:00
x-node: m9-up-gc89
accept-ranges: bytes
X-Firefox-Spdy: h2
len6gyisnhmb.com/favicon.png
3.125.159.65200 OK 2.8 kB URL GET HTTP/2 len6gyisnhmb.com/favicon.png
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Hash f8cbfde8f3484f7a5f02189742f0f110
3eb0cec3e65d6cb0cc2744b5fa57ded1afb6e4d4
70504d4dc047aeac702b31e9290e9f5553e901d07d3844269cd966042988159a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.png HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:19 GMT
content-type: image/png
content-length: 2810
last-modified: Mon, 22 Apr 2024 11:19:30 GMT
etag: "662647c2-afa"
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jivo.ru/css/f9fd344/omnichannelMenu.widget.css
193.17.93.93200 OK 1.3 kB URL GET HTTP/2 code.jivo.ru/css/f9fd344/omnichannelMenu.widget.css
IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGlobalSign nv-sa
Subject*.jivo.ru
Fingerprint60:0E:83:43:DE:FD:73:77:2E:6A:72:96:0B:4C:79:34:7C:AE:C7:85
ValidityWed, 10 May 2023 09:12:34 GMT - Mon, 10 Jun 2024 09:12:33 GMT
File type ASCII text, with very long lines (4471), with no line terminators
Hash 1e7cde329a3a155b22639ff8cffd1269
1b5e8d1b6f8d6f1f7503b6c452fec7c179adb558
0f3286aab073e23963c5c2665600d09cfa74f4e2c36289ef19e59ab739c84f6f
GET /css/f9fd344/omnichannelMenu.widget.css HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:19 GMT
content-type: text/css
content-length: 1337
cache-control: max-age=864000
content-encoding: gzip
etag: "661fba7f-539"
expires: Thu, 02 May 2024 10:00:04 GMT
last-modified: Wed, 17 Apr 2024 12:03:11 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2024-04-22T10:00:05+00:00
x-node: m9-up-gc41
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jivo.ru/js/f9fd344/omnichannelMenu.js
193.17.93.93200 OK 9.6 kB URL GET HTTP/2 code.jivo.ru/js/f9fd344/omnichannelMenu.js
IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGlobalSign nv-sa
Subject*.jivo.ru
Fingerprint60:0E:83:43:DE:FD:73:77:2E:6A:72:96:0B:4C:79:34:7C:AE:C7:85
ValidityWed, 10 May 2023 09:12:34 GMT - Mon, 10 Jun 2024 09:12:33 GMT
File type JavaScript source, ASCII text, with very long lines (34799), with no line terminators
Hash 4d986d0350ce9d996011f5aec2b9b4ec
936378171d1a53c5e31cf2d615b1b229327285a5
a1f4bce3610e3273ceb27a97110c52462ded09a14004abdd123bf3035f4c0c09
GET /js/f9fd344/omnichannelMenu.js HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:19 GMT
content-type: application/javascript
content-length: 9607
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: br
etag: "661fba80-2587"
last-modified: Wed, 17 Apr 2024 12:03:12 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2024-04-23T10:28:01+00:00
x-node: m9-up-gc98
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jivo.ru/sounds/agent_message.mp3
193.17.93.93206 Partial Content 3.8 kB URL GET HTTP/2 code.jivo.ru/sounds/agent_message.mp3
IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGlobalSign nv-sa
Subject*.jivo.ru
Fingerprint60:0E:83:43:DE:FD:73:77:2E:6A:72:96:0B:4C:79:34:7C:AE:C7:85
ValidityWed, 10 May 2023 09:12:34 GMT - Mon, 10 Jun 2024 09:12:33 GMT
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
Hash 8e9a165c4cb185ffd0b2658fa088e43b
195873e5e8bbb2f5ecc32d95f90d6fb75817a649
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43
GET /sounds/agent_message.mp3 HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Tue, 23 Apr 2024 21:10:19 GMT
content-type: audio/mpeg
content-length: 3760
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "65fda528-eb0"
expires: Thu, 25 Apr 2024 16:32:06 GMT
last-modified: Fri, 22 Mar 2024 15:35:04 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2024-03-26T16:32:06+00:00
x-node: m9-up-gc91
content-range: bytes 0-3759/3760
X-Firefox-Spdy: h2
code.jivo.ru/sounds/notification.mp3
193.17.93.93206 Partial Content 5.8 kB URL GET HTTP/2 code.jivo.ru/sounds/notification.mp3
IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGlobalSign nv-sa
Subject*.jivo.ru
Fingerprint60:0E:83:43:DE:FD:73:77:2E:6A:72:96:0B:4C:79:34:7C:AE:C7:85
ValidityWed, 10 May 2023 09:12:34 GMT - Mon, 10 Jun 2024 09:12:33 GMT
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
Hash 9aa341af370c4e59155717260ba0f282
0c1216ecead8d1409557c843d96202c063f3f252
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
GET /sounds/notification.mp3 HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Tue, 23 Apr 2024 21:10:19 GMT
content-type: audio/mpeg
content-length: 5808
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "661fba80-16b0"
expires: Sat, 18 May 2024 12:31:10 GMT
last-modified: Wed, 17 Apr 2024 12:03:12 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2024-04-18T12:31:10+00:00
x-node: m9-up-gc19
content-range: bytes 0-5807/5808
X-Firefox-Spdy: h2
code.jivo.ru/sounds/outgoing_message.mp3
193.17.93.93206 Partial Content 5.0 kB URL GET HTTP/2 code.jivo.ru/sounds/outgoing_message.mp3
IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGlobalSign nv-sa
Subject*.jivo.ru
Fingerprint60:0E:83:43:DE:FD:73:77:2E:6A:72:96:0B:4C:79:34:7C:AE:C7:85
ValidityWed, 10 May 2023 09:12:34 GMT - Mon, 10 Jun 2024 09:12:33 GMT
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
Hash 7bf3e4962a5ecf1f8cbcc2ff3428f531
f75c694461a643d2e096ae8d0f6c1a9d19602eee
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
GET /sounds/outgoing_message.mp3 HTTP/1.1
Host: code.jivo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Tue, 23 Apr 2024 21:10:19 GMT
content-type: audio/mpeg
content-length: 5014
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "661d0a50-1396"
expires: Thu, 16 May 2024 09:02:33 GMT
last-modified: Mon, 15 Apr 2024 11:06:56 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2024-04-16T09:02:33+00:00
x-node: m9-up-gc81
content-range: bytes 0-5013/5014
X-Firefox-Spdy: h2
telemetry.jivosite.com/w
87.242.88.149204 No Content 0 B IP 87.242.88.149:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoDaddy.com, Inc.
Subject*.jivosite.com
Fingerprint48:23:E2:E5:0B:0A:4E:4F:CA:AD:65:27:8E:22:2A:8F:87:B3:6D:F4
ValidityWed, 05 Apr 2023 11:26:25 GMT - Mon, 06 May 2024 11:26:25 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /w HTTP/1.1
Host: telemetry.jivosite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 187
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: JivoTelemetry/0.9.4
Date: Tue, 23 Apr 2024 21:10:20 GMT
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css
142.250.74.35200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type ASCII text, with very long lines (56412), with no line terminators
Hash 2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 20:38:41 GMT
expires: Mon, 21 Apr 2025 20:38:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/css
vary: Accept-Encoding
age: 174699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
eu.api.fpjs.io/DwmA/JNZ1Dz7/7?q=OszY8YxLtMbMKK8o3fGo
99.83.255.25200 OK 92 B URL GET HTTP/2 eu.api.fpjs.io/DwmA/JNZ1Dz7/7?q=OszY8YxLtMbMKK8o3fGo
IP 99.83.255.25:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerAmazon
Subjecteu.api.fpjs.io
Fingerprint88:16:BF:78:24:5B:DC:12:F9:B4:7B:4E:20:49:53:0F:CD:6A:FA:5B
ValiditySun, 26 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 06fae93c0520a1c760b63a8f028ed274
c2400045cc8ba55e84dc48ccd902d1f1f136aaa3
20549e8b2ffe63d0fbdc3816500a035f53755505dbe7ac582edaf5e549ea058d
GET /DwmA/JNZ1Dz7/7?q=OszY8YxLtMbMKK8o3fGo HTTP/1.1
Host: eu.api.fpjs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:20 GMT
content-type: text/plain; charset=utf-8
content-length: 92
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
timing-allow-origin: *
x-content-type-options: nosniff
x-frame-options: DENY
x-robots-tag: noindex
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__ru.js
142.250.74.35200 OK 210 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__ru.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type JavaScript source, ASCII text, with very long lines (790)
Size 210 kB (210216 bytes)
Hash 18baa8a1464a720fb95f325f9e7fa1d1
c6adb035318fb37a819c624e21764511ee26f38a
83ebb6111d7637ad4939c5819579a15974bae73fe77f54e8263354efae09c4c0
GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 210216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:58:44 GMT
expires: Wed, 23 Apr 2025 08:58:44 GMT
cache-control: public, max-age=31536000
age: 43896
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:43:03 GMT
expires: Fri, 18 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 498437
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
len6gyisnhmb.com/upload/images/sport%20icons/tennis.svg
3.125.159.65200 OK 16 kB URL GET HTTP/2 len6gyisnhmb.com/upload/images/sport%20icons/tennis.svg
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type gzip compressed data, from Unix
Hash d65e2f6a4f9a01108b8f224cde5689b3
acc0fdec0d5d5f91dbaff9e88d5dcc2527868e8a
39319a70d7d63a208be84b43decfb70b9a5fdf9da14699786be408b976b02f19
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/images/sport%20icons/tennis.svg HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:20 GMT
content-type: image/svg+xml
etag: W/"0b0d6f7e86a350f3e512f3305927c908"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin, Accept-Encoding
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17C8C9D0A9CCCC4E
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102013/ctime:1654102013/gid:33/gname:www-data/mode:33188/mtime:1654102013/uid:33/uname:www-data
expires: Wed, 24 Apr 2024 21:10:20 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
142.250.74.164200 OK 39 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
IP 142.250.74.164:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash 81b38821179471710e71789351cea8ab
aa44a540e98dc7ae6739bd23d71e252c727ddf7a
7791ed7f171bf7008cf7cd821382aae36822295641f426a41848f92d809bab20
GET /recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Apr 2024 21:10:19 GMT
content-security-policy: script-src 'nonce-jqk-LELdWPB5yEHlxnLWoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__ru.js
142.250.74.35200 OK 210 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__ru.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type JavaScript source, ASCII text, with very long lines (790)
Size 210 kB (210216 bytes)
Hash 18baa8a1464a720fb95f325f9e7fa1d1
c6adb035318fb37a819c624e21764511ee26f38a
83ebb6111d7637ad4939c5819579a15974bae73fe77f54e8263354efae09c4c0
GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 210216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:58:44 GMT
expires: Wed, 23 Apr 2025 08:58:44 GMT
cache-control: public, max-age=31536000
age: 43896
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:54:07 GMT
expires: Thu, 25 Apr 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 497773
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/js/bg/F3t2rNz7bgl6HBEOkbpna2AoS4gdljz1bcAONYlXrnE.js
142.250.74.164200 OK 7.4 kB URL GET HTTP/3 www.google.com/js/bg/F3t2rNz7bgl6HBEOkbpna2AoS4gdljz1bcAONYlXrnE.js
IP 142.250.74.164:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File type JavaScript source, ASCII text, with very long lines (17687)
Hash 133138dc8ed76a5e7f52fd72aeb36003
10c34d56309ef22c2bf88339d926efa45f86c579
177b76acdcfb6e097a1c110e91ba676b60284b881d963cf56dc00e358957ae71
GET /js/bg/F3t2rNz7bgl6HBEOkbpna2AoS4gdljz1bcAONYlXrnE.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7443
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 05:06:06 GMT
expires: Thu, 17 Apr 2025 05:06:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 576254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vi-sber1-22.jivosite.com/zV6xlxr9an?a81c5df15b01c435
178.170.196.233 0 B URL vi-sber1-22.jivosite.com/zV6xlxr9an?a81c5df15b01c435
IP 178.170.196.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zV6xlxr9an?a81c5df15b01c435 HTTP/1.1
Host: vi-sber1-22.jivosite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://len6gyisnhmb.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tT/6qAGZVvqYxURijSFkkg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Access-Control-Allow-Origin: https://len6gyisnhmb.com
Sec-WebSocket-Accept: XKpRephrHwDR410nUs9i0r9cZLA=
Server: hand/3.2
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css
142.250.74.35200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type ASCII text, with very long lines (56412), with no line terminators
Hash 2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 20:38:41 GMT
expires: Mon, 21 Apr 2025 20:38:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/css
vary: Accept-Encoding
age: 174700
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__ru.js
142.250.74.35200 OK 210 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__ru.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type JavaScript source, ASCII text, with very long lines (790)
Size 210 kB (210216 bytes)
Hash 18baa8a1464a720fb95f325f9e7fa1d1
c6adb035318fb37a819c624e21764511ee26f38a
83ebb6111d7637ad4939c5819579a15974bae73fe77f54e8263354efae09c4c0
GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 210216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:58:44 GMT
expires: Wed, 23 Apr 2025 08:58:44 GMT
cache-control: public, max-age=31536000
age: 43897
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:43:03 GMT
expires: Fri, 18 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 498438
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
142.250.74.164200 OK 11 kB URL GET HTTP/3 www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
IP 142.250.74.164:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash 89ffd981db77f08e3b2d5d44b904c5f4
b75832ce79792c87b8e4d8d61971cf3fe107870e
d2d42daaaf948e0747810c9de9cbcf3dfaaae807a1323840b257ad5a51086799
GET /recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Apr 2024 21:10:21 GMT
content-security-policy: script-src 'nonce-KeGA6o-UzngwQw2mj5ROrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 21:52:09 GMT
expires: Tue, 22 Apr 2025 21:52:09 GMT
cache-control: public, max-age=31536000
age: 83892
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2
216.58.207.227200 OK 9.9 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 9920, version 1.0
Hash 797d1a46df56bba1126441693c5c948a
01f372fe98b4c2b241080a279d418a3a6364416d
c451e5cf6b04913a0bc169e20eace7dec760ba1db38cdcc343d8673bb221dd00
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:54:49 GMT
expires: Fri, 18 Apr 2025 17:54:49 GMT
cache-control: public, max-age=31536000
age: 443732
last-modified: Mon, 16 Oct 2017 17:33:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:25:07 GMT
expires: Fri, 18 Apr 2025 17:25:07 GMT
cache-control: public, max-age=31536000
age: 445514
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
216.58.207.227200 OK 10 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 10120, version 1.0
Hash df648143c248d3fe9ef881866e5dea56
770cae7a298ecfe5cf5db8fe68205cdf9d535a47
6a3f2c2a5db6e4710e44df0db3caec5eb817e53989374e9eac68057d64b7f6d2
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 17:04:23 GMT
expires: Sat, 19 Apr 2025 17:04:23 GMT
cache-control: public, max-age=31536000
age: 360358
last-modified: Mon, 16 Oct 2017 17:33:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/refresh_2x.png
142.250.74.35200 OK 600 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/refresh_2x.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Hash 0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:48:43 GMT
expires: Thu, 25 Apr 2024 02:48:43 GMT
cache-control: public, max-age=604800
age: 498099
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/info_2x.png
142.250.74.35200 OK 665 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/info_2x.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Hash 07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:40:07 GMT
expires: Thu, 25 Apr 2024 02:40:07 GMT
cache-control: public, max-age=604800
age: 498615
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
upload.cdn-mb.com/upload/images/sport%20icons/darts.svg
172.67.172.109200 OK 949 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/darts.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 413465be1196d1a375d3ace31262b59d
e2c73c9951d0b7b6f92adfda1517ecf8a06403e4
10e4d703809deb29518f82cb0f6a14fe243625e511b017e1bf5c8ae1a77e5d27
GET /upload/images/sport%20icons/darts.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"413465be1196d1a375d3ace31262b59d"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: a1fa336c2fd2dc07ed124b8a56fe646ff71a960ff9616c4268e18a83b1883276
x-amz-request-id: 17B18A45C8BC9B73
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2FY4SHSxCOf2SnQlOjEWcNpd3IGShBiaouY5xX1JXkBLpXmSxa17oZpjEFmNr5UE9bn7qeehli58gxXvSu9JWdZ0lNATa8%2F62X92Cbq%2Bgkh3FsjpFbh1Q6%2FmplFp0Ec6MFZsZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec6f9d56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.google.com/js/bg/F3t2rNz7bgl6HBEOkbpna2AoS4gdljz1bcAONYlXrnE.js
142.250.74.164200 OK 7.4 kB URL GET HTTP/3 www.google.com/js/bg/F3t2rNz7bgl6HBEOkbpna2AoS4gdljz1bcAONYlXrnE.js
IP 142.250.74.164:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File type JavaScript source, ASCII text, with very long lines (17687)
Hash 133138dc8ed76a5e7f52fd72aeb36003
10c34d56309ef22c2bf88339d926efa45f86c579
177b76acdcfb6e097a1c110e91ba676b60284b881d963cf56dc00e358957ae71
GET /js/bg/F3t2rNz7bgl6HBEOkbpna2AoS4gdljz1bcAONYlXrnE.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7443
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 05:06:06 GMT
expires: Thu, 17 Apr 2025 05:06:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 576256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
len6gyisnhmb.com/an/band/t4k.json?
3.125.159.65200 OK 86 B URL POST HTTP/2 len6gyisnhmb.com/an/band/t4k.json?
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
Hash 3eba3697699ee93790c251fd18fe74c5
d059a331f680d3269a81441de142e60aebec25e1
b5165e9100126c2d9baf4e48729f00e95ec4393e112b448d1dd2b9a6c1dc7788
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /an/band/t4k.json? HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1178
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906622.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:22 GMT
content-length: 86
x-frame-options: SAMEORIGIN
x-xss-protection: 1
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
access-control-expose-headers: Content-Length,Content-Type
pragma: no-cache
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
set-cookie: uid=7188645369884966912; Domain=len6gyisnhmb.com; Path=/; Expires=Fri, 05 Mar 2027 13:38:58 GMT; HttpOnly; Secure; SameSite=None
x-response-time: 28
cache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/back.5f91ecc918075b33253e.svg
172.67.172.109200 OK 285 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/back.5f91ecc918075b33253e.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 851a550ac78fef9dd44464d38ef42b7d
05244c78758634c00b407256d8ec0bc288d93eb8
ae2b0016f271c3c73659762658a015b82916057a0720ff7abcf8ce76e5e313d1
GET /spa-static/1.4.1453/static/media/back.5f91ecc918075b33253e.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:20 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-14a"
expires: Wed, 24 Apr 2024 00:37:50 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1950
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KL2RPYYxXGVZ8rLhAq%2B2wjSyDUNirjedviylwy1KXZlLxeAq6kcRpvpNOXRGLJ1vv86NKtBpLYAg0XfKuYiP6k5905L1NaNVMK2BjKeRNGxFdCoUzymEfknmy3ZAK7ZGg2vR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6f88bff56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
x011bt.com/gif/test2?&rst3uid=7188645446904971264&rst4uid=7188645369884966912
49.12.126.251200 OK 43 B URL GET HTTP/2 x011bt.com/gif/test2?&rst3uid=7188645446904971264&rst4uid=7188645369884966912
IP 49.12.126.251:443
ASN #24940 Hetzner Online GmbH
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectx011bt.com
Fingerprint00:B8:94:7F:91:E8:3F:7E:83:3C:A3:82:1D:BE:74:E1:CF:20:23:7D
ValidityThu, 18 Apr 2024 14:53:37 GMT - Wed, 17 Jul 2024 14:53:36 GMT
File type GIF image data, version 89a, 1 x 1
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /gif/test2?&rst3uid=7188645446904971264&rst4uid=7188645369884966912 HTTP/1.1
Host: x011bt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Cookie: uid=7188645370153402368
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Tue, 23 Apr 2024 21:10:25 GMT
content-type: image/gif
content-length: 43
x-frame-options: SAMEORIGIN
x-xss-protection: 1
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
access-control-expose-headers: Content-Length,Content-Type
pragma: no-cache
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
set-cookie: uid=7188645370153402368; Domain=.x011bt.com; Path=/; Expires=Fri, 05 Mar 2027 13:38:58 GMT; HttpOnly; Secure; SameSite=None
x-response-time: 0
cache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate
X-Firefox-Spdy: h2
mostauthor.com/multiauth/ping
185.26.99.196200 OK 0 B URL OPTIONS HTTP/2 mostauthor.com/multiauth/ping
IP 185.26.99.196:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostauthor.com
Fingerprint07:D4:3A:B9:45:C0:FE:05:F4:6C:4F:1E:98:58:68:64:B2:84:63:25
ValiditySat, 13 Apr 2024 10:46:22 GMT - Fri, 12 Jul 2024 10:46:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /multiauth/ping HTTP/1.1
Host: mostauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
vary: origin, access-control-request-method, access-control-request-headers
access-control-allow-methods: GET
access-control-allow-headers: x-client-device-id,x-client-name,x-client-session,x-client-version,x-multiauth-version,x-requested-with
access-control-max-age: 600
content-length: 0
allow: GET,HEAD
date: Tue, 23 Apr 2024 21:10:45 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
len6gyisnhmb.com/an/band/t4k.json?
3.125.159.65200 OK 86 B URL POST HTTP/2 len6gyisnhmb.com/an/band/t4k.json?
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
Hash 40fd37e3ec421020367886e62cdafbde
09d2205004edd20efcc9b18dc7a9ef083cfa023c
7ab04263e26100476801e2f47a95a5a084a2c1f2fb821dbb5dd7a98ffc8e3493
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /an/band/t4k.json? HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1144
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906622.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:46 GMT
content-length: 86
x-frame-options: SAMEORIGIN
x-xss-protection: 1
access-control-allow-origin: https://len6gyisnhmb.com
access-control-allow-credentials: true
access-control-expose-headers: Content-Length,Content-Type
pragma: no-cache
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
set-cookie: uid=7188645369884966912; Domain=len6gyisnhmb.com; Path=/; Expires=Fri, 05 Mar 2027 13:38:58 GMT; HttpOnly; Secure; SameSite=None
x-response-time: 10
cache-control: no-cache, no-store, must-revalidate, no-store; must-revalidate
X-Firefox-Spdy: h2
rstat.rockmostbet.com/band/t4k.json?
162.55.5.93200 OK 86 B URL POST HTTP/2 rstat.rockmostbet.com/band/t4k.json?
IP 162.55.5.93:443
ASN #24940 Hetzner Online GmbH
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectrstat.rockmostbet.com
FingerprintE6:73:BE:80:71:82:78:1C:16:B0:7C:C9:F7:36:67:FF:8B:C8:B0:A9
ValidityWed, 27 Mar 2024 11:01:39 GMT - Tue, 25 Jun 2024 11:01:38 GMT
Hash e07017e27018ec0ddc9d344986d82bc0
82590b07f50b93bd545e4155544dcca93d587314
9b504b5b180afd2854214067defa9fb5f06c6e520268c72084552e6d59b29cd7
POST /band/t4k.json? HTTP/1.1
Host: rstat.rockmostbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 913
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://len6gyisnhmb.com
access-control-expose-headers: Content-Length,Content-Type
cache-control: no-cache, no-store, must-revalidate
date: Tue, 23 Apr 2024 21:11:04 GMT
expires: Mon, 01 Jan 1990 21:00:12 GMT
last-modified: Sun, 17 May 1998 03:44:30 GMT
pragma: no-cache
server: Caddy
set-cookie: uid=7188645446904971264; Domain=.rockmostbet.com; Path=/; Expires=Sun, 24 Jan 2027 23:19:31 GMT; HttpOnly
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 1
x-xss-protection: 1
content-type: text/plain; charset=utf-8
content-length: 86
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/8798.5e6cbbd4.chunk.js
172.67.172.109200 OK 2.6 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/8798.5e6cbbd4.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2668), with no line terminators
Hash 2d91af1310dd9e803aa67c2e682c3627
cd90d38f4c6a7967adb37afc3e728635f3cb5bd8
ed4222d5411da18d74d11140cf3a1052bde4bbe75535f97ff617a77ca511ac8f
GET /spa-static/1.4.1453/static/js/8798.5e6cbbd4.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-a16"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10552
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u2TwQHJTsii3hhEpJ0cOh4c%2FA2TV7Wy63XI%2B9%2F9MF7KHecPIRv1bie1gU1m8Rk%2FuveDIIYT6d6JS38E%2FXbhTNGxbuMpngAshy2QAqcyP928SK2yicZmBlI5Dq39TjyAd7vHC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ea9e0756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/2774.ed7fcf2a.chunk.js
172.67.172.109200 OK 414 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/2774.ed7fcf2a.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 414 kB (414381 bytes)
Hash 373633d5807177f0a029dd044982cf4b
36c4de10b9929863edd63abc94755cb494f5502a
308b3d093408755d72fbe29659db070e27989cdb0879693108b70a42beaecbd4
GET /spa-static/1.4.1453/static/js/2774.ed7fcf2a.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-652ad"
expires: Tue, 23 Apr 2024 23:44:48 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 5128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7S2S99bCNcb4sO2lthr%2FXVgkczQ9kKJlhg85Xge6iv07W1qOlJJbCl%2F%2BVwd%2FRZ8uwMF8OneBGnP2uoIPGQJEgp7601bnkiF3ZKDZncLhf10ov8LIuL1kkOW9h1Zsjna8ecS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6df8b3256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/Roboto-Medium.13a29228654d5c5ec9c4.ttf
172.67.172.109200 OK 172 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/Roboto-Medium.13a29228654d5c5ec9c4.ttf
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med
Size 172 kB (171656 bytes)
Hash 58aef543c97bbaf6a9896e8484456d98
f6783010d5def128c4a1539333324f75701d9bab
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836
GET /spa-static/1.4.1453/static/media/Roboto-Medium.13a29228654d5c5ec9c4.ttf HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/octet-stream
content-length: 171656
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
etag: "662648dc-29e88"
expires: Tue, 23 Apr 2024 21:36:11 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 12845
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHLcW4BiM71rKEd5V2%2FqD%2BOi%2FitO2bllQwoukqy3K2pc68c7MHHkj7zal3AcCPH9a6VVU5coA7h85Jp0qsyLRNRzDl9KDVkJpLfznqnfImB6Y91aA0rWBYMIkDhuihc7G3w0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8790d6dfeb8556af-OSL
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/pl.9400273de5d060652ce7.svg
172.67.172.109200 OK 222 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/pl.9400273de5d060652ce7.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 0a27bccf5ac89b90c250b9fa53e20b1b
558aae97c74af8e13b9acdfbab0f26ab05706310
35abe11e19e86cf4fc18c0781f4b9f8843d420cacd6f89178ecb205b68d2a2f7
GET /spa-static/1.4.1453/static/media/pl.9400273de5d060652ce7.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-de"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HM1AwrZWKkipG1ogpv914HaNOHEkX%2BpLWKl%2BATkphc%2FGX46jasMkdet6nZBz8X2Dr9p630TrPv4iZUICvK%2FvE3WrXmlUUac1178RscNYv34YCE1UeZvmoJyCzwyeEbA%2BpdBr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e49ff056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/gift.4e1ed5f86bcfa75e6cc1.svg
172.67.172.109200 OK 1.3 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/gift.4e1ed5f86bcfa75e6cc1.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash d7bc03259eb36491e26b0f780ad196a9
193fba5f9e479890663ba4d5cae3c8e263552be4
cc23687b34897eb30d13f39b55aa1e6782f4b344f53233875d3013348c693f2c
GET /spa-static/1.4.1453/static/media/gift.4e1ed5f86bcfa75e6cc1.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:22 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-4f9"
expires: Wed, 24 Apr 2024 00:37:54 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tAe052fQ1kh3nEXZpvAvt%2B8YDJiAWhRc%2FQH1uBK5UcvWC8TAVZ%2Fz5OOVsQItP1sBK24VGbjP7XjKC58d0Vu9j1iuJzx%2BvZzJZ9OPFfkyQ51PR2V8JFQqg5dw15mujwx885bF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d706ba6f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/5243.03c8ea28.chunk.css
172.67.172.109200 OK 295 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/5243.03c8ea28.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 295 kB (294852 bytes)
Hash 37449c5c185371d53a5091ee868b9ea8
e21cff4a4064b2ec44d7f0bb476d0802f7ca850e
d5ec36aff5d6618557f9755d959eb6c60fda23485ece45ca12f9aeb7e0fe56f3
GET /spa-static/1.4.1453/static/css/5243.03c8ea28.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-47fc4"
expires: Tue, 23 Apr 2024 23:45:50 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 5066
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8OHyNXInSCxIJsrT3YUkiDuTn7JbJr%2BAcfA5H9xgvdKs5wA%2FZnQuVoxHiC4AwHxb%2FYDlEMBq5Ov7hZyoumkxjSgd3b5drO5QcEXMNDj9Ixmr1KLbk1UFmMQnU02ffJyRjKp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e31e9c56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/9207.b0fec86f.chunk.css
172.67.172.109200 OK 576 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/9207.b0fec86f.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (576), with no line terminators
Hash d2c1947db851cdd62da066ce6b23a977
3deb9de023858e2f46a8d6c179ee29bfc1a8ddfc
e2d912fd1a6b5f49f9567d12871ec650c039ded435ef959c0e4b3a598b72c09a
GET /spa-static/1.4.1453/static/css/9207.b0fec86f.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-240"
expires: Tue, 23 Apr 2024 22:57:35 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 7960
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uj6KjrWORbqjJuDMHp3mzshRr327tkBalKL18FxJ6wzgoJ7mIrR%2BVQNvnUJIyWsdEa5s9BlS1JU4ptNT5rBmU8nWziDvGKPQTEhsKlU0rlLnUHOqoSu30OERyxEgi%2FZT1Xvu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e34ecf56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/close.9b33d3e4ebfcc1ed5ee0.svg
172.67.172.109200 OK 250 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/close.9b33d3e4ebfcc1ed5ee0.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 7334692bf94b232c31ab6cc1d1a511b7
5b69fef62ad079e86e6f1ca329fa369b35ff111f
4582af05609689867a52f72f41208767c6642419fb48a5f641a41a6339b0bf6b
GET /spa-static/1.4.1453/static/media/close.9b33d3e4ebfcc1ed5ee0.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-fa"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mTmlSuSESTDOIaSyRTknMENv%2FFd3KzzlI%2BXrkZpSa49kx%2BuYP0ejVynRjs5TaUfIWF6kLS%2F%2F%2B%2F7wwLVUGq5PdEdDfY0SP9iI6HJMgl5LYjeZV%2ByBLhVVfDSY4SD%2FepomirIy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e85bdf56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/floorball.svg
172.67.172.109200 OK 1.5 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/floorball.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash f1dc4b7c1c777e4318755106ecdbf7b3
fafbe13865d232978cb81a08170ccd0fbd6e99b3
f570fbdebbff3514845de1b49e3b42af84a3897b3389361f3c94471c09f5d0b2
GET /upload/images/sport%20icons/floorball.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"1b3e4afcb149354d41cfb9a5d317fa3e"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17B1D4B690972576
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brtQIyie0FE1iBN96U0D0S20qMioHBObc%2FuVrm2VmcLWPesji7d%2FeebhD47UHLmsgEsCZs4oIXImcRo92exkdhTUsFPd%2BhMbY%2BKveh1YBG0Qok9aZwFrRukmthfLgl9PnFZoRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec6fa356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/triple_arrow.ea71882e83af233365b7.svg
172.67.172.109200 OK 676 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/triple_arrow.ea71882e83af233365b7.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 79ea3646abc18b35e0bc6c4b660817b8
28e3f93481f0cf2b5a2d601d607fa018f4ff6516
fecf0b8641c50e09586c7483ab8b7da50972e1b2e44c4c3e21ebe6502c045c31
GET /spa-static/1.4.1453/static/media/triple_arrow.ea71882e83af233365b7.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2a4"
expires: Wed, 24 Apr 2024 00:37:50 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjkDsiY8fbzWulYswrxhEwutPtli72WpNY29gNlyjRg6%2F7Exqm37oGmSLFztMSZbDaSbPhCTtDyQ9VGEH0YfKWbH4L1551X92u%2BlsL1Gk6mPjHrHvbYwlq2grm2zHs9SGPMJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6edf90556af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/basketball_3x3.svg
172.67.172.109200 OK 1.8 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/basketball_3x3.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash b934a7d93903b4e16cc1063239284b2e
ed15948deaefce103b989fb9ebf7c8ab1bad4f33
8467456b14f3a9d3241e0c4500513475d1153d416e9bcba23e06be29b348474d
GET /upload/images/sport%20icons/basketball_3x3.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"d29de6c5affd7a9a1f9d29165355a067"
last-modified: Wed, 07 Feb 2024 08:42:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17BC8BC60BB66998
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 4697
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rA5%2F6Ig7RdUZ2M%2B3oCNzbzCD3sExibZOkxqZIf%2FtkB3ZSABt4bMShbbWkVkpRHmGHtf0WQnXAbE2vBLpYg5sRmaLUGNpRZV6V0KQRSmBk7khcID3acX%2F0%2FKKNUWTY9GAX5GPOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec5f8556af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn-mst.com/casino/game/43165/game_5a715a075c757dd32c058245fee26172.png
172.67.204.105200 OK 29 kB URL GET HTTP/2 cdn-mst.com/casino/game/43165/game_5a715a075c757dd32c058245fee26172.png
IP 172.67.204.105:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectcdn-mst.com
Fingerprint4D:A1:09:0C:B8:2C:19:D1:9C:4F:9A:8F:28:BC:3E:3E:8F:AD:84:C9
ValidityTue, 16 Apr 2024 06:15:23 GMT - Mon, 15 Jul 2024 06:15:22 GMT
File type PNG image data, 287 x 193, 8-bit colormap, non-interlaced
Hash 3fa0e8d16b0bc9d147481719efa1f335
7fdbc1a775f4acffa18aa472925f383d8555f564
426bbeb8740cb4e18c8b4086e81e5c4fc8a02247906ae5b904d71406e1dd9ac3
GET /casino/game/43165/game_5a715a075c757dd32c058245fee26172.png HTTP/1.1
Host: cdn-mst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/png
content-length: 29434
last-modified: Thu, 30 Nov 2023 06:00:25 GMT
etag: "656824f9-72fa"
expires: Wed, 24 Apr 2024 14:25:45 GMT
cache-control: max-age=86400
vary: Accept-Encoding
cf-cache-status: HIT
age: 24081
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KkgU8kn3u7hRaZ6KGEAFzeLHG2l6F9AOak8xXzXB%2BOpsKjdmp8eJkFx4p0jzEelisLe01%2F%2BkRDGjPId8oX73CRFwqD%2FauWkUCL7UsATOVv%2FI5vnqwa%2Ff%2FoFp3oIhfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ee3d0e56a2-OSL
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/7031.20206f8d.chunk.js
172.67.172.109200 OK 2.3 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/7031.20206f8d.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (2352), with no line terminators
Hash 7c05f079a52e52cffaf95481d1a6496e
7812cc025d8c5a98199fea1d4271404a62dc9995
1384acb6dae87f86477d755e1b98a10812c2d2cb741f751a5ad0b6ad4edc4050
GET /spa-static/1.4.1453/static/js/7031.20206f8d.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-8dc"
expires: Tue, 23 Apr 2024 23:48:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=evr9XUJlmKgL7hkUxtC1iWmH6AkEKR4xLKsSkc%2BiWk9GMkve6Zr%2B%2B5kUWBYPxGRAP2oklCrd0SO%2BWOtRFTSLtSaQoACEFoi1fg%2BD735JN%2F8m3WG4ZzvZeEdsetk%2BAgC27Xtq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e19d5f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/vk.a532de177fda21dd8f5a.svg
172.67.172.109200 OK 594 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/vk.a532de177fda21dd8f5a.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 07b3f9969ede0f83771678f8b8c83fd0
8f62b5b4d08b0d6811d2ccc021f209f3b2176cb7
4f3692fd0571d886af016fbf290743bd8cd2bd47a5edc11d56872e574c6acf14
GET /spa-static/1.4.1453/static/media/vk.a532de177fda21dd8f5a.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-252"
expires: Tue, 23 Apr 2024 22:52:17 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfgjGWqOA6%2F5v8ur6p2S2fSYK2%2F7RrJz2F%2Fx%2Ff6%2BeUMagSB0WlHzMzgYY8bHXfrthEqCEywGMH22jnUeO1wEvV84XIByQay1nPmecpS7xD9Vbc9P%2BTgjph%2BCb84j6I8n4s9Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5f96156af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/rugby.svg
172.67.172.109200 OK 1.1 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/rugby.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 211b8b4173651e6cef1473d1fdc6db3a
a1a98536ada851926e47de1792329e28609aff9c
bdcd5e9a5c31db6d07d0e011d56c6f84d1b80a3fa22005614c520aadc6585745
GET /upload/images/sport%20icons/rugby.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"8969bc970bcd178e5f24667197c3a02c"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17BCDC5B4B22BD3C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9rjPMpZCx5vfc5%2BIe7UUwaizU9wjzH2BNKP9SI13boDOpqph%2Bnmfaw4J7ZNJQwFzOZODB50TmJMUszTBkGebRwg49f6p3ECgSC05xVAEbM%2Bb2K7wgF7Z%2FdE30xDnkxrZrM1DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec5f8056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/field-hockey.svg
172.67.172.109200 OK 1.2 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/field-hockey.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 1b59b5109341967e52d31da39f74e0bf
9ee39eaa85affffea3659b012bdbd6a1035b0a89
4ece71708358342a4ff02cdca293cb0a9a02ec610c46f63b0b50ddc2cceae0be
GET /upload/images/sport%20icons/field-hockey.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"ead4726e642f8b6863a5894a3db2f179"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17B9E04AE932C115
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lavn8om0E%2Fs8%2BJPAByBS1rCyXCKKU4nz%2Ba9e4vZSza2SINeu2l0%2BG%2Favz0F4CVQzzLVAjpNa5l8etFl6uceBQUT0riGVqqE72alfgCRJd9BNZDoii5smyor%2Ftsoc%2FEFvoPogeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec6fa056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn-mst.com/casino/game/76120/game_d369c750e1e5c4951c70568a55a529b3.jpg
172.67.204.105200 OK 103 kB URL GET HTTP/2 cdn-mst.com/casino/game/76120/game_d369c750e1e5c4951c70568a55a529b3.jpg
IP 172.67.204.105:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectcdn-mst.com
Fingerprint4D:A1:09:0C:B8:2C:19:D1:9C:4F:9A:8F:28:BC:3E:3E:8F:AD:84:C9
ValidityTue, 16 Apr 2024 06:15:23 GMT - Mon, 15 Jul 2024 06:15:22 GMT
File type JPEG image data, progressive, precision 8, 328x192, components 3
Size 103 kB (103080 bytes)
Hash a61575b8ac10ba8f60e7c43687609dd5
09926d21f3f84e819a6ee46e76420d5d8cf2eeb6
a78e90fd695370c486a2ed52fbd1adddd2415fbba006d7eb266ef83f31be755f
GET /casino/game/76120/game_d369c750e1e5c4951c70568a55a529b3.jpg HTTP/1.1
Host: cdn-mst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/jpeg
content-length: 103080
last-modified: Thu, 30 Nov 2023 06:03:52 GMT
etag: "656825c8-192a8"
expires: Wed, 24 Apr 2024 19:45:19 GMT
cache-control: max-age=86400
vary: Accept-Encoding
cf-cache-status: HIT
age: 3584
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qb44qaOd5rBw39BV0YK%2F%2BGeg9EnqFmS5uxwCTl6szkRSDvWkgREt4DnxN8iz8ykVYxE2cE%2BGpyf9wNu%2Fj%2BW%2FyNiV8RbDIV85QgIwwJ7jJURmjpJeYquh6g%2FBulG26w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ee3cfe56a2-OSL
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/kg.4ad89b3a703d225e1f6d.svg
172.67.172.109200 OK 3.3 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/kg.4ad89b3a703d225e1f6d.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash fd9bfabe421dece203f83b60e959d044
c7279d26eca26c4792d15e9b7c8d2d4ccbce8291
ab95d5231580ce59e072a7f94c891b66b4a50770e9f2d3982ab0e9a1eb323727
GET /spa-static/1.4.1453/static/media/kg.4ad89b3a703d225e1f6d.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-cf4"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gbi5AtWNR1cnO%2FHCykcddBhbvWoNow5W07r2RNeMS3yu9MiDvdli8D5iIt15yhph9kuO8O8ahHrFtgmOZgloeBNABAQ2phTQTcLaygG8Rx65fsHFMLP0RE%2Fi3XORn9eYz0%2Fa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e46fcd56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v3/payment_logo
3.125.159.65200 OK 328 B URL GET HTTP/2 len6gyisnhmb.com/api/v3/payment_logo
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with very long lines (365), with no line terminators
Hash 380c95bbadbe4352889e018de618d222
cdb30e3f4409fc190aeb9d8c36ff0e6ddd37b71f
a567c17f1f8204ea9ac199eab72bc5ac847bd56442556dbf7b6781b0c30b836a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v3/payment_logo HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: 7386fc27f1d4a43ca95d65b9d3bf874d
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:17 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
upload.cdn-mb.com/upload/images/sport%20icons/t-backet_mb.svg
172.67.172.109200 OK 2.5 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/t-backet_mb.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 45a16b1fc3c4232fada88b6e35cfab54
5d9210e2cc653c9cc1e1a6ee6c0f266e9fb8828c
eca6436d98f25bde8732ec7945b46b208b85c866da2e30ed648f5082e1c523c2
GET /upload/images/sport%20icons/t-backet_mb.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"a76d0a6444f6ebd393ca691173a2886d"
last-modified: Thu, 30 Nov 2023 07:18:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17BD28D1D2244E50
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 4002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWu38ijaQJGKscypXFe%2F0O0gof36nisC8SjOirOXWQrFe6%2FooEMj5N2esWJLn5Kspt9N%2B9Sf%2BfRZPoPmiYcr52XfHQ4q6Sv69QyKsftZTqssc4MWC4U359f3%2BB53TCUxs7x6Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec4f7056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/fiba.a120814ed8498e141c1b.svg
172.67.172.109200 OK 580 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/fiba.a120814ed8498e141c1b.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash ceaba0ab8c8438f8b3d78d6a6c6d4c97
91798576fedf6871d3746e5b9dc27eca3a40a540
9c4527bf56e87d0ad517cf17b30a5c45404dbec1c75ead61d459c8a76785f659
GET /spa-static/1.4.1453/static/media/fiba.a120814ed8498e141c1b.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-244"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKkDJsaf0vbEWT53wTcmHRS%2B48K2n9IJF7p%2BudIQ%2BKrBZugE8Jl31jsqIjwnQM393eV%2Bj2ocqs2OhunJ7ysFvxFHrNqW6Ln%2B4h2Yt7DG51EYEpbf%2FbvGYrOOZ0mEiY6s2Rlq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5a92556af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/atp.d6b0e58f2cdf6e4ee9ed.svg
172.67.172.109200 OK 4.2 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/atp.d6b0e58f2cdf6e4ee9ed.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash b32b73e3188cba75cdb7c01885d4a588
93983550cfdabc12a340342af50c84fc51f60a88
93d7c4df0ab0225f649fd57bc075d5e19e6b560be76f82ce0b1a3cb376a7effc
GET /spa-static/1.4.1453/static/media/atp.d6b0e58f2cdf6e4ee9ed.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-106d"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BWswqXwF44q8v9Nk774%2FIVWi6e0yqMf3HnRmyAUsWEjH5fYBJBwdkhYIMVANtDy9Qh5F7K6XzdyCkNR4O7mpGJKCvM%2FUhLEqqgUU1ZeJQ1GbLTHIaO1ev2BJxIRAhmJq2D2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5a92756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/badminton.svg
172.67.172.109200 OK 874 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/badminton.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 5bf4d485fe464e5c0e86bcf50959f6bc
619f807ff80993fbc639606d54e24f84eed56576
ee5af9bc7dc6fcb34688c16483d2b5cf159ee25556d16501fd964ba5c664740b
GET /upload/images/sport%20icons/badminton.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"87b5da47ddb7256e7df5583af208d5f5"
last-modified: Wed, 07 Feb 2024 08:42:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17C8D6F9F1E4F272
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2BTUEC2FafEuOCKtIswMlu02vcofKjn7LW8G5TKrB%2FJBY6XJla7JtTf6KJwYnu%2BrKYY2sopS5Vv%2Fu7n8wKXfhsrpcje2s67ntm1%2BLcgjwitTNpr2HuExpTYJlow6Ge%2Fof1Sb0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec6f9356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/futsal.svg
172.67.172.109200 OK 572 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/futsal.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash c9c01a37dfd47f32fef506e36efb2f03
1d605650364e808ab2febc1064efe4bca2a5f098
5b527d7801afb924d2a5809c8f2c8fdd81f81c3b244de4c6bfb0a442c6610046
GET /upload/images/sport%20icons/futsal.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"b2501eea1e12ddd2e9962deef1fa4fd9"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: a1fa336c2fd2dc07ed124b8a56fe646ff71a960ff9616c4268e18a83b1883276
x-amz-request-id: 17C2924A67C8A8C6
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IU5eXDHXh8BdV6rRAgPpNd64487eQ9A%2BU%2FaJ%2FL0np0Q9lAYSlc6lK4%2F7xWq5nR9kC1sGyzb7Uppb3lcxbl4290oYiIJNaAxjuckn2oyTEbbropjuMZCwKjOhgsEzJyU4ViEbgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec5f8456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/3334.c8a41e73.chunk.js
172.67.172.109200 OK 18 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/3334.c8a41e73.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (18158), with no line terminators
Hash 800c19e5ec4539b69cf6c4d7e80466b5
e5b725acb8d85bf5feaf42cd74fd0ccfa04ef474
d862572695523e285378ba56b3fe9cf9fcaf1f8284b67e1dbabe5f0c8b8e420a
GET /spa-static/1.4.1453/static/js/3334.c8a41e73.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-46ee"
expires: Tue, 23 Apr 2024 21:43:20 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 12417
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4giru9cYbHr63sQHxPm046S88TKYgWKhyTA1dL25ioFDYkw%2Baze5RyhXniGwcg2zKSecj%2BxBiQkVRL6ooRelDLEWgiXBmp0B50trD4NnS%2Fu%2BEoD5y9eXHXw1vBGus2g1QV63"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e72a8d56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/upload/images/payment_logo_image/RU/credit_card_mir.svg
3.125.159.65200 OK 1.1 kB URL GET HTTP/2 len6gyisnhmb.com/upload/images/payment_logo_image/RU/credit_card_mir.svg
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type SVG Scalable Vector Graphics image
Hash de234d2b7082a08b13cfc1735d725544
edcb2bc33c09389f4bdd84aa8e4da9687023d896
be37ba92096f20c7a399c92684e47aee2ea5d01bd61216113660590f71b4eb42
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/images/payment_logo_image/RU/credit_card_mir.svg HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
etag: W/"ab67eb03a6ae1b55035e83378d84a0bb"
last-modified: Thu, 30 Nov 2023 07:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin, Accept-Encoding
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17C8DDB8BD926668
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 21:10:17 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/uz.ba79d2974850ade2d036.svg
172.67.172.109200 OK 1.5 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/uz.ba79d2974850ade2d036.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash eb9dc787cab1e62f3b2009ff1441ec5c
6e8f0e878197a63de5b2a1f1e02779e746a92064
a5ef53c3440deeb1e05d88a605ab8c1299c353710f6b1299a3dda8b09ba651df
GET /spa-static/1.4.1453/static/media/uz.ba79d2974850ade2d036.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-5ae"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBdBkKWTg2HHYafHmPLAs6359kJxPvhAaUh%2BVg86nMFu92Kgxm6vHzZrFN4kdlXN1679%2F9vXhawA%2Fv6EEeHoGTub7DwgRq6Wv5HmaBZ3dkvQCK0WrAcsNYd59LQ%2Bvzf4VaJA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e45fb756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/ma.3b79aff17ae55b760333.svg
172.67.172.109200 OK 250 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/ma.3b79aff17ae55b760333.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash f34c64ebea680c8996d1e9139997ebea
1c3c32bd56e7b5a9242b821e78617f8e991bd39c
c5579118caeda34c212db7f37afeedd2982eca63c3df7c4b9f90fe5a0d51be12
GET /spa-static/1.4.1453/static/media/ma.3b79aff17ae55b760333.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-fa"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yoj7RemfDCtpj%2BD1C8M7G7dVcYPH5G4tvMHIH6ccAletAJq4RyYH3cd6L7BfzbFotkeF2glPQLZKtv55D%2FW%2BC1xaBhOvEUQNlY9uWHI0Hm94YOphCqP31LdyxD19EdEtHleE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4d84356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/749.b2158321.chunk.css
172.67.172.109200 OK 31 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/749.b2158321.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (31056), with no line terminators
Hash d5c4895dd3298b91dc135e7347cea4d0
24eda38ef204e77536d12eec873485c94c3a2405
01af95dc97bbce33ceac21878fe49bb50b4db3d1bb6e7ca97cd482b8abee02b1
GET /spa-static/1.4.1453/static/css/749.b2158321.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-7950"
expires: Tue, 23 Apr 2024 22:57:35 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 7961
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SIOZeiQE5ALTziKmVKGxZ%2FQJVubGULymplH9aHCfI1CTxqFlWNeRT44cl%2BHjGDvEEUdOczSe6yXTt5OZ%2Bu8xvHOUDO4yYMGj2ZwKAIjfUbOC%2FwQDD8D6knfEzO7BEO2xCRWY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e1bd7f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/apple.cbf1481204d20150372c.svg
172.67.172.109200 OK 533 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/apple.cbf1481204d20150372c.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash bb359828eb503954e0a104388e976808
0ad189c7689b8c8e7a2e54c33cb0bc62911dec47
67834ad87855ba9457191ecf7792c72fd29a9f84e3a333334d75f6e3ffb0f564
GET /spa-static/1.4.1453/static/media/apple.cbf1481204d20150372c.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-215"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vpqeaanTcpBl%2Bu5luyIj%2B0DVos6PO7Vz%2BtRp6wPHWIhlz9hkQKphps6gYnfqOHMYaSFcDwFjcsiYAqhl1ASfoupOxlqWlJMXJIWmGx01AGVmrgw1qh48Zp9aDFkHzWWCyBYa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e578f656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/upload/images/payment_logo_image/DEFOLT/2_visa.svg
3.125.159.65200 OK 896 B URL GET HTTP/2 len6gyisnhmb.com/upload/images/payment_logo_image/DEFOLT/2_visa.svg
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type SVG Scalable Vector Graphics image
Hash 077a8a4efd80d670f565efd6220b8473
c44ad5a89b027924fafc0da863019bf5cbce0916
49ad84a7acba41ca1de968c853cbd22d8b42822355dd5e2ee9671b06b1163ffb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/images/payment_logo_image/DEFOLT/2_visa.svg HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
etag: W/"c907d248716371bd5cb5c9be824251fb"
last-modified: Thu, 30 Nov 2023 07:17:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin, Accept-Encoding
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17C8DEEB79633218
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 21:10:17 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2
len6gyisnhmb.com/upload/images/payment_logo_image/DEFOLT/6_bitcoin.svg
3.125.159.65200 OK 2.9 kB URL GET HTTP/2 len6gyisnhmb.com/upload/images/payment_logo_image/DEFOLT/6_bitcoin.svg
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type SVG Scalable Vector Graphics image
Hash 9b440a2f7ecc86be421b025dc8146373
c9503a07a44248401b3545d0377acbf681d48c04
e6af575c191b257ad683866856fdd45630a81b35347ec053416875f63c2ac7ab
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/images/payment_logo_image/DEFOLT/6_bitcoin.svg HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
etag: W/"b39c5d29fc49b5828cec77f8c68d7b8f"
last-modified: Thu, 30 Nov 2023 07:17:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin, Accept-Encoding
x-amz-id-2: d9f9c3a4ae1ee6a8dbb2d3b306070026e56ac66c25360192e0f990b84c8e2bf2
x-amz-request-id: 17C8DF3F154CEC04
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 21:10:17 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2
upload.cdn-mb.com/upload/images/sport%20icons/counter-strike.svg
172.67.172.109200 OK 3.1 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/counter-strike.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash df2de70c21140d95d0416d32fc5e5197
c17b756722dd15be54d0e13f581e0d501edae124
61098e7367c8c9aaec8cae5ed2b4b794e8e008f53e678ea522aef20ec05b6b1c
GET /upload/images/sport%20icons/counter-strike.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"8fc1052b6b10859b5a93e0f6b0be249d"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: a1fa336c2fd2dc07ed124b8a56fe646ff71a960ff9616c4268e18a83b1883276
x-amz-request-id: 17B18A45E1F6DC26
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BaswAIF8ShenPM%2Ftlo7rK62ZwBbJOffkC1ANZJmuBopqqp5kGu7jmCIzUElwArubwONFFkm5mCW3yztQTv8uAhZTvi87hFIk6bgIBsYtYWRFKe9lg0%2B8ZdvZzq5r7vh9kJhBTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec0f3a56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/3106.1c39dd8a.chunk.js
172.67.172.109200 OK 16 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/3106.1c39dd8a.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (16346), with no line terminators
Hash 68cf3ed55612c6de2e3300b99ba199d9
93987f1b120f07f621fd7f6a565fae84f1a4fe66
6a931270305e2c0870f6de3617a8b2e0fc3521866a23bd10b5f03b1b9b04ac5f
GET /spa-static/1.4.1453/static/js/3106.1c39dd8a.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-3fda"
expires: Tue, 23 Apr 2024 21:43:19 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 12417
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iKgqlgyTl07sEuwKwhJ%2FUJlRyxmNtnxnYcxOmFaT7BTGJIjIRsE5cO67O1xhz21s6AG0NiSSn408MjPshlW%2BG4g7K9d89Qx54JoJtEk7h3psxZcQi54Ps4EMe0M80E4Zbvdv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e3bf3456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/co.4c87d079860a09479706.svg
172.67.172.109200 OK 289 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/co.4c87d079860a09479706.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash e63af85740613656d04ba0dea9667134
4516020d51b5699c0485fdd4b4d74a1e5d32f36d
533a941263852531c7c80d430cbad0402f49661a3669896bbae70b625afc6933
GET /spa-static/1.4.1453/static/media/co.4c87d079860a09479706.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-121"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SglojIJggkz%2B%2FEb%2FWOFEQVcObP5hFpf3zhrklKdV4vfZzo9X5k%2FXS1kudiIBquovq4%2FlHf0offGdrG%2BiIUc4lFoYc7cvT1DkbQ83IfIPaXLT%2F%2FFD5%2FCmd3U8NBBzOTvMbGy6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e47fd356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/android.dd4e4ba3ee281d0c0174.svg
172.67.172.109200 OK 624 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/android.dd4e4ba3ee281d0c0174.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 0ac4c5ffd0cc8107b89f53a6a39fcfbc
c234a9f5d9f92e71aeab4b4ccf279231d0991161
dd39990cb77626ae78bd984224daee81e2b29d6d9646538cda7480731f2ee955
GET /spa-static/1.4.1453/static/media/android.dd4e4ba3ee281d0c0174.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-270"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEcnAo34KPaSqDlujL4rT1yJ2QDPfOmUBsK9GaO6WDvpJqfAXIugUW%2BW0BDSr8ksm%2FXQ91npujQnKlPxHU98vFa7VkzlbyiaVd7V2H0l3uB2URAGfNBtHljM3JIgsuEUWXZN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5891356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/timezones
3.125.159.65200 OK 49 kB URL GET HTTP/2 len6gyisnhmb.com/api/v1/timezones
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
Hash 6c2ce0991a71f77d93a9e5394d304413
645bb589ea5049f22faacba3cde1c6b4da84f182
62bd95178900e768767b2f72548858d0add4b0d79a62dde7b87c1680028ceea0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/timezones HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
etag: W/"6c2ce0991a71f77d93a9e5394d304413"
x-request-id: c03bac79179dbd635ffe6ec1a935ea37
vary: Accept-Encoding, Accept-Language
expires: Tue, 23 Apr 2024 21:10:17 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
upload.cdn-mb.com/upload/images/sport%20icons/table-tennis.svg
172.67.172.109200 OK 782 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/table-tennis.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 67b4b6da3cde9b4f9570c43f816cade9
605b1a89993ceb10ec8ae925cc5d66e6859bb68f
7931d4a70497454796617af041c698cb5ff18346adbd55036277c700d13db5b8
GET /upload/images/sport%20icons/table-tennis.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"0c6ff92b7626b24ff8f3eadf15dbec7e"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17B83292A01D1998
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102013/ctime:1654102013/gid:33/gname:www-data/mode:33188/mtime:1654102013/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 4002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEucUMQjJYlB3RByPIwgqd1mx1dmLsScAt3ACyPc1ogJbLCWpQTuomg5rrXz6I6SaSxgrMCTPZLvRBiN1hIMPYzAIavcXKP0auGOLKzLq8qh%2F5BJU0v%2FU4Xagkltb4p2YN7o5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec1f4b56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/9207.f0dbf499.chunk.js
172.67.172.109200 OK 975 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/9207.f0dbf499.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type troff or preprocessor input, ASCII text, with very long lines (999), with no line terminators
Hash abc66296b7b8d8fc11c7cd278997c678
4b20a3e2ef4cae3aa22f12da7f0929103ca0d6c5
ad42dd91204a0742e963bd75d436f39f72cfa770347cd70f0457b9c82aa55a2b
GET /spa-static/1.4.1453/static/js/9207.f0dbf499.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-3cf"
expires: Tue, 23 Apr 2024 22:57:35 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 7960
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1AXNxhRHC%2BqJGn5QWSIaMDi7OwTlF0jitIzjSJZTLbGTkv8WLdlL%2By4zogEJkUQh8%2Bj8SPuvH7ufFaUPvTYqYsSB3KYXz4IDB3TwGDClNoIO%2BFYldakmcIN6tNosGDlWPRD5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e34edb56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
node-sber1-az1-25.jivosite.com/widget/status/561276/zV6xlxr9an?rnd=0.8777141397615159
87.242.122.191200 OK 1.2 kB URL GET HTTP/2 node-sber1-az1-25.jivosite.com/widget/status/561276/zV6xlxr9an?rnd=0.8777141397615159
IP 87.242.122.191:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoDaddy.com, Inc.
Subject*.jivosite.com
Fingerprint48:23:E2:E5:0B:0A:4E:4F:CA:AD:65:27:8E:22:2A:8F:87:B3:6D:F4
ValidityWed, 05 Apr 2023 11:26:25 GMT - Mon, 06 May 2024 11:26:25 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1265), with no line terminators
Hash 2648a4c017276de435586d5a3bd5df12
f12d1273f8d193f5741df34ad9220a8a7031775c
5fe507dead1b98ea4806613be80b6ae1cd03fda3162fb9925cafcd4d41d751f4
GET /widget/status/561276/zV6xlxr9an?rnd=0.8777141397615159 HTTP/1.1
Host: node-sber1-az1-25.jivosite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-max-age: 1728000
access-control-allow-origin: https://len6gyisnhmb.com
access-control-expose-headers: X-Geoip, X-Botmode
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'none';
content-type: application/json; charset=utf-8
pragma: no-cache
server: foxy/3.3
x-botmode: no
x-frame-options: DENY
x-geoip: NO;03;Oslo (Alna District)
content-length: 1168
date: Tue, 23 Apr 2024 21:10:18 GMT
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/Roboto-Italic.87f3afe16a8c3c370634.ttf
172.67.172.109200 OK 170 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/Roboto-Italic.87f3afe16a8c3c370634.ttf
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoItalicRoboto ItalicVersion 2.137; 2017Robot
Size 170 kB (170504 bytes)
Hash cebd892d1acfcc455f5e52d4104f2719
65f3f6a7e1bd2fa6f2df35e4b07775d7f1dde4f0
99e4a85061136e99e052929ed0d85e36384fba5c34b773139a8f64339c609943
GET /spa-static/1.4.1453/static/media/Roboto-Italic.87f3afe16a8c3c370634.ttf HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: application/octet-stream
content-length: 170504
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
etag: "662648dc-29a08"
expires: Tue, 23 Apr 2024 22:14:30 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7%2FoEZm3wjT1fIax0UWhm5bvye%2Fjzr4l3G0wllhDUJCLiKHVlQwsDxif7Fdofb8Ml4norn%2Bk0pcJys9WeVXlfPhghOwc4%2FZ7sNY3%2BtgtSwIqQ7EHDOTWgjzn1VhXZ6zheyo5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8790d6eb7ebf56af-OSL
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/t%20kick_mb.svg
172.67.172.109200 OK 2.2 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/t%20kick_mb.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash f21297344ff833083244a3326c28550c
2f03232701bf13eafddd1b438ede2669ed6b3d4f
a22afa4d459b3ab64f0d07615ad837ea918fd7b2aaaaa50205aea06d9d08a07e
GET /upload/images/sport%20icons/t%20kick_mb.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"aa45a5522b886c53e8b64e0e6db4001d"
last-modified: Thu, 30 Nov 2023 07:18:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17B1818E4508A9E2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 4002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hnvNbiA6d586IBOK3KlWh%2BY78StQ4n0GJ3cJTwjgUWLtjVDiJGi6ZI23qh3E%2BLZ1JS0IkKJfgankCKbzNWwLjzfbQQaPZ9AkOe39C3o4Nbf1s2N5ZSBoyLjapg5%2BYr1qRvfpzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec4f7756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/connection/websocket
3.125.159.65101 Switching Protocols 0 B URL GET HTTP/1.1 len6gyisnhmb.com/connection/websocket
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /connection/websocket HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://len6gyisnhmb.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xl2olX5wLdnhFvAoEAVFXw==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906616.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Tue, 23 Apr 2024 21:10:16 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: 82DTB8gQ+5p2EtmXMYIQ0tfOd1M=
front.cdn-mb.com/spa-static/1.4.1453/static/media/cz.1b3452b8ce83987fb494.svg
172.67.172.109200 OK 232 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/cz.1b3452b8ce83987fb494.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 69f414443aaf4943c89cf73700afbaa2
a43faa392ef768cddb79015c992efb9817207a84
d79b712ad282bb991f6d441cfaa993c45267b37045ffca90277c5ae0d42d7fce
GET /spa-static/1.4.1453/static/media/cz.1b3452b8ce83987fb494.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-e8"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azJXUiw3fGfVK%2B5QS7r8N%2B1aAGtG2SrXSVpn%2BD0D3hf2CSwDiP5kj6PAGgpEtnl7yhIV9%2FwNpinO8LzFRkyIS92RkIvzA6z0Iq4%2BJXSXl3xORyAZfuuQ81ZGBlfbemezu7ys"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e49fef56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/9336.1a7bb566.chunk.css
172.67.172.109200 OK 38 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/9336.1a7bb566.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (37634), with no line terminators
Hash 60133efd24e45fdccdfb4215dbbe33a8
a71b0bb6df3b7d107377e61505ce1f14a22f575a
d3698a880fc72a6bf97a0aaabc46ce74c7f16baf47b19f1cf5e698dd631c3aa4
GET /spa-static/1.4.1453/static/css/9336.1a7bb566.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-9302"
expires: Tue, 23 Apr 2024 23:18:30 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 6707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SWhKc5ufemF5sx5FLtAVGTZW10o078nmU74ZN3IfVYkrwpT8TVFSfqsDrgvlbJ77YRLyYWEpYioEs6NkRNtfxDpdfOBWounrlo0uc%2BaGPB3i%2BNvsOcbDB07cVetTweyZLOpI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e73aac56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/gift2.45bfe9dd1ca64a744e62.svg
172.67.172.109200 OK 473 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/gift2.45bfe9dd1ca64a744e62.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash dcc856db13589a74c00f2a2ab97a5714
5dde79e7929dec4d92a593ce400b37dc46fcba69
3cb251a0cd23d0fcf442abaf0c748cf0ba7353da112f338b2a157efc4842f355
GET /spa-static/1.4.1453/static/media/gift2.45bfe9dd1ca64a744e62.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1d9"
expires: Tue, 23 Apr 2024 22:52:17 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0IwuqdQeBEIEd172Iyi8MLiqirEjeSk8os34KiWhDSnlbePQD9nHs8SuPtYuVZN%2BeylIW4t4aGewz5JCj%2BC24GxR6%2BL05EXtLLoLxZbZU7tqtx6GLEZJBUt1l2JIU6VqM1xi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e578fd56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/upload/images/payment_logo_image/RU/Tether_Logo.svg.png
3.125.159.65200 OK 67 kB URL GET HTTP/2 len6gyisnhmb.com/upload/images/payment_logo_image/RU/Tether_Logo.svg.png
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type PNG image data, 2560 x 817, 8-bit/color RGBA, non-interlaced
Hash 1320a67b3392ed2bfe9e3734ddfd2d2b
952aa8ceae4362e33e4e7de372694a37bd747eb5
bba0f811185072747208aa5d22793e3fa0c8f4048a5496553872f452845c0376
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/images/payment_logo_image/RU/Tether_Logo.svg.png HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/png
content-length: 67278
etag: "1320a67b3392ed2bfe9e3734ddfd2d2b"
last-modified: Tue, 13 Feb 2024 08:35:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: d9f9c3a4ae1ee6a8dbb2d3b306070026e56ac66c25360192e0f990b84c8e2bf2
x-amz-request-id: 17C8E48129D6B3F5
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 24 Apr 2024 21:10:17 GMT
cache-control: max-age=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/2415.773e3880.chunk.js
172.67.172.109200 OK 10 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/2415.773e3880.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (10381), with no line terminators
Hash 0e1fccdd457127fb804df78858861d36
289be02b8a6e507e943cf1dd9d6ce7cb26b54e68
d16ba31e363a37158aab9a1e32386049c20013b84250f8952f892d1956dced29
GET /spa-static/1.4.1453/static/js/2415.773e3880.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-288d"
expires: Wed, 24 Apr 2024 00:28:03 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 2535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oAs6vztdASKGUdnqpjXWUjhQYDTuipMoCwyUaXFDF1WHDfZ4H%2FMJuRPpiAD0CNCb5lufpYmkYiqFIYZvGyFAIjJQyuC68KpTGXhk5QlGOdaHMHEa5XJHQJ4vv%2Bt8Iyav26sM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eaae1256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/1151.c1ae6cc5.chunk.js
172.67.172.109200 OK 20 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/1151.c1ae6cc5.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (20478), with no line terminators
Hash 86479478b31cb43f6825258ae6d29217
c8d8bc0603a00f6fca90b2acaf69185a79ceac96
eea6dccc03a83268561609b2a20059fed3492e9ce9acc7a031b3236ce45a837d
GET /spa-static/1.4.1453/static/js/1151.c1ae6cc5.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-4ffe"
expires: Tue, 23 Apr 2024 23:48:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2iu5tJKdx%2For0LGV2by7GtZ6%2FdQg8zSByfPE4RVq%2Bofl%2FbVP7sd9rAqjwG6TUInBF0BGAUwFjTXBLjDr2YX5QxXLJrWYhvuAZqhU54g%2B9RuxTEEW%2Bgb4Ct1UprXVO0RE%2B1OK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e1bd7956af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/436.11401859.chunk.css
172.67.172.109200 OK 111 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/436.11401859.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with no line terminators
Hash 888ce7cfff17e6d51f340286c9f028ee
a12d6b17df7d44283c6091b9b72d9626ae26d196
596faf4a56cd93b94a84858ad3c54c3bcec5cfaff81d17c26d5a36c687510f57
GET /spa-static/1.4.1453/static/css/436.11401859.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-6f"
expires: Wed, 24 Apr 2024 00:17:45 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3151
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ItjA43RX5q6E1uLjscGcy9gQ%2Bp2HvAlPuN%2FHlzf%2FkOz4Wn0vVjKHUJinSiduiH0HlspJrvn%2FTpAn1gZ%2FQDXnE%2BC0thnDibqVr2hWn0j%2B6EPZfwfJn8XjlJYO0snqvcAz0gg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e31eab56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/eg.c6ff8d6c3057865a32f1.svg
172.67.172.109200 OK 9.9 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/eg.c6ff8d6c3057865a32f1.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash bb28375e81e89cd6613a519ddb609a86
47ed02d1fcede0ecda5720a1ee8bbdfb2f03d458
c41cda1b34e55be99eec7ca5532d584e969af70140b625e338d096399d80b824
GET /spa-static/1.4.1453/static/media/eg.c6ff8d6c3057865a32f1.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-26b9"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMK411SU3q8DfVDY9xsAUiDQAzHVNmth7x3uUu33AwVVUq7UPkUti6joSHt4POlgVvY6RRUwPSg6K11HUxem6m%2FAkSnwO9UGFKGR93%2FZbPsfQvwxVgHODtzepPKpjdOetK8h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4e84456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/gift.4e1ed5f86bcfa75e6cc1.svg
172.67.172.109200 OK 1.3 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/gift.4e1ed5f86bcfa75e6cc1.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash d7bc03259eb36491e26b0f780ad196a9
193fba5f9e479890663ba4d5cae3c8e263552be4
cc23687b34897eb30d13f39b55aa1e6782f4b344f53233875d3013348c693f2c
GET /spa-static/1.4.1453/static/media/gift.4e1ed5f86bcfa75e6cc1.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:22 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-4f9"
expires: Wed, 24 Apr 2024 00:37:54 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfeYVEAC%2BVtOSdFUCbik7l6bgV1X9Ekb9jnTLWAnHDhh9FhzAOdqWarFnOh6HHOuv5fNHhfFrlVSHub25rnWdSda2SJA4O2Mmhok2ij4glZe4J6NA1A5%2B%2FHOsMX7EWsc2tJS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d706ba6656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/am.36fc7db319e532bff785.svg
172.67.172.109200 OK 231 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/am.36fc7db319e532bff785.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash a7a10f1da96b115f8e61d169fb7da571
08104b26aaeed70adc8072c8fa9e470d233d48e0
a6fea2d7a923b1ffa8a3c59141784943531e312f87b6566f418bc75ed201b4b4
GET /spa-static/1.4.1453/static/media/am.36fc7db319e532bff785.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-e7"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjx2hToL9S8sPHS%2FVV2Fzxg74%2FhlFMPKbIt8lMi9u%2FvObd7gS7Wo7OPZGWQjp31xcV6EiGJGtLP3u6W2SLSxdkZdmJ0S7UiLgBz7bVj9AFLxsMyFQWboJjdMWPs9hM2wTn1Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5189356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/nba.a786b1cf389f34eddf1e.svg
172.67.172.109200 OK 1.9 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/nba.a786b1cf389f34eddf1e.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash ce8ae04505fe2a57720c892ebc26e7eb
dcf9d203e4f7bc0a9da37c1b1a6782975c64e539
8ec30abd130f244ca085f41a7c45b7a5a2a02be99d0769c28164f81de61eb1b2
GET /spa-static/1.4.1453/static/media/nba.a786b1cf389f34eddf1e.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-793"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CLejbRIrBIbl6LYp8t8ryLahPKWIV69R0ed6r1jdTNFwatBEu6R1N6kk8Tk0XhJpYkYGs%2BFIjAIZVHeyk1gnD2sXqYHiAkZb4NbeLyBEKnQQHz6KR0nx8k%2BaRwtVgE4YPbd%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5b92d56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/2845.33c6a216.chunk.css
172.67.172.109200 OK 9.6 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/2845.33c6a216.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (9612), with no line terminators
Hash 3c242e280a517dd21796293e237c8bbc
9d3d5d4e53e53c1df8d83f5eddc260f060e3432c
8542a3e5ff767d0ae8669843444093d30f0e9c492266c7c71d56bc4f3189e0a3
GET /spa-static/1.4.1453/static/css/2845.33c6a216.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2582"
expires: Wed, 24 Apr 2024 00:17:45 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3151
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hpw9QpfYTbKpTzR%2BvWmWeyUCcGSITPHjecYZyjNy3%2FFPsdtL%2BNHMn88T4vl4SX9kVp3kXK8miGhyrtnTmmJKMpVC6qfqVN6CkZy3mXMekx4z7BdXOi8sm1TXOiy11sIfae%2Ff"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e33ec856af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/ru.f760036294e1fff52a9a.svg
172.67.172.109200 OK 290 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/ru.f760036294e1fff52a9a.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 8bc255c4964aec05c6b37cd9829df956
4fcceffa561dac4bdd60b4328d2de7f65af9deea
f7a3b9075712676245523967350248a0f5d00e52a9c9fd4d6601e75d8f587993
GET /spa-static/1.4.1453/static/media/ru.f760036294e1fff52a9a.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-122"
expires: Wed, 24 Apr 2024 00:26:51 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 2605
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CvnCtBIRUl%2Fu30C%2BI%2F7g9mHH6dUmiXIWvMIhah0aAwv61AmYInkcoGsNyGjm4SDVilKzLCRFL8p8yvlPbsRKQzNHXTPmqYlsyrUDd%2F3KvJWxySXPpQjt2SN1nkGeRrq4AtN3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e44fb056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/by.da99aaa559633b439aa3.svg
172.67.172.109200 OK 6.1 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/by.da99aaa559633b439aa3.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash d81bf5c3432d529023c99c9b5aaae172
08d5b413fb3f215d0f48a20cbf9abf9e8f47e724
1bfa56a594b31db9a3c357469d07d010b2c32a40eac7e5a178b848d6c70b01b5
GET /spa-static/1.4.1453/static/media/by.da99aaa559633b439aa3.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-17c6"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtrkFgRuTVKSB8Ps6hdpiHce0DILpFLGhLBI6QX9cr3ZN4ExoahITbNIAPZ3mw9WEO8IwKql0SHwAajyZjsVFgkTH0ljHI1kPjh2NrCmBXaCpmpKu0GNwZBsGPTFWdjIxLae"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5189256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/boxing.svg
172.67.172.109200 OK 701 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/boxing.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash c0e0d6b8db18d363072a10e3da3d3a9b
e63d4dc3d724bdea6a543bc28182ce778a76c286
02a2a9eeeef204623db7f3de8cf83d13fe5519e6327e9e71c66641e3d3cf7f51
GET /upload/images/sport%20icons/boxing.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"2ec39f394b6498f966790e9e8547cac4"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17B1881DBBAF11A5
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ui5WEDbPNZ863YbZcZL4Y%2FycUxf6mz4BVML1tOObgaO%2FwRg%2FK%2FqA2P2BVP15eaEttDQxPHnEFUbXeHKJe21cQW%2F%2BhpvV9o%2Bl0g3LoDPBy9JPSE92TEvE5StjkzCDi%2FpgS0pTMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec2f5b56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/ae.23c174705b39d649ba43.svg
172.67.172.109200 OK 262 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/ae.23c174705b39d649ba43.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 83b0a4ddc590e14ca5c12412a4a0a23d
0ee49626edcbfb7ffc68946900ebd28ee17e12fe
117ebbaaffba92775252a77996260cf1ce524e287a8779f15b8b9370e2ef0bd5
GET /spa-static/1.4.1453/static/media/ae.23c174705b39d649ba43.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-106"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ahlhOsEvDbCHcoYFh%2BCyeImrs22b4sXcjlrWmkF8JSc%2F4njpoW2qFY6ia5Wxcc2WKdXL2nzv8sVjefcI2McuH3zcOpXRE2KEL8PiXWag%2BC%2Bcb6bzEfs9qVkSs6upFMOin7I4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4e85356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/7936.40d60938.chunk.js
172.67.172.109200 OK 14 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/7936.40d60938.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (13686), with no line terminators
Hash 8e3252bd09f6aa1baf0cba58a3161340
1198a5f88bd0413a671ccb82a7ab412b7b215756
5a2bbedeb5855f323a70485cd16ee9d28aa14ec9ec206385ccad554f210a231e
GET /spa-static/1.4.1453/static/js/7936.40d60938.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-3576"
expires: Wed, 24 Apr 2024 00:28:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 2534
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxvWD0mIryzKZbwvEhURob4TDqCg%2FwuHuTPYQOlP21FtoAdJgsT7XvVwIv7VhWbrFAC3gDXUsf73lFlqomVSwB27aTLs%2BBcaH3%2Bc1EU3Kky9LrouiiAEkgOHiVkApjf%2FFVuh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e83bc456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
agstatic.com/games/pragmaticplay/vs20fruitsw.jpg
54.230.111.13200 OK 117 kB URL GET HTTP/2 agstatic.com/games/pragmaticplay/vs20fruitsw.jpg
IP 54.230.111.13:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerAmazon
Subject*.agstatic.com
Fingerprint0E:4F:35:84:E2:C6:81:0D:F2:72:CC:66:C5:58:96:AA:F8:27:11:08
ValidityWed, 24 May 2023 00:00:00 GMT - Sat, 22 Jun 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 640x480, components 3
Size 117 kB (116911 bytes)
Hash 434ee4b1b437f0ff4f9e6c42a3bf8449
8f1cbea0a355cf738bbd4fde2676fb5a46b43ab7
25b68a8b8cdbeb9ccd91a37b8963559230d3863dbfaacfa8d85a0367e5b49e6c
GET /games/pragmaticplay/vs20fruitsw.jpg HTTP/1.1
Host: agstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 116911
date: Tue, 23 Apr 2024 12:02:17 GMT
last-modified: Tue, 26 Dec 2023 14:28:33 GMT
etag: "434ee4b1b437f0ff4f9e6c42a3bf8449"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: lJauY2Ya3ffomw2UkvLemgq4Ulnh8AjFJ8IzzA_6iOuZDPGuLWogsw==
age: 32882
vary: Origin
X-Firefox-Spdy: h2
len6gyisnhmb.com/upload/images/sport%20icons/basketball.svg
3.125.159.65200 OK 756 B URL GET HTTP/2 len6gyisnhmb.com/upload/images/sport%20icons/basketball.svg
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type SVG Scalable Vector Graphics image
Hash f04ce1289843463ff5592821ec2a6696
983bde845ad68c89179491c11f015121a29ece71
d315e06ed5ee340e4160e1edb34f1a536d06f8c1bb200bcdab684072941795bc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/images/sport%20icons/basketball.svg HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906622.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:34 GMT
content-type: image/svg+xml
etag: W/"36bb04b1b885eaf911605243b4be3987"
last-modified: Wed, 07 Feb 2024 08:42:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin, Accept-Encoding
x-amz-id-2: a1fa336c2fd2dc07ed124b8a56fe646ff71a960ff9616c4268e18a83b1883276
x-amz-request-id: 17C8F022C39C8A2D
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
expires: Wed, 24 Apr 2024 21:10:34 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/Roboto-Thin-Italic.02afbda944ad0b9b6d4e.ttf
172.67.172.109200 OK 122 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/Roboto-Thin-Italic.02afbda944ad0b9b6d4e.ttf
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type TrueType Font data, 15 tables, 1st "FFTM", 28 names, Macintosh
Size 122 kB (122216 bytes)
Hash bc36d7f436fa7a3800e32da47638afe2
11f24afcbc37d4997ad2714a28635cb7d20a42e1
bf188eefaad591e650a341b892eca7e5e0f94f44fd7c01825c357909920c4305
GET /spa-static/1.4.1453/static/media/Roboto-Thin-Italic.02afbda944ad0b9b6d4e.ttf HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: application/octet-stream
content-length: 122216
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
etag: "662648dc-1dd68"
expires: Tue, 23 Apr 2024 22:14:30 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGFQJjEGqAdxPEviWAurqX0Cwy1t%2F6oYjodnfBIs6L9dXDo4DiMAP4Yl7%2Btil3Q6PP9e2tydKyYqwA%2BXVw8%2FhbyCt%2BI9VmNJIwq%2F7hiGLKRSdmibEjs5THY0b8O%2BRtVait6U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8790d6eb8ec956af-OSL
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/snooker.svg
172.67.172.109200 OK 489 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/snooker.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash d801f21f65fde49188dc9c147628a131
bf90c5f31acd36f7340f17b277f0d928cf7cf205
958f1d0397bf0d12cc320f58c8bd392a5494e0460aa1390a2eeddfde4112295e
GET /upload/images/sport%20icons/snooker.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"38f2f477f40ae74e4a4d63c6ac392eda"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17BACBFD9113BED1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 4002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wTkruPojPAGjQ2nobmbbrxD%2FNf6AjP4S7H9K4vbTcf%2B3M2sW50whn2Mr8cGrKlLnVUDUOZbBx729VidpIHkIjCiUjt58AWSirHLXjM3%2B3fme97cJmqRhRQCJ5PTCx8Tz1O%2F6ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec6f9856af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/odd_formats.json
3.125.159.65200 OK 593 B URL GET HTTP/2 len6gyisnhmb.com/api/v1/odd_formats.json
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type ASCII text, with very long lines (706), with no line terminators
Hash c458916f4a4a7cc710f5699229b71460
88c47c2a0f46071ea92e597dddad758048f907ce
85214e8bce6051dd79429bf7dfbfebc8019f98e5d9de7836701eb1812502c835
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/odd_formats.json HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
etag: W/"20a38d1f96b65c665ef75281603581a2"
x-request-id: a422836b1120dc149661378ab18b8166
vary: Accept-Encoding, Accept-Language
expires: Tue, 23 Apr 2024 21:10:17 GMT
set-cookie: _odd_format=decimal; expires=Wed, 23-Apr-2025 21:10:17 GMT; Max-Age=31536000; path=/; secure
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/instagram.5b743c38a3667ac925c3.svg
172.67.172.109200 OK 989 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/instagram.5b743c38a3667ac925c3.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 83735daece6434aa5fd14d9bc142fd20
6b591bf6fdcf99a5a26ac4960e2faf4da066d50a
d4689e6907043a27afff69dba2339fe270a33fcce0c6cdd9ba2640838b8f981d
GET /spa-static/1.4.1453/static/media/instagram.5b743c38a3667ac925c3.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-3dd"
expires: Tue, 23 Apr 2024 22:52:17 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2T5UeFZ79C1j0znNRBxQ78xsbdoCbfKZZ0ZOwZnoqHkRD4Nj2Ltp5mapKWFoFEZDIf4SzpbNr9j7JVB%2FwVlyxlDvnK0xJD32yENVLOxJqsPl7YErqAe4CuBtGQFhqcXE%2FJIO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e6096f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/logo/Mostbet.png
172.67.172.109200 OK 3.8 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/logo/Mostbet.png
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type RIFF (little-endian) data, Web/P image
Hash 44419eb6bbfaf4723e7a9123b10edab2
382709fefb8bb91669eb6d58b39a25ea8d4bc70b
56ede42429e6bdc8ae94b923228fc4d38b98dc128e9cd66a58186e3708454021
GET /upload/images/logo/Mostbet.png HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: image/webp
content-length: 3804
etag: "44419eb6bbfaf4723e7a9123b10edab2"
last-modified: Tue, 23 Jan 2024 22:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding, Accept
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17C05B35183C02FB
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-contentmd5: REGetrv69HI+epEjsQ7asg==
cache-control: max-age=345600
cf-cache-status: HIT
age: 6085
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rXJjNtirI4XaVwU3m%2FxIwzYGPwGaeAxXtG%2BsrWfTWdBNG68q10nduS72m4KRQwcj6ByYvyszLhVs1WAc04dNl71eZdXGaAiGYRQdwBknfgzvZ8PfHBGUrTR%2FO6doYOY58OPucg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e23df256af-OSL
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/tr.c3d773f3ebbea061e963.svg
172.67.172.109200 OK 575 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/tr.c3d773f3ebbea061e963.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash acead8953a32d57822dc477cc163e873
f561c1a64e4531d18d97409e08873682728652fd
02056d39c1758a6aa365f63de254f9e81fefd7d827a76b4450b51921412a34af
GET /spa-static/1.4.1453/static/media/tr.c3d773f3ebbea061e963.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-23f"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BaxGiSz1NbZ77BBeZvXZiqquPUlnPRveOI72Z6ow6MC8OoFZb82rQvzt24k%2Famhd80VG5dedRQgZ05ZO86rWzmpOX1eupe7H6hJynpLKNFlc1bSTXag8CdgRjwbmQzj8mo3p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e45fb956af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/news_background/bg_ftb_dec_2.webp
172.67.172.109200 OK 2.3 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/news_background/bg_ftb_dec_2.webp
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type RIFF (little-endian) data, Web/P image
Hash 05cba90b6b3ae89384aa1fde760a5a87
8cce1e281bdfe4f8befdf7b07c483adca78e1ee5
372dd136d2cae845d9d89195dedccbdf5a50f85e8d32c23110c14cf39fdbae71
GET /upload/images/news_background/bg_ftb_dec_2.webp HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/webp
content-length: 2252
content-security-policy: block-all-mixed-content
etag: "05cba90b6b3ae89384aa1fde760a5a87"
last-modified: Fri, 19 Jan 2024 19:54:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 17AC9A7F2C860D09
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 3651
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYlyiXJvF6zlsbs5f0y67GA5NjvoExgAeYhdl5Sbm1AKWqkARZ1nS1uiO13M7SpBAuzUL%2FyBZhPDgvZhCLhNjW75gpILgxvsLajXL8v%2BDsb8qXxEd1jaVPV0HJ4i54mfhjAf8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6edf90f56af-OSL
alt-svc: h3=":443"; ma=86400
vi-sber1-22.jivosite.com/zV6xlxr9an?a81c5df15b01c435
178.170.196.233101 Switching Protocols 0 B URL GET HTTP/1.1 vi-sber1-22.jivosite.com/zV6xlxr9an?a81c5df15b01c435
IP 178.170.196.233:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoDaddy.com, Inc.
Subject*.jivosite.com
Fingerprint48:23:E2:E5:0B:0A:4E:4F:CA:AD:65:27:8E:22:2A:8F:87:B3:6D:F4
ValidityWed, 05 Apr 2023 11:26:25 GMT - Mon, 06 May 2024 11:26:25 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zV6xlxr9an?a81c5df15b01c435 HTTP/1.1
Host: vi-sber1-22.jivosite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://len6gyisnhmb.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tT/6qAGZVvqYxURijSFkkg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Access-Control-Allow-Origin: https://len6gyisnhmb.com
Sec-WebSocket-Accept: XKpRephrHwDR410nUs9i0r9cZLA=
Server: hand/3.2
len6gyisnhmb.com/api/v1/countries.json
3.125.159.65200 OK 36 kB URL GET HTTP/2 len6gyisnhmb.com/api/v1/countries.json
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
Hash 3ad0380dcdd7459b76c59da3a6bef91d
003579e0c76bcf5b1fa9d533d232edfcd9d10c30
811f0c9ba9bd7397416ee3a4e13028b6fe2e986575e738409104f1b57ddf9f40
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/countries.json HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
x-client-platform: desktop-web
sentry-trace: d2414d3176d9425a9c0db1501fa538d2-b8558f0d1b929d57-0
baggage: sentry-environment=production,sentry-release=23cb614f47bbc2f7b6eb478dcdfdec2f50952808,sentry-public_key=4a626086556647d191e62e9bef5eb347,sentry-trace_id=d2414d3176d9425a9c0db1501fa538d2,sentry-sample_rate=0.1
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906616.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
etag: W/"3ad0380dcdd7459b76c59da3a6bef91d"
x-request-id: 32fe041205aafcb3b01b865b7b568ec3
vary: Accept-Encoding, Accept-Language
expires: Tue, 23 Apr 2024 21:10:16 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/lk.93412c6fbb52d5bb809b.svg
172.67.172.109200 OK 11 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/lk.93412c6fbb52d5bb809b.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash f54e1ef96c3b7670cd8de1ffdaa7f085
138826e2252a3b062f7fa96a15370e25757671f0
379d62d2296d30d484a1c0469582d3a95736284bcdbc58e9d6bcb4f648836d1d
GET /spa-static/1.4.1453/static/media/lk.93412c6fbb52d5bb809b.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2bf6"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7clEOVGbfEbmPBjwXnxnYKVxERN4tLDZ8uQL6Uxxu7gkws%2FBbXmCHgWqvK0j0Xwg5PwsZhX3d862TMOkBdBL7ufdXkbgN6gxFWXqJ0Ons6WN1PFvLNRt%2BDKanTLwCe3%2FQUf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e46fc456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/hu.7ae2a1f04ec537fbba4b.svg
172.67.172.109200 OK 276 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/hu.7ae2a1f04ec537fbba4b.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 7e797a283085b403f55bb9f6e5b97d3d
ca2a1ef951f7798b2af6d723a29a9aaa8860cb08
1c73db9f929e74735bdc69f6fbbd9cdd9db9bffd8b04ce69b2cc75f61255ff76
GET /spa-static/1.4.1453/static/media/hu.7ae2a1f04ec537fbba4b.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-114"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbUYLMF3Das6JXLnVrYnWTZghyoCRE0mozbXtvpsribSAHiqDLhYxPkNN3HmXbJaVm1OuZxfwbAKYi5RNFD6wFDfQmBpbs3%2BBjdd0s0XvQdtG0vwod8P2WwwkAM1diyOLrzj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e49ff656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
microfrontend.wol-prod.com/wheelV2.js?v=1713784769948
104.21.63.254200 OK 17 kB URL GET HTTP/2 microfrontend.wol-prod.com/wheelV2.js?v=1713784769948
IP 104.21.63.254:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectwol-prod.com
Fingerprint95:28:9F:84:D1:0A:C8:8F:33:5C:4C:25:94:40:AA:E8:7A:44:FC:C7
ValiditySun, 24 Mar 2024 18:31:01 GMT - Sat, 22 Jun 2024 18:31:00 GMT
File type JavaScript source, ASCII text, with very long lines (16730), with no line terminators
Hash 19e454385526f20a8b2344210a5f5d7a
a81ed46e82a9913697633e7475be8195a674131e
e1be448020c9cd5ededa3a567f3a83dde09732d73b066bb60467e30f849158d0
GET /wheelV2.js?v=1713784769948 HTTP/1.1
Host: microfrontend.wol-prod.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 09 Apr 2024 09:33:20 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66150b60-415a"
expires: Wed, 23 Apr 2025 21:10:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LvkQmuIq5pjvZ%2B69Y5iaigoUm1HXWNPHv91Jxl382vic7KmUVLRZgvdFEUIzteFOG9VEwl0iISs%2FGo%2BSvnFEtT6nplcUUDuqIKYdOfiqIjGHHrxX%2FPeBMcX%2F8UI3sUOV1OosY9xuyK3aNc9Q%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6d76acf712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
len6gyisnhmb.com/api/v3/universal-banner/list?position=main_slider§ion=main+page
3.125.159.65200 OK 9.4 kB URL GET HTTP/2 len6gyisnhmb.com/api/v3/universal-banner/list?position=main_slider§ion=main+page
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with very long lines (10484), with no line terminators
Hash 69e6407ff67c55546d16c2ff8e09c812
03bf8dfd53f0c88181a73c1c408cb79aebca63dd
f62c54a060909b5a0d73f713ad912dd4843998375936d438a945b8d14064619e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v3/universal-banner/list?position=main_slider§ion=main+page HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: 5d663bb8e94721786101553f88c25f30
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:17 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
upload.cdn-mb.com/upload/images/universal_banner/MAIN_SLIDER/Victory_friday/RU_Victory_friday.webp
172.67.172.109200 OK 92 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/universal_banner/MAIN_SLIDER/Victory_friday/RU_Victory_friday.webp
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type RIFF (little-endian) data, Web/P image
Hash e2975b1c7c3f7f6cf20eac6995432370
8c24f008c5b29f2ba19984dd2ad1a5ad45a97f38
bfb9ccd86019515d94111d25c3c428550de71c0e4db6748acc8d2330ccfe2b35
GET /upload/images/universal_banner/MAIN_SLIDER/Victory_friday/RU_Victory_friday.webp HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/webp
content-length: 92034
etag: "e2975b1c7c3f7f6cf20eac6995432370"
last-modified: Wed, 27 Mar 2024 10:27:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: a1fa336c2fd2dc07ed124b8a56fe646ff71a960ff9616c4268e18a83b1883276
x-amz-request-id: 17C09900B5E9567A
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 517
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bY5q7075Fiqs44IeBbr4%2F63dO818dpiqYs3zpKDp%2F5YUY1n9Xa1DiFosy9iEu4SMqs4Rhvmxt3RFtkDmj1N2ezpcQzYvjUzc2iUPIxYvH9rlPzpRo%2B0dp6WwS8ts5pH2IndvMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ea3daf56af-OSL
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/%D0%BA%D1%83%D0%BB%D0%B0%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%B8.svg
172.67.172.109200 OK 2.4 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/%D0%BA%D1%83%D0%BB%D0%B0%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%B8.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash f14e75c41c517634d9bbc8b6af8128ab
3d84baf076ffef470083a375a52d8f21011d221d
155362e3c564bee2aa85341b7b313ac42f6b88e545b6845545c650a6f374e14c
GET /upload/images/sport%20icons/%D0%BA%D1%83%D0%BB%D0%B0%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%B8.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"6e2d009df5cc425c7ba1ce6e1a93993e"
last-modified: Thu, 28 Mar 2024 14:01:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17C1371E9BD1E59F
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2sM2QhQfP%2FTJ9h5IFuzp%2BFVXRZqjI3swsGYj5ORDg4xSBUQaD3OqP%2B0DeDOZxLmmee%2Bv0zxP4o77U6uxjnPSgdcjwzaHuVZIDgEvcHI88EqMlkjfp184A6C4XquO3w0FkSPXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec3f6356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/5243.17ae915b.chunk.js
172.67.172.109200 OK 91 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/5243.17ae915b.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash aa6985647ca1f6c68610b21d33da6e35
1db2ec6fa5822a4ec235da6c44570027f8981e97
2e6083857aca29b0cb3a3bff3839b194ab506a37a7a8fc054cff4dd243aa30e1
GET /spa-static/1.4.1453/static/js/5243.17ae915b.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-163d3"
expires: Tue, 23 Apr 2024 23:48:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAk9TrYYR5WG88tw56zXvUiEnTFOrPi3ZjWWuQ4j8nNGHKlUk6XZ3le724IqtoCN7oPwQ%2Bm%2Bfqm%2BaKxofRdB9tPfYadmAu5toMw8NFpmHG0pkelRKuhX9wJxHlTkx3oTTVUt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e31ea756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/1452.0439e62c.chunk.css
172.67.172.109200 OK 32 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/1452.0439e62c.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (31939), with no line terminators
Hash a1caf055ef142ea82e717671548fca0b
6b848527ec8e64217c54cd40e30287f496e356da
d22c426271a882f318d35d01082affc1c34c47a5312c2ddbe32a73687fe922b7
GET /spa-static/1.4.1453/static/css/1452.0439e62c.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-7cc3"
expires: Wed, 24 Apr 2024 00:17:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C8gY4YUfVU9MAWIFsu80TUnwZaAqDFr0jVkRoPXCnw%2B3mcaxq7ptssxR4CoZlc7JJjdRWF9KUTdswcdC%2Bssxw1lseIqoKJHMblakHhEFVvhDAdL%2BuB%2FMF3SW4icUHcZ22xJb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e37efc56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/1452.0458e486.chunk.js
172.67.172.109200 OK 36 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/1452.0458e486.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (36032), with no line terminators
Hash 8433833e16fa739edf3d650a4cb8ff17
f1836fb30b922245fdd774ac2643d248366731f4
bef58c0f1b63c221fb18935fc648b4c21f5c7169e4f3eda54318fefd15b8cded
GET /spa-static/1.4.1453/static/js/1452.0458e486.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-8cc0"
expires: Wed, 24 Apr 2024 00:17:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ev05AkSW677lYtPRUwXao%2Bi2yewDVzARm371E212PN5JhasuupBosZgIfetGzkU0A72YE9YnPb3TZzf70zlCbGOallLsumo5FU7JmodGYwUT%2B7xkgRqiV19B3EoawfwIjB3A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e38f0e56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/velosport%2020%D1%8520.svg
172.67.172.109200 OK 2.2 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/velosport%2020%D1%8520.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash ab200e78c5157bda59be054494fd7b60
396d28928748302037b55c3ff1c0f4f57f2c47e1
f1e2382701fa7d9e4dfde034c6bec64a601170f1538fce7cc6879d97ceb09a3f
GET /upload/images/sport%20icons/velosport%2020%D1%8520.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"5f2b108787374790285c7c6af790e79d"
last-modified: Wed, 27 Mar 2024 06:33:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17C327246180210E
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WsRJwQpOvwZMxYBJGha6LdmW%2BQabJjxfLs%2BsEyjTMZX%2FibHVBeFwibrH2os9ylQ%2Bg61gRCH6WUuNyzL0HDJoD%2B3NKV82jY1Nm7dcj1FGwMPew3Dk5L12GTTSbaw6tA4SmCBwtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec8fad56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/cart.6bdc2f8b70001f0b6061.svg
172.67.172.109200 OK 1.1 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/cart.6bdc2f8b70001f0b6061.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 6d72ce80a19f5e2d0e76693783a5d59f
a6d2434b92f2555eef036814cb93fc5f65df6937
cef08acafe17bb28ee2676ef2a7e9e7331df5a0477fc3fe10e78aaac5940fb1b
GET /spa-static/1.4.1453/static/media/cart.6bdc2f8b70001f0b6061.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-42c"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PglKFMXqGgTakldPmpywoDRencOUBUG06t0Bgo4bPBeVGVg4IxCehSG6zHBAdDVFY58iHq%2BU4eeFqfOmKLGngMBOAdv24dJgmmkac2e9RFak6uMt1Q%2FsQce1uG5zk9SjF0fG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5891256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/5717.07393324.chunk.js
172.67.172.109200 OK 51 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/5717.07393324.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (50745)
Hash 071648260a048de924bf253d89a923ad
49dc762511837279431d29d07ac8a5f0b4ac6084
a70ddecbc34803b94a1d006e97a00c01d4ee6769901350fad5cfdc4d19c4cb4c
GET /spa-static/1.4.1453/static/js/5717.07393324.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-c686"
expires: Wed, 24 Apr 2024 00:28:03 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 2534
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cxVr79iMkzVnRk8darzLmHr5HqFTznoTMw%2BlrfRYiPxa03vNvYkdkywnREzY9W%2FgHejZ106moT24CGtEKlOPtQ7jSddh%2B9u33A02iy47tHQTYMQHQEN6zCdY95ZeABpmzYAE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e73a9056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/martial-arts.svg
172.67.172.109200 OK 1.5 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/martial-arts.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 286128ab470ec60c668d14dddd24a5de
dfc0c0400a2814ed0ca73190b97811ede9851e47
a5da3af9fb436a6df3ebefc72402fafa55893f57d6b5b423a0df93b011602a2d
GET /upload/images/sport%20icons/martial-arts.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"8579e3b77e91a3a6d443c3b4b86a8724"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: a1fa336c2fd2dc07ed124b8a56fe646ff71a960ff9616c4268e18a83b1883276
x-amz-request-id: 17B18A45C7776069
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VlP7z6NveSB4z54bJlR%2BxOgpBs%2BmAC9NwpwXfUX1RndlOwif3DGx5UTSfOFLOpEMKRSidYgtDiSLKlIQZMVYfEa6zSbsDBMk5KvMxTYiLRgZra1G1LchCgOuZ3%2BNZYqh7yiUpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec1f4e56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fpjscdn.net/v3/OszY8YxLtMbMKK8o3fGo
54.230.111.124200 OK 133 kB URL GET HTTP/2 fpjscdn.net/v3/OszY8YxLtMbMKK8o3fGo
IP 54.230.111.124:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerAmazon
Subjectfpcdn.io
Fingerprint50:73:A9:9D:5E:A5:A2:57:0B:73:8F:D2:B2:1E:8A:5D:A7:FF:F8:16
ValidityTue, 10 Oct 2023 00:00:00 GMT - Fri, 08 Nov 2024 23:59:59 GMT
Size 133 kB (133207 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/OszY8YxLtMbMKK8o3fGo HTTP/1.1
Host: fpjscdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: CloudFront
date: Thu, 18 Apr 2024 19:49:18 GMT
cache-control: public, max-age=3667, s-maxage=631504
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
etag: W/"uZOI9HkVaOAZe+kPeuFvK0wd8so"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wdvHBtv673bNpMJRlRcSwaG_17IJ6uHuouj_X2DjAx2PGLx593mwog==
age: 436861
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/ua.2dd397cb920452449aca.svg
172.67.172.109200 OK 238 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/ua.2dd397cb920452449aca.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash c012f45c847acf92a4ff97934ff9be73
367580f70b7b610331f0445a6ebe7c1768ddcf6f
294c1bce7c271513d4bc962b679105f8885a54b72a9b240412aafeb885593999
GET /spa-static/1.4.1453/static/media/ua.2dd397cb920452449aca.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-ee"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W3h2llCd2Y0a56mYHMbQsa%2FadfvZFuO6Gz90%2BY%2BbLQf2qxuXyvzdjckT1nBIv56dXdk64NL4VW842Oo2UFtqHgz6Qg6k4ypUpniFWFfWCcb06vRi8twnr84SG0uourLvV%2F0F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e46fc756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/3314.5a745d4c.chunk.js
172.67.172.109200 OK 51 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/3314.5a745d4c.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (51344), with no line terminators
Hash c8cfab32b375645af0556bebbcbd6b36
a480baccbac04142afb03b046a4ca5ceeeb0c9e6
7b4901af37cfba09f2f9f650f0c43b46b607460ee6610e844c59e53de9aa9683
GET /spa-static/1.4.1453/static/js/3314.5a745d4c.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-c890"
expires: Wed, 24 Apr 2024 00:17:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sg3EEdF3nagnAzkGFR4bPON8ksWZKB3seSSgFPD6C7kBlI1zczph2Ia1UCKtKFezMLe%2FQJL0alpXRPMTfMQFhDlWyF5WG6EMpl19PrK9HQA5jYWrnNUGjqRRs4cIOa86t4Dy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e73aa056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/763.5d2ed446.chunk.js
172.67.172.109200 OK 6.7 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/763.5d2ed446.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (6801), with no line terminators
Hash a2e30ab15de99be12f2b831c3dde4c67
5a221bd1368fdfdbf5f17c44af59579968fc5b56
ec31b399b89799b01becd0542033052e6aaf10ce5b2f2d3d7617fe708291d858
GET /spa-static/1.4.1453/static/js/763.5d2ed446.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1a07"
expires: Wed, 24 Apr 2024 00:17:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eAJFMNEx8umfGTdNV5yR1mV9SEG%2FJaXY7lty3OqOCH9QxsrI8P1iDdWQWL3n77OY0bQG9Y0eK9SZpU2jfnRCaSC05QKAKdom0pxXJVNVnEgH7htovian%2Bzr68vugeZGgCg97"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e75aec56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/timer.0bde209c7bc54a57730e.svg
172.67.172.109200 OK 362 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/timer.0bde209c7bc54a57730e.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash cb52a79df9fc02d96a6071978b942036
3d3cdb4cea431458bb16334b56f3a54fe0459028
730c8a1cb54e31925621776cb47b392e73ee3c36eb8fc9b5200fa65b8ca63727
GET /spa-static/1.4.1453/static/media/timer.0bde209c7bc54a57730e.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-16a"
expires: Tue, 23 Apr 2024 22:14:29 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACZ8D%2F6A44pmVLeASFoGU3Uc6Pf8IPZQsB6DQuJB9LW8bjbEQRE3h5jKYh9owEj5yWIuOkH0tH2rT7foi%2BMIRR0BH8DyS9gEKhvHLa4k9Z8vIt64fq4%2Bzr6vciXlGHCVNnO0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e8fc5356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/close-button.a13778e35e3080e47bc4.svg
172.67.172.109200 OK 205 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/close-button.a13778e35e3080e47bc4.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 944ebf0ac938afbb7ed8954cbca980c1
77db374ac1effb4cd294ad2d57473857ac7a1142
8db7bdfdcfa298a9ca62a5a3c84685990660845c2c36e9fe9619234f54f2793d
GET /spa-static/1.4.1453/static/media/close-button.a13778e35e3080e47bc4.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:22 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-cd"
expires: Wed, 24 Apr 2024 00:37:55 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iVW%2Fix%2F%2FHH%2Bju4eEaA66h4mMPd7lWSaZyklVkY2RBerh3kYKXY7Egqokg5kw3OM21s3V%2BRXWAQtopNLs7NTdBtbFCT9oFXtSN25%2BWgOuXoq9jhdON9PGAkO%2B5BGRku0RTWhl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d706ba6556af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/tj.e97716cafb6e3b770d5b.svg
172.67.172.109200 OK 1.8 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/tj.e97716cafb6e3b770d5b.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 354a4648c19c8c1bb0378017e88ae1bd
258c445cdebac632176ec1effc9d431d49a69ccd
c59090625c530a16a2670ce22c62d597c8363aea32887aeb9bcf7f87299f8e12
GET /spa-static/1.4.1453/static/media/tj.e97716cafb6e3b770d5b.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-6e7"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KS%2Bltzf%2BOCV1we1hiUo5ns3RtfdpSiIaIg5fzQUaet73VJHiQI3jgpOTmbMhA1Xqd2CVNrr2P1prn%2BnKPHn2i0YmQbGrzhksFtNXBG9xtCxHqYkZbwqEoQL83ecp1IHRvozm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5189056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/7936.eca33942.chunk.css
172.67.172.109200 OK 5.8 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/7936.eca33942.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (5823), with no line terminators
Hash 505c21e7d3c1bcc6806ae599380c4246
34f28ea1d9ebae9a31fbb14c86cd897dab35025d
766a3ea014a3f9dbe4c33d192e364465599eb69983e13bd8de67f2b691c2a91b
GET /spa-static/1.4.1453/static/css/7936.eca33942.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-16b3"
expires: Wed, 24 Apr 2024 00:28:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 2534
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c1v7gnj6KnwLLJ1vm3qmA9ebhpZzkzDz1N9M8Vf%2BZkmCfLtEaAKml9TkD8evHRtisXsU5Vse3LFZ9ymV%2BOGCQyO64iH%2FxvwQcFiowf9848dSOzm%2BPKBRi%2BjXS02XukWfQNTb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e83bc156af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/live.bdf07da00821651ab5c7.svg
172.67.172.109200 OK 625 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/live.bdf07da00821651ab5c7.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 28410695852cfcbb4ca527aa51a8dbde
c17ed2061f10df77b484cd8ed9cadfd2bbb20e98
c20d7704a71642e1d0e0a77eb3ccd0a3ec2f61c7fc52016136c08f26d3e1bf0c
GET /spa-static/1.4.1453/static/media/live.bdf07da00821651ab5c7.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-271"
expires: Tue, 23 Apr 2024 22:52:17 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VUYNEbRpFxCL1w69vGeCKZJaTcXQI40VL1QUeKTsJbdzecBgwpeJpPZg%2BF6%2Bi53fQtd493T2jMLph%2BOvLkG7zWAR%2BT1PPdCMpidetmmv3Qi6XUhDUw2hTfQsMp7HX5AURteZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e85bda56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/tennis.svg
172.67.172.109200 OK 651 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/tennis.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 2c9e49e2e9273cbc9d2975cbc4f13b01
47b916a46365ef88771ea80c25d1bd58a9950a16
726ac4713a177ad2233e4ad0aaeee3e56e5375df8ad31ae2040a6aec4c8691df
GET /upload/images/sport%20icons/tennis.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"0b0d6f7e86a350f3e512f3305927c908"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17B18D42C384907D
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102013/ctime:1654102013/gid:33/gname:www-data/mode:33188/mtime:1654102013/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 518
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dyuWlr%2B8PHXuc8WGN4tzmOAyffXqHHlEBuzWGA5qWiwwQz0XFfiXoujJjDiz%2BEkRt%2FmIasRrdw5FDYyzL7cPSQmg627%2BJNXy%2FdULQZV9Bjlf2OYMGSDqg2rdEida%2BmXN5EGGzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eb2e7356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/5747.fdc34ba9.chunk.css
172.67.172.109200 OK 36 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/5747.fdc34ba9.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (35679), with no line terminators
Hash fbcc0363bd5a4fa907d62617e8ca80a0
b9315e219a8577b347fcce3b2ee908a77e6f4aa9
19cb6e47ccb8bfe8279a3bbd50cc635c46e2647de743a76bd73d247e201980be
GET /spa-static/1.4.1453/static/css/5747.fdc34ba9.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-8b5f"
expires: Tue, 23 Apr 2024 23:48:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95rZOhSJGcHZ8VUZQ%2BHbNN1n9lyMmfyqLdzOswkaTvJomeqqYqbiv2JYVhDIn6xC365bGsg2%2Fw7%2BKMbXPEVWMmkr1lgAapdAG0GkIDg652LYymP7AR%2Bc7f5Nf2wrO0opuqRm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e1bd7a56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D1%8C%D0%B8%20%D0%B1%D0%B5%D0%B3%D0%B0%20%D0%B5%D1%89%D0%B5.svg
172.67.172.109200 OK 1.9 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D1%8C%D0%B8%20%D0%B1%D0%B5%D0%B3%D0%B0%20%D0%B5%D1%89%D0%B5.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 88b85fce54d8dc721d473e8730f14efd
777a2675cb0a25f8c785b237b74021ed451da472
2ca6d1d39d497aeda97f8f8e6f8e9d0e701ac40bdd92e1abc336a6266f74496d
GET /upload/images/sport%20icons/%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D1%8C%D0%B8%20%D0%B1%D0%B5%D0%B3%D0%B0%20%D0%B5%D1%89%D0%B5.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"582b207a9b1ccae490a074251fecd8d2"
last-modified: Thu, 30 Nov 2023 07:18:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: a1fa336c2fd2dc07ed124b8a56fe646ff71a960ff9616c4268e18a83b1883276
x-amz-request-id: 17B1818E47324A12
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKw0EhOyV03u5ITfS4a2FRfB75XRyxQsJoBPr1Xon4bSknc8JKoIjVFNSDWysVuE%2FcYYHkMiXrHGKaC4YLaovrNZcYvPttY2XErEZj8bONpVISSPM1aEvTsYx%2FL89y8Q4PnWKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec9fb756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/ticket.9d3ff525663056151300.svg
172.67.172.109200 OK 981 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/ticket.9d3ff525663056151300.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 00f15bda6433a62e50a36bee342c5bab
08e4e39fc8b8f9916dce591a019e3a60de2c40eb
0b8e0948fca58a1de944988549538d52ffbe1dfaebc5d899497df325535950d8
GET /spa-static/1.4.1453/static/media/ticket.9d3ff525663056151300.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-3d5"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5otVwqviLSSTtsDbQqWSreoHj2EBdDKRWgZYp5O7MoQaMjXifxkcRFoUNqzTKkGajhpd4zTu2wHLh6qJLpdrFu%2Bfy1v3%2B5afgandguG90TN6gQA%2BFXmvSIgp4Rx4SPxDMfUf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e578fe56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/uefa.43bb94060ac38772e6b9.svg
172.67.172.109200 OK 955 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/uefa.43bb94060ac38772e6b9.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash b900629224754bf7bb5e6acd4bcace26
150e4e81899a18ab26413d99d4ace6d8e95fa5dc
822e4c9264d1d6a7ea158afce584ae021a73ac17202b31a8f081ff41f6d613d5
GET /spa-static/1.4.1453/static/media/uefa.43bb94060ac38772e6b9.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-3bb"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7jeD5g0JwKUe1sztlz9LrSXy1BDXb%2FbBmRU2X2qnYvZiaaltkhrnY4eXDat5FYMv2CMo3LaBvdb29nhWa2%2Ba1T87lNHQtrG8y6vTBIRGPUoWpoQgPMf%2FGC8S%2FKZPZg2gx0eu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5a92856af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/fi.eb793b740dd4fa0f8b63.svg
172.67.172.109200 OK 240 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/fi.eb793b740dd4fa0f8b63.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash c0428b4476418dfde15a6b171ae09e17
b0ff24f42016ee0ba918ddbaa5f7ccf218aa2bd6
ea98811ef70ab2dd9a13c011356cd9aa59b18fb6a159a43eba7cf5fcf7cf156b
GET /spa-static/1.4.1453/static/media/fi.eb793b740dd4fa0f8b63.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-f0"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lvuoDTUw4A509%2BUn8uXaejgD0Zr1od0%2F%2Bk0C6laIBu7DqJDSoIWEx3tDQsv7Vr%2F75f3wq4UHInrZce6mgeEgcA%2BO%2BN%2BGjPjUqDbtu%2FvGVlRW8P0%2FJn7E03S%2F%2BpPT7ximz5sr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4a80256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/propeller.be3c4d819a6fd35fd49e.svg
172.67.172.109200 OK 1.5 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/propeller.be3c4d819a6fd35fd49e.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash cd7e897d9c60867ce46e235251ec6d30
11061407bf8ce37134167e6eeec2ae6811efd4b2
4014688b53f55efa38ddd6451fdcc62beed86bc8c24b65d923cce0b3766101ab
GET /spa-static/1.4.1453/static/media/propeller.be3c4d819a6fd35fd49e.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9980.f95b1d27.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-5d0"
expires: Tue, 23 Apr 2024 22:57:36 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 7961
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0yxAN7f61617%2B9Do1Dbt%2B5eZTaXKlqFk8jS7S110suj6TrV9HbF8LZvpBpiYZPFsYuNPBBhEmpOiE7jg%2BtsBOVCMwLPc%2F5qA5a%2BvKfyfigA7IjiD6Ertd2DCm6Dqvb3ZrrMf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e528a156af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/league-of-legends.svg
172.67.172.109200 OK 2.7 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/league-of-legends.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 63709fe141250f526bf5070bac81a018
9614f6306b3815b95bf493cbba32bd4924afd044
1b9f2a527907aaec8d7c821503bfb18278cb98fcf27383c2bac60f18fe3f5d93
GET /upload/images/sport%20icons/league-of-legends.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"3a40f6c16fee122888f38e65adae2828"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: d9f9c3a4ae1ee6a8dbb2d3b306070026e56ac66c25360192e0f990b84c8e2bf2
x-amz-request-id: 17C2924A67DA7879
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 4002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7GTkBcRXlu%2FEUcv1PyRuKKiyG9S2a%2BTwQI0in2%2FKQci1wVpSuO8eCIegzDTEJtt%2FPjYngsT9vWT0DBb9JrjsoCj9tFYZiKAY2WhOuP7UXbV60pdAuFhfB3TigooyRlz%2F%2Fh%2FEMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec9fbd56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.227200 OK 9.8 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 9832, version 1.0
Hash efe937997e08e15b056a3643e2734636
d02decbf472a0928b054cc8e4b13684539a913db
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 06:01:38 GMT
expires: Wed, 23 Apr 2025 06:01:38 GMT
cache-control: public, max-age=31536000
age: 54522
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/1640.08dbad12.chunk.js
172.67.172.109200 OK 27 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/1640.08dbad12.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (26674), with no line terminators
Hash 50238b628be9639f346a716e30764e5b
77788dff6d4963502e193fd641d14011f1a2fe4c
d733a139677f64094d8c2f4b27cb1d87a9ad3774c9be429f36ac6a235a08cfe3
GET /spa-static/1.4.1453/static/js/1640.08dbad12.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-6832"
expires: Tue, 23 Apr 2024 23:48:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TlKUrruogQnstxiHb9g8JWy01LcLZnXgM1mnmMOg7nmBiFkkFeGAtedo90IsFSgAAEz55utMAvCveg52U0VVdh8EtlulLewyBrHuLqj6YKHbJwXxuxLN5txqUWF7YaK2LYoc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e1ad7356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/cup.848113d2996325b9da03.svg
172.67.172.109200 OK 482 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/cup.848113d2996325b9da03.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 692c03f7c16c49c297b4e39231f2c939
928562318dbef353f6065d55f053618966f69669
6619a8537db907e8c8ae331421f45d85fbdc1729cf4582144a4d28d5ae62aae6
GET /spa-static/1.4.1453/static/media/cup.848113d2996325b9da03.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1e2"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwOB58dLpEh2cbprzuvKQNLcB179huGamEnZCgDsMxoKnK%2FpNHx%2FE7QPJ4hLibS9dm1yf2gvpaFuZk2X%2BuHoH7Ex%2FriMLpqnRSS4HK%2BoqtsvIsMpu1m6YTMw1qRVp3YI3aAd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e578ff56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/coupon/preview.json
3.125.159.65200 OK 345 B URL POST HTTP/2 len6gyisnhmb.com/api/v1/coupon/preview.json
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with very long lines (389), with no line terminators
Hash 791fb9e3e2ef0a51fdbc0f17ace3a35d
aa6d5e4d7a122a172a48739b8bbe776f714c2c7b
62896457c4d070276b2e61fdd0f35eed94637e2b55277bb75369117196880c62
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /api/v1/coupon/preview.json HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
Content-Length: 97
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: dde233061b30143fa02a88defa802f58
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:18 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
upload.cdn-mb.com/upload/images/sport%20icons/%D0%A1%D0%BA%D0%B0%D1%87%D0%BA%D0%B8.svg
172.67.172.109200 OK 2.7 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/%D0%A1%D0%BA%D0%B0%D1%87%D0%BA%D0%B8.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 19eed67db6191ba34409ac5ba4688cff
55b6cb0f00ace2a9ed74644d59cafee6fa0f880e
3342cc2f509b6a1013f6d48232bd661a886b7466b6858776b3364476be2c6778
GET /upload/images/sport%20icons/%D0%A1%D0%BA%D0%B0%D1%87%D0%BA%D0%B8.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"5405435cd7429debb041b72333d2d547"
last-modified: Wed, 07 Feb 2024 08:42:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17B18A45E25C3B3A
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1658838572/ctime:1658838572/gid:33/gname:www-data/mode:33188/mtime:1658838572/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E3HO1VqGyKkCtYxviw6wjYIJ%2BH6m%2Fq1g%2B%2Bi39J1SIzISx7Y7m0arOlkp7jVTh%2BscIUfN36Mzkiq5c3%2BcoLNlShcuqiei0J9fciBY27iK2%2FHqGOnyw3tYkDerMyij4e%2FgP%2F0eyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec8fb156af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
microfrontend.wol-prod.com/widget.js?v=1713784769948
104.21.63.254200 OK 17 kB URL GET HTTP/2 microfrontend.wol-prod.com/widget.js?v=1713784769948
IP 104.21.63.254:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectwol-prod.com
Fingerprint95:28:9F:84:D1:0A:C8:8F:33:5C:4C:25:94:40:AA:E8:7A:44:FC:C7
ValiditySun, 24 Mar 2024 18:31:01 GMT - Sat, 22 Jun 2024 18:31:00 GMT
File type JavaScript source, ASCII text, with very long lines (16709), with no line terminators
Hash 9cd1333df99e4c6f129c33ecbed0bbca
40d0b6ed7c89cb82fa9a1a0f5eb01eb546560044
53a55386f32220434a19d93fce2ef0320a319960676a715faa55b1e1c6559c3a
GET /widget.js?v=1713784769948 HTTP/1.1
Host: microfrontend.wol-prod.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 09 Apr 2024 09:33:20 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"66150b60-4145"
expires: Wed, 23 Apr 2025 21:10:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=smwLYZez7ELzocqGjXJCRb3fpUVdxMPvGpmY3En%2F1Wx8D740Zoqcbrb6TwkeaQSbR7%2BtQ9k32j9Z5Bv%2FoApeyu8Tf0id2kIHDFl1BIGSC7eX76H74lr4o8Q%2FNm6yKWhUXQ0xLBM%2FL0PUo4bEKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6d76ad1712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/css/3106.c4d11114.chunk.css
172.67.172.109200 OK 7.5 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/3106.c4d11114.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (7474), with no line terminators
Hash 5eb4a5c56712fb35580c878b326caf22
e3f3588d6bb72219f3797ebb921ef44697f55b8a
70858845eb559abc69e41ea3e94a6a560a64b13469acc724267a62014abaf374
GET /spa-static/1.4.1453/static/css/3106.c4d11114.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1d2f"
expires: Tue, 23 Apr 2024 23:18:30 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 6706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wgt6qVrDVVUc0rqjg1guB2zWbyy75o7ofhZwB53jtRWC4AA1BwAWsSG%2BXtxMzqLMbjk1vOxFGQ1EPwX804QoBp2uyQ7Y%2F7uSooD1AtjLG7WKgUx8g0MP%2B8G1xrKpuebMZCrP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e3bf2f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/esports.svg
172.67.172.109200 OK 3.3 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/esports.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash aec05cd53ff76de13a097c0c019a1e0f
19bb6d72a4612a7a6b431ba0b72fd6ac91ecf50c
9a959140646ea5f644a1e8bc0822b3a1ef07d3b2d21ac077b9a4df9d3d944e3d
GET /upload/images/sport%20icons/esports.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"92ed1dcf038dc9ef3014670221a7293b"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: a1fa336c2fd2dc07ed124b8a56fe646ff71a960ff9616c4268e18a83b1883276
x-amz-request-id: 17B18A45E3604984
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 6834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FfBgjSC5fGiVJrZS5No8O68e3Ejshvqdrm7LpQ5uA7Joc5jjmlbiYXnXk7DkuHYjd9tKkpxDGwJ%2BwrnyiI3cvN4MN9L3tOXCpI5buVBD4fQ7YpuRbDQiUT8rC%2FUBJ%2Ba1nwaxrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ebef2456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/casino/games?page=1&itemsOnPage=6&platform=desktop¤cy=RUB
3.125.159.65200 OK 3.6 kB URL GET HTTP/2 len6gyisnhmb.com/api/v1/casino/games?page=1&itemsOnPage=6&platform=desktop¤cy=RUB
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with very long lines (4115), with no line terminators
Hash 4935dd80c203101e2becec02b138d6c7
fb46e42e9427292bbc5b098a04884ce8d0087c41
66efca4c36a202252b00fda4e89b97162aa1ccbab4915a1a938f46de6771c31b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/casino/games?page=1&itemsOnPage=6&platform=desktop¤cy=RUB HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: 954c36e7e562e1aa7d92f812a00487a2
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:18 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
upload.cdn-mb.com/upload/images/sport%20icons/handball.svg
172.67.172.109200 OK 645 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/handball.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 4e6e22d2eaccd4c17f18365633067754
f5f7b4d46faf0f0b3dc8364310ec93ffe37a24d9
37134e795f1e4e13b8ad834fc3f1807fedc0e4bb81f7da27fe62fd6044276d60
GET /upload/images/sport%20icons/handball.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"7566bc428fc40372cbeb65f736dd5218"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: d9f9c3a4ae1ee6a8dbb2d3b306070026e56ac66c25360192e0f990b84c8e2bf2
x-amz-request-id: 17B18A45BCE1A346
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 4002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6ui9oJSuUHA4J%2BPYuABOtFyFTx1aSOh8CQUN3hplVLFoLgTJZlanSPP4RjTSmR59WPOl4i%2FdVp3iWWGr4dh0XWIQGPY8ub0QRXNB7zFv4T11oOLnTZ6BteAiW6ye2HaXKt2vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec1f4456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/cl.303f56a616afb6bae962.svg
172.67.172.109200 OK 574 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/cl.303f56a616afb6bae962.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 94a11246c389effac15bc92b1fee5dcf
d4d97d09a5ac31159b10a3881a61ac09df3fb3e4
33d56bffbcd1fddc4b6047628934be9007632384047012c1b6c7b4549061ee6f
GET /spa-static/1.4.1453/static/media/cl.303f56a616afb6bae962.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-23e"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FWWPh%2BWNUaJv9JI%2FPx1FbqwemWzYJFJ17qyFDfHWvPwQk0fw5WdQH0pDqnSOSTwZGDVYkLpaeT14n8nhi6DzkocAXm8XsOVkwX4cWNKiMrrDdKPvz%2B2KgWNrVeBaEZp2ZXqI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e48fe956af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/arrow.1642161383ba75cfc57a.svg
172.67.172.109200 OK 389 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/arrow.1642161383ba75cfc57a.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 3444a15490e7c6ce78ea7397ef0c1431
c88d5148a111eaa55686fc3357485f9a787fa675
5bfc5920e65a65d21287ec1f0d0e56b63299ef7b166e72cd661e8fcbfcb76bf7
GET /spa-static/1.4.1453/static/media/arrow.1642161383ba75cfc57a.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-185"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3CoI9j4Atbv4W9n%2BHm7LF2N55TtLrpbnVK2M4BPNN6L0ClqlwqXomjc5JlYs%2B7YENuVySW%2BebwCoG0bI4zbQo2jEvwjdU8lB98oMw4LGV5IBPYzduuX2SEnBaOBOylFafY7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e578fc56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/settings.64de7b9afe592b4b614b.svg
172.67.172.109200 OK 1.4 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/settings.64de7b9afe592b4b614b.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 9397eeb5bbb154f8ff8e2cb48e6b51b3
96be79db9ebad9d87bd191c89eed469059b493ca
2dfa622d440e9842a96c38166089424cc5ce6140ba66f10c0fb4effed22ee700
GET /spa-static/1.4.1453/static/media/settings.64de7b9afe592b4b614b.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-59c"
expires: Tue, 23 Apr 2024 22:14:29 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=956ELXWujs0nsAr9vsFNjwvtLlITvYHU1uGeITm7J%2F%2BKWzueoMah5athNwuG68WJw2ZEHSXHH%2FsTlieEN6AgdQjdSTLZ5A1KMnJ3y8e0QQiYDb0SJCfsC2jbfhgrpJeeBCiy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e8ec4756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/double_arrows_to_right.54a618bf8611f814c943.svg
172.67.172.109200 OK 427 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/double_arrows_to_right.54a618bf8611f814c943.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 026f50522667831e1692d94448b4a95a
b6e1e965adb9f98a388563e149245a12d0972947
605eb291b378d5ed79065998c3140f806f0a4be203c859c29e40fa601d0e0522
GET /spa-static/1.4.1453/static/media/double_arrows_to_right.54a618bf8611f814c943.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:22 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1ab"
expires: Wed, 24 Apr 2024 00:37:54 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TiR108SCV7G7BwccjzFB8ojr9tDNNe56x3s5UHXxeEFJ4vx7oknZ3U81e157CFI8OH7dnP%2BDnuC2E8nM3csf0MJoAKFd3f0AxWCW6BQoYa2S%2FEfDwsf85kDRYlPigBPrAbhz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d706ba7056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/security.c624e909c15c4313950d.svg
172.67.172.109200 OK 237 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/security.c624e909c15c4313950d.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash f1764496505ea4f5d03a956cc10b42d5
6d088f1a2eb4ea2cc1368d01cf1b7a357df03912
decadfd7f32a010cfb50de80885aa6c01019febce09bbdf1a71550649335d95d
GET /spa-static/1.4.1453/static/media/security.c624e909c15c4313950d.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-ed"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2Bn5dXQWRvf0qjbp6gqTSxue6nI7Ews2xP4Qp28hfnfOXumzayB56TC9wYVtTgRYrFul79nIfiifey%2FDL87Hf4aWQcbJkJkSPpng4t5vHxl2%2BjVBozMlj54vq%2FSWvJI5m4DW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e578f856af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/apk/check_version.json
3.125.159.65200 OK 98 B URL GET HTTP/2 len6gyisnhmb.com/api/v1/apk/check_version.json
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 81b9762511bd8a3273a395a7f6a6aa64
49e36a87251fba4ca514de0d0c7651e47e42de6d
0c9830a8cd4b53e5712961ebf62f6f6572c33ff0d1aeb800b3d6ab4a7f835072
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/apk/check_version.json HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
etag: W/"fe3d1cad71b531eda199de24ed283b5c"
x-request-id: 3c6dc36e1577cf5634bcfd20414eb5e4
vary: Accept-Encoding, Accept-Language
expires: Tue, 23 Apr 2024 21:10:17 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/add-bets.8a9129de05d1bbfe8ffd.svg
172.67.172.109200 OK 2.3 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/add-bets.8a9129de05d1bbfe8ffd.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 1f53c31e85915347bc80fc35882d3628
4f79e08635d4b2ee392f8b1467d7bc7a08ef78cc
34940f7cd8521e3e6d56d047c1b671691d9227d66360219007035f1c6321701f
GET /spa-static/1.4.1453/static/media/add-bets.8a9129de05d1bbfe8ffd.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-8e6"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10552
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKLO2Jj2rekzkrgTA2h9qrA2Ka78BHM3mRb%2FUhIUKl%2FP9jikjj9pBHTr8HCebeCwjzJw7z0XC5goaSrZuwtltSkfnAl4QFqK%2BFzL0DxQp08GfUrEi%2FTabVxrJ%2FwMTTMgpCh5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eabe1e56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.227200 OK 9.8 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type Web Open Font Format (Version 2), TrueType, length 9832, version 1.0
Hash efe937997e08e15b056a3643e2734636
d02decbf472a0928b054cc8e4b13684539a913db
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 06:01:38 GMT
expires: Wed, 23 Apr 2025 06:01:38 GMT
cache-control: public, max-age=31536000
age: 54523
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/css/7089.2549233a.chunk.css
172.67.172.109200 OK 84 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/7089.2549233a.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 92ff8b24d8ee0480ae65649d64a06568
99135eab372993168627d09dc8ad02d705babf00
73d5d5bdaa8ed7f6a34a5e4168319b73ac15d30d1aba96ebf7a8a950e0ab74ee
GET /spa-static/1.4.1453/static/css/7089.2549233a.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:14 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-146e5"
expires: Tue, 23 Apr 2024 23:44:42 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 5132
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbcF%2FlD3yQJ%2F%2FMIIDdw731JhkN10sZ7ITm2Ov9Xl2CogbhgvbmV5Qmf3zDOf7%2BTaL1uLXC6npyQwW50h6DgoC8RzsBptSfaQ9Ex2IMjQ%2BMbErb7ux9hOCsx5rfc8PlPS0Bge"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6d75bc756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v3/user/line/top-list?ltr=0
3.125.159.65200 OK 76 kB URL GET HTTP/2 len6gyisnhmb.com/api/v3/user/line/top-list?ltr=0
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
Hash cadd2e6a977379beebedb9e4fe697afb
259cf3b40d639380c43f982601598cf8a2a80e7b
834eeada36868d992d17b6f3f1c7a8b08ad4a1ab808f1574ee0577795875fcc9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v3/user/line/top-list?ltr=0 HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: cce77f67d668702cdeb614f1a9330b7f
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:17 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
upload.cdn-mb.com/upload/images/sport%20icons/mb_wrestling%2020%D1%8520.svg
172.67.172.109200 OK 4.2 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/mb_wrestling%2020%D1%8520.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 28a7a96338889cb479a76df296eea939
438231b697cf56b8a16956015411f0abe6a91b96
b8cbf6a38649d57ff54d8b7cd41f028244e2e0144a29256a4effebe9d78055cc
GET /upload/images/sport%20icons/mb_wrestling%2020%D1%8520.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"3de1505e09f8674b7c7cc8133455a3f1"
last-modified: Wed, 21 Feb 2024 08:24:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17BCDCED86665B05
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vv2BtWnLjkdY9YwEsEC7lIBEbyiuA88Y93Ga0ojQESKsa2m6UHeTYAT16DfddMMf3OTyknxzHnzUWAjgc%2Fd%2B2Fw9dP9spG2O4rrHKii%2BD%2BVbXS%2BfFMAr216GNp2FldlQNIJThg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec3f6956af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/cricket.svg
172.67.172.109200 OK 1.6 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/cricket.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 022e651b1037f9a46bd324f5d7b6f245
ba044d2da640ddedf63db615b7ea4b0c00a261ed
9d1092fec616e8bcd2c24457a3230331431f8f75bd8c426e977dcd2e9b30ff13
GET /upload/images/sport%20icons/cricket.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"91fb1bf9fb8fd030a603880d6503966b"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: a1fa336c2fd2dc07ed124b8a56fe646ff71a960ff9616c4268e18a83b1883276
x-amz-request-id: 17B1C2CA2616DBE8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 4002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zJTAu%2B6zLzN%2BrnWVtFUXf8QCSy8o1gWhROTRlupHwl8%2FJSGerfccDYSlWw97Xucqku1ecHDpl0SIux9JGPE%2F%2BbI4HIQOLxFNkjvafnII4mcQAbnmLJPdtlbV9ICGyXHROU%2FhIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec3f6c56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.google.com/recaptcha/api2/reload?k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
142.250.74.164200 OK 20 kB URL POST HTTP/3 www.google.com/recaptcha/api2/reload?k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
IP 142.250.74.164:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File type ASCII text, with very long lines (19735)
Hash db4abf80d8385641712f857838ec756a
30abe44fb9eddc20791fb1af35d1b7387d7643d2
557d00d65e02b2df7e693b86d5e7105db9e0212480987a4dcbb8cfce5631fdd6
POST /recaptcha/api2/reload?k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6642
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Tue, 23 Apr 2024 21:10:21 GMT
expires: Tue, 23 Apr 2024 21:10:21 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09AKPP-6dfcknn_mmPEzObLDuwW_49yhhLt3hhVnPrcRROVP3Sd-quLA9y03zG36bimO6b35SI8l9JmnSHNa0Eq7c;Path=/recaptcha;Expires=Sun, 20-Oct-2024 21:10:21 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
front.cdn-mb.com/spa-static/1.4.1453/static/media/double_arrow_to_left.5bb5d1c651b2aa3d52ef.svg
172.67.172.109200 OK 438 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/double_arrow_to_left.5bb5d1c651b2aa3d52ef.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash d4b2cbb5577515dbfa272de0c8242080
87919b0bdb040af457a6bc64e86c407a67e2a63a
8ebfe2a5e0d693d8bf9725e16d2510fd563019ebfdf758c02c91a1f67ed1feaa
GET /spa-static/1.4.1453/static/media/double_arrow_to_left.5bb5d1c651b2aa3d52ef.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:22 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1b6"
expires: Wed, 24 Apr 2024 00:37:54 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1947
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFd8ftcgVANSTTt05uLc8a1%2FM5z3YCJecso96MTvFTZ6irygLZKzon0epidZyZFhle%2F9YkeMNhZDK0Au1V8vqB3D3L4Qolmzm2PLyjqDKPlLQup1t9qyoVselsj6WlPZ6kk%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d706ba6a56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/currency-specific-settings/RUB.json
3.125.159.65200 OK 609 B URL GET HTTP/2 len6gyisnhmb.com/api/v1/currency-specific-settings/RUB.json
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with very long lines (667), with no line terminators
Hash df3ee15694bdfb75332d520c846312e4
267239b13a5cbc141625bdddcc03f85fc687e843
cacdf42f85f5015db0e873c936e825dbc36333383c4888e2bb14e1f203ac2024
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/currency-specific-settings/RUB.json HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906616.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/json
cache-control: max-age=3600, private
etag: W/"280a952a362a82095d1a79d423866721"
x-request-id: 4f5bea812b0794712bec528c3d4b023d
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/ball_star.519f9459c5cf72b2260e.svg
172.67.172.109200 OK 947 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/ball_star.519f9459c5cf72b2260e.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 991b64d23bae2ca56ade3c9532424026
87326fc6972187a2f96a79df01cf5b0765d400bf
bcc3f9df179e23392726cfd994f9fe142cadef4964570c5cebf7ab40e413ba4e
GET /spa-static/1.4.1453/static/media/ball_star.519f9459c5cf72b2260e.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-3b3"
expires: Tue, 23 Apr 2024 22:52:17 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sVFKnmn25tPDEJH40H66vTxDOQziKuEVG53vXIdyvTawyJIFzZOga0ivtgCWtrU7sQih6vHIgvMBDoJcswzf6DTyzblZHRgoyRA9SupNcm4yuyLcfrgA6vWdIYMawY%2F4%2BI%2FD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e85bdc56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js
142.250.74.35200 OK 518 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type JavaScript source, ASCII text, with very long lines (597)
Size 518 kB (518479 bytes)
Hash 8326c23d6b3eed35bc3e62f3294587fd
edda17e74e53e85073e5eac9cb6be2163dbfa23c
57f03d3ba66117edc152646341120dd3a1d7d71b9a98a3723af5a8ae61bcb3ab
GET /recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 206057
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 20:38:39 GMT
expires: Mon, 21 Apr 2025 20:38:39 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 02:01:04 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 174700
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/css/74.f49de351.chunk.css
172.67.172.109200 OK 12 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/74.f49de351.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (12027), with no line terminators
Hash 6ec27f71c411df2616d9061f5dfd9bd8
4d2d5f1a62d79c67c7a2b83bc734612b0eda682c
85d13c53cb803ffca793db6697ff518999ae4a0aa0ee0a1351e356de19bd784c
GET /spa-static/1.4.1453/static/css/74.f49de351.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2efb"
expires: Tue, 23 Apr 2024 23:18:30 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 6708
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AyYrBeiEOJvstSGxXvltZFsN0KxnDS2kidINsSxE5HZCObO%2B6L3l175R5ajd7dGTMCMsQ2Buc0FdU%2F4JtjhRxxy8BmqchX51f7QCQjA6GxPtXeQudsi%2B4KY0FQqqgGvIBoC1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eb0e5d56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/az.84126238074d3c3c30b9.svg
172.67.172.109200 OK 498 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/az.84126238074d3c3c30b9.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 46be94246c1c70d0605daa4c4440fae9
be52b50ea9e1ee11f9bca22a9f8c988c212fa20f
9dfa12299405d8ffb7ee797baf049b63d886fc25f301cb4b356d4c0d5ef9e634
GET /spa-static/1.4.1453/static/media/az.84126238074d3c3c30b9.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1f2"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FNbvPgnq7xxi8IcOW6dFDZIxYeTcJbCUgTR5lTsWV4M2p5UkJkfk4QBpkfSxWgliaCuuK9xezVROu95mq%2B0wEF9dj2kwXII7FBzTXPuAsOaFqvUiNZ1J%2BmYRlZZRp%2FWkJIHG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e45fb856af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/de.11d88d2b77e6abe5ebb1.svg
172.67.172.109200 OK 221 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/de.11d88d2b77e6abe5ebb1.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 5fcec7016f7025e478111ffec9f92d2b
55e67f498c4e8e471b7cb9b74797844586fab501
1d4751866ef944cc0f053c9188d1443c9d979e894a49f35a428ba09e53f2d3f6
GET /spa-static/1.4.1453/static/media/de.11d88d2b77e6abe5ebb1.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-dd"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Dk8jt8qSI%2FdhWp1rHEssN2%2BYWeeQAvDa8k7Hj0QnR1kWgaYwn%2FvjUqNjVJv%2FzTz7mky%2BXO3cZhKGtZYfTKQNUsPy5%2FPqAWhp4TsxCot8CUUvYhtACMxcobitfKxGsB1MSr6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4a80556af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/3314.4d280b0f.chunk.css
172.67.172.109200 OK 32 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/3314.4d280b0f.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (32372), with no line terminators
Hash 27c5c0af61fd9efe8b99872d7c0eaae5
13ac9f583c183b1e86fdd7b8eeb046ddf982c453
a10edf0b0ceb5a0ae2d61661a8a8e3eecf6c1af6c2af441a995042d9526276d8
GET /spa-static/1.4.1453/static/css/3314.4d280b0f.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-7e74"
expires: Wed, 24 Apr 2024 00:17:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATwz1mVJlyyp0ltIqpdCxzH4NpRvi6VUJdnSNysaLhuVYgbgep9W5%2FtZ8eMFmb43jlrWrVLDzkfHa9ELOtOsGN8ncztcBI%2FsTZPmWDS1rscsPTGmsruu4plLhLPgqnfDsQYG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e73a9856af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/kw.a3a60802b9df1ea679ac.svg
172.67.172.109200 OK 507 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/kw.a3a60802b9df1ea679ac.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash b56139e231ce0521d50cd937955d0639
7fa0cb996682efe59800ec785a51acbcf7dae8eb
a22fdb682b36526402b7dbdfb2eda7c132bbd49526a935ba586c9d46a0480459
GET /spa-static/1.4.1453/static/media/kw.a3a60802b9df1ea679ac.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1fb"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWE%2FK8X8bJmCobSTJWr4bzvwKuV6UAkXjlLhGpRC4hR%2Btd8VVkrjxe7GKYbRY9OM8eaVqAtih3Mu%2B%2F3XGxXJZb75Tm0novo2Bms%2BiJ5bayuMWW2Delyyd3tq8J%2Fbby4YhM1t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4f85656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
3.125.159.65200 OK 4.2 kB URL User Request GET HTTP/2 len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
IP 3.125.159.65:443
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type HTML document, ASCII text, with very long lines (4347), with no line terminators
Hash 76695da2c111e1559bc4999f5425b7d0
89578dfba27526cc2bababa14f7d7fb7cfa933c8
5e9915be2b78376fd933584d552d3db0db6111bc2a9a05ce9b39ad6a076a0679
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?cid=4214941352&pid=126916&sip=0 HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:14 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mst.com/spa-static/image/sport_logo.png
172.67.204.105404 Not Found 0 B URL GET HTTP/2 front.cdn-mst.com/spa-static/image/sport_logo.png
IP 172.67.204.105:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectcdn-mst.com
Fingerprint4D:A1:09:0C:B8:2C:19:D1:9C:4F:9A:8F:28:BC:3E:3E:8F:AD:84:C9
ValidityTue, 16 Apr 2024 06:15:23 GMT - Mon, 15 Jul 2024 06:15:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /spa-static/image/sport_logo.png HTTP/1.1
Host: front.cdn-mst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Tue, 23 Apr 2024 21:10:15 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 31
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PyKQBZbJKxLmLMe972QjvlxGGUUX83spZyVPB75d7DO1RYQ%2BdtC1pgE6hXx35vOaWDFXHxTS8%2Bu5T4OSPiG4wgBCuQm1poqYLNz4ECv%2Bqd796vis5Xc2SeutE%2FMQ70%2B46LFkCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6db1ba656a2-OSL
content-encoding: br
X-Firefox-Spdy: h2
code.jivosite.com/widget/zV6xlxr9an
193.17.93.93200 OK 18 kB URL GET HTTP/2 code.jivosite.com/widget/zV6xlxr9an
IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoDaddy.com, Inc.
Subject*.jivosite.com
Fingerprint48:23:E2:E5:0B:0A:4E:4F:CA:AD:65:27:8E:22:2A:8F:87:B3:6D:F4
ValidityWed, 05 Apr 2023 11:26:25 GMT - Mon, 06 May 2024 11:26:25 GMT
File type JavaScript source, ASCII text, with very long lines (17637), with no line terminators
Hash c187ea619c2028554c6e93bc3a8c99fd
9047b2351bc2389dd84edf455151800f9db31cba
d2daa1ce8a682d60052f125ad10fddc233bbf081e9c0d9bc5580e71e697cb624
GET /widget/zV6xlxr9an HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
content-length: 6056
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: br
etag: "661fba80-17a8"
expires: Tue, 23 Apr 2024 23:10:16 GMT
last-modified: Wed, 17 Apr 2024 12:03:12 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: MISS
x-node: dt-up-gc34
accept-ranges: bytes
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/2845.714066cc.chunk.js
172.67.172.109200 OK 516 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/2845.714066cc.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type troff or preprocessor input, ASCII text, with very long lines (534), with no line terminators
Hash b7526268e7a369d0e996bca0d76dfe6c
de0afca65fd172cc415482ad9f8cde892ac51b69
1fe5f3b5846b734c57b3e5f67296b3c9467604597f1c0d76492d14283a224410
GET /spa-static/1.4.1453/static/js/2845.714066cc.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-204"
expires: Wed, 24 Apr 2024 00:17:45 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3151
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rhzJd0UGqon2fAUdvCwE2yoGdo9qEM4r%2FdfmWkU1YK5pldUhvTt%2FTGryW4jU%2FvZ4Zu82pcIT0Oh3o2ag4fOAratdHhDgs5TY%2BTdlD5BYC3v9At%2Fwfp3aEJBaTnhdClOVDeTq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e33ecc56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/soccer.svg
172.67.172.109200 OK 586 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/soccer.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 1a6d8af7357d2a2d19617860550d8c38
1e57b4f0c31e86c7294b19496f84667f61258088
3c774e9fd645258135e754bb72c656865ef9c788c721e72714f279b191062932
GET /upload/images/sport%20icons/soccer.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"956c4b55e9fdc0fd0750a3175e37c09b"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17B18D42C38F2AD6
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 6708
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=haapkCTOVumsMe0lzULkAWPsg7eBCZ6DgLjJO6RB3sC6dMbED1O7c6uOk1XRhV0hD4mJXsQqj7KR%2BGsxKdYWrv65wk%2FiTzOpIVWougz%2FvjuE80OTifAcz4VmvY%2FuxGDSB0neTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eb1e6c56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/lacrosse.svg
172.67.172.109200 OK 1.7 kB URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/lacrosse.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 1abfa082f994ee25a90c3a7b139966f7
48546fa89acbf83d0aef31b06e1d1d61c67c4ece
2158aad0d5248e0c9819b3210da06e60641a8c01e3dbf059e4af410909aee839
GET /upload/images/sport%20icons/lacrosse.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"51374eb9b52982e1b092802ca7a31188"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: 8a26abc7832840f9308c123e3beca68e9010663e53438356460e6ce230b3fa9f
x-amz-request-id: 17B59CD6F28EED31
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pUlENXORDoZA8J3x28Fqq43C%2B064H3AIk24rWclbJ1kzvZBmCwU7reHgejTHHh3I910eheiFLQ6yaR1qLmk1AMlnEpIstvJlpw27QSa1XDHUJL2bEkWjzRnYVywxzc5CfMAMiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec7fab56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/7089.a5f19e4b.chunk.js
172.67.172.109200 OK 574 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/7089.a5f19e4b.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 574 kB (573868 bytes)
Hash 676d9bf2d7f83b39c3de1c46416c86c4
2e624555713cff93b53e6de276f7338331ae10dd
250059c463e0ce8bb61c608d3addbccb912bc083ebced011bb6e44f9ee5dbfd8
GET /spa-static/1.4.1453/static/js/7089.a5f19e4b.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:14 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-8c1ac"
expires: Tue, 23 Apr 2024 23:44:42 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 5132
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9rgiX23KVQ9HaAlpCEez55PITAGIA74Qk0Z5Nj0avbx%2FSJphGRLStcBdjkjFsxVIClLHhSL66NB57MLHoaOOSj9KkkjMjNteEPqaufUOJ052eHK7JduiivXY34vBar7Cn5g4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6d75bdd56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/7255.a168a449.chunk.js
172.67.172.109200 OK 10 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/7255.a168a449.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (10099), with no line terminators
Hash 64cebdd25ca2bae938c866136935969f
f05cb76fd6d1bed11598566635938dd05841d935
2af7328e61b8f5a0743f9afeba56464c828d85db89ab99393a899cbb975c2409
GET /spa-static/1.4.1453/static/js/7255.a168a449.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2773"
expires: Wed, 24 Apr 2024 00:17:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXKyp07Jy1%2ByLrBdcbKVbfp06%2B8sLRzxBl%2F0FdZHamOOdLWBiVs2NVsBRMD5ycsYjwWMW7q3IZfqZIoif6F1eS0ab4bjchpxlbBZL6wgGldiWbL2%2B9jgwqTv6eq1%2FFTAPzvs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e36ef056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/ro.51182fc9671cbaa10989.svg
172.67.172.109200 OK 305 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/ro.51182fc9671cbaa10989.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 6ad54aa90b343df8dc2c4b5c16f1992b
307ed9bcf969f125f3eedc6cab5781c871462c30
c27bfc4598faedb5020f0b1714d1070993d7a89718f62c9e7028e43a2254d135
GET /spa-static/1.4.1453/static/media/ro.51182fc9671cbaa10989.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-131"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjGw0ISM1JjM202aPbPClShWHoVXRKml9Pmz5VZZKwjWAx5B5LWOlvY%2BKpmZtADWAjNX9chrBd6t2HjQkfjYuVpHbOVdd%2Bo22ntap3wFq5CPDuU8IaKsTvBF2ipCs1dhH640"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5189756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/gb.35dbacd736781608964a.svg
172.67.172.109200 OK 541 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/gb.35dbacd736781608964a.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 2dd9c12465888299e96b452c0fbb832c
05ce6f07353a760a137fe8bb779041e5cf55ac34
c4ef0795d273b6a4000420ef3791d3c441c00d4b281c218392fc391d10875dfb
GET /spa-static/1.4.1453/static/media/gb.35dbacd736781608964a.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-21d"
expires: Tue, 23 Apr 2024 21:42:01 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 12496
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yOCq4rFP1qVrxt4cSRdyibvabtaxgTI4GH0QNY1AbXol2HshHSehTA8XRey%2BS%2FmyE01L6oceLQ7jPw3fJJ2hL9DRmvhYtVkdCZQ3s%2FN84jNxrBMnF%2BlJzS09HqKeJ9Dn5MQw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e45fb456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/fifa.238dbb2593c042f46387.svg
172.67.172.109200 OK 310 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/fifa.238dbb2593c042f46387.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 2271c8bbbdd95ce7b5d6d29c7cf052ee
6d1f29b12b078548008caa4e1e0bc467f2178ae2
f9069c116a15ba3ca6af122c22d6846f99a5d5631c2a588e7488763034398a7a
GET /spa-static/1.4.1453/static/media/fifa.238dbb2593c042f46387.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-136"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtb81dg0Z7n1crhWgBAsU4sGG3AUCY1nDgNHpXNIGypg9BSAtzkJX3US4Jx8UarNsJdSHvYNpIUZ4D%2B9vBDBhtn%2FA7%2FKSr9XrtMJSQy0zvI0vTu%2BvS738VA3oAkz2cRi0Nlo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5991c56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/basketball.svg
172.67.172.109200 OK 756 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/basketball.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash f04ce1289843463ff5592821ec2a6696
983bde845ad68c89179491c11f015121a29ece71
d315e06ed5ee340e4160e1edb34f1a536d06f8c1bb200bcdab684072941795bc
GET /upload/images/sport%20icons/basketball.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"36bb04b1b885eaf911605243b4be3987"
last-modified: Wed, 07 Feb 2024 08:42:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: dd415372f9275fa27ae6f25745f52935015e5cbae0f0830d7ff3657b3f08e8fe
x-amz-request-id: 17B18D42C3DA9868
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 6834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdSH8TVGz%2FCa4s6kvRc%2FfjWEfDyChagiWTy8FMk75f6Y0HV%2BpKPiYtUg%2BGEauhP2FUCwyhq4AdyOHIA99pzIZD1tB0dkvgc8H2w4HOWbsyHX5KjCHlMMH7Yz1W7Zfr91HZVABA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eb2e7756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/baseball.svg
172.67.172.109200 OK 987 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/baseball.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 0e28140d1394ab6d53ce5b6581cca377
6d29ff4a5a20ff794d6a64d92be79cb483ee57ed
9ea1bdbe6f5ced551f7b07330d19740003b9b8ccba07ff547fa4e1ae408fac2f
GET /upload/images/sport%20icons/baseball.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"46b260ddfcd732c35720da4a047829b7"
last-modified: Wed, 07 Feb 2024 08:42:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: d9f9c3a4ae1ee6a8dbb2d3b306070026e56ac66c25360192e0f990b84c8e2bf2
x-amz-request-id: 17B19E19341C30F3
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 4002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=17ip6ycxpibVNbn8aB%2Bt8sbOZs%2FApkXJIxHrc%2Bs9f9AyRveE28SQ%2FcO2pfcyBS1%2FUP0H4FVZ9oWdS2VID%2F2Mv2FhXUlwWBgVU00wAYtdmCQ8IYghdUsxJNiVvLjf7NHotyvlvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec4f7c56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/9184.895e720f.chunk.js
172.67.172.109200 OK 35 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/9184.895e720f.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (34592), with no line terminators
Hash 63ea44c0c67d811199d83efbb8afb3f1
8bd3d2ee905cba54415eac1ac92a0f4591e76c5b
5bc4f2024f8af93b489257c0cfc09d780114c956c5d3bd6d205a46d9660dc427
GET /spa-static/1.4.1453/static/js/9184.895e720f.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-8720"
expires: Tue, 23 Apr 2024 23:48:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7CYfxFyMAf23Ow8gphaeTRbDAYUfD49pPED6oWvZQ650FRa%2BgvNfdWzSCz%2B9WjUC92B0tzY1Th6oKXMcsD2USmLyo9QnSPPj7Ihqj61%2B8Dl6Fh%2FsijVw2MFvUVyqFl5XOmeD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e33ec456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/it.9938f4b9588502f93b20.svg
172.67.172.109200 OK 292 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/it.9938f4b9588502f93b20.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash d119892a4b008b073c15120fd0d36838
4ce39d36455e2991f77e41584a5aabcd7c43cac1
ee6dcebb35ba9ab98e01cebc277f095731f351a07838beddf29ea422bd03b264
GET /spa-static/1.4.1453/static/media/it.9938f4b9588502f93b20.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-124"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H0he9E8ITxzAxIrkO%2BZJbO6gloXL7VrPRzmN4FpiZE7XGhPOf9FCJ8GJwnxqBSCSJ0YkJOm7mcIQhOAxDF0%2BNvKW0RCgJdZiPkfRbk55Lk70Y05G%2Fvs%2B2iDJqRcRifvdqDxx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4a80d56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn-mst.com/casino/game/81512/game_64bbbc96d05efe80549b6483cdbb26a9.jpeg
172.67.204.105200 OK 31 kB URL GET HTTP/2 cdn-mst.com/casino/game/81512/game_64bbbc96d05efe80549b6483cdbb26a9.jpeg
IP 172.67.204.105:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectcdn-mst.com
Fingerprint4D:A1:09:0C:B8:2C:19:D1:9C:4F:9A:8F:28:BC:3E:3E:8F:AD:84:C9
ValidityTue, 16 Apr 2024 06:15:23 GMT - Mon, 15 Jul 2024 06:15:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 263x197, components 3
Hash 0f23c0f6330bf68342d308e2d755c5fb
fea0fe24aa14fa85ea174767611e21a2e9e3b116
5327bf2ca202e5d63b1fda8f075a00d1a60eb28be5a2eaf2faaf1906044d36e5
GET /casino/game/81512/game_64bbbc96d05efe80549b6483cdbb26a9.jpeg HTTP/1.1
Host: cdn-mst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/jpeg
content-length: 30992
last-modified: Tue, 23 Jan 2024 17:35:26 GMT
etag: "65aff8de-7910"
expires: Wed, 24 Apr 2024 05:24:16 GMT
cache-control: max-age=86400
vary: Accept-Encoding
cf-cache-status: HIT
age: 56321
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p2HXt%2BscmiChjikhUw1O8iMj28F2onWYcSK1%2FFu0z1Y16cp2QJUJOooHdDXG6YGvkLCHENMloXBESVs1iUWBXOTRVDjPpBnSk%2FFXCFIYezn972wbyda1VnMjKFrnEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ee4d1356a2-OSL
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/gift2.45bfe9dd1ca64a744e62.svg
172.67.172.109200 OK 473 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/gift2.45bfe9dd1ca64a744e62.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash dcc856db13589a74c00f2a2ab97a5714
5dde79e7929dec4d92a593ce400b37dc46fcba69
3cb251a0cd23d0fcf442abaf0c748cf0ba7353da112f338b2a157efc4842f355
GET /spa-static/1.4.1453/static/media/gift2.45bfe9dd1ca64a744e62.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1d9"
expires: Tue, 23 Apr 2024 22:52:17 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DDzlXqNxc%2BdJkGI7A1qAKemqAjUt%2BskGPqPk%2BaxRrEcCC3QZE6epRVO2a4BzEoA6jMx0a%2F99Glw08gF%2B4XP2hYkySOu263c8eaJ8OlGeKSH4%2B3h4TwTiphRF7z61iRFABPET"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e578fa56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/aviator.6a7a570cd22e468ed44b.svg
172.67.172.109200 OK 2.0 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/aviator.6a7a570cd22e468ed44b.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash c74ed5aa5b8b0ca369881640d55a6d9c
a475d2235065c5c295b4f1d0f4a50e16f431c02a
2f5452950006ebf76707460ee081f1fe40b56c516da44b709f46b7d1e43525a2
GET /spa-static/1.4.1453/static/media/aviator.6a7a570cd22e468ed44b.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-801"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xqf39FG%2FVrq1YjCla4b%2Fg2pS4m0%2F1%2BAjjxe242leJg5ovf2gxMV7AKJaCKEc81EiV%2F2Iy4gP8E%2BS%2FzdboyDFM7MqQ38R7OA0TGMJYXMvecc1TYUBGdOM0Yrc1cc3Esy6OAsi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5790456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/apple.cbf1481204d20150372c.svg
172.67.172.109200 OK 533 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/apple.cbf1481204d20150372c.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash bb359828eb503954e0a104388e976808
0ad189c7689b8c8e7a2e54c33cb0bc62911dec47
67834ad87855ba9457191ecf7792c72fd29a9f84e3a333334d75f6e3ffb0f564
GET /spa-static/1.4.1453/static/media/apple.cbf1481204d20150372c.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-215"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4yIC5yor6dHLvOophrsYhvJ%2BKyOwkx5CILk0m%2B0vtKNWgBIhKcYD37Eet4v%2FENc0DFpnK9pC7GD0j7h1LpCQjC3c105vUltrnBMAMnUvae7qvU2Avi2lL%2BbSItoLAqKY53m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5991956af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/arrow.1642161383ba75cfc57a.svg
172.67.172.109200 OK 389 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/arrow.1642161383ba75cfc57a.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 3444a15490e7c6ce78ea7397ef0c1431
c88d5148a111eaa55686fc3357485f9a787fa675
5bfc5920e65a65d21287ec1f0d0e56b63299ef7b166e72cd661e8fcbfcb76bf7
GET /spa-static/1.4.1453/static/media/arrow.1642161383ba75cfc57a.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-185"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bho9mWHgRrT9UKIIX4zazC44I%2FWO01opOW8GAbXKheu27KN74mcOvndBnKfxeFTRiYe8YGPoLAbLftKWhvpPaRGrkB%2FU9f4PgxsQwydw6mv2nG4E31qsQm37AzWxzaAO%2BN7l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5790056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/iihf.0cf95ffca4cb651cd906.svg
172.67.172.109200 OK 4.2 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/iihf.0cf95ffca4cb651cd906.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 082ab50bf3a4d65ff112ed8e9fc6fe56
967ee01f2a7f1018db0ee57e69b9cec8a52adad5
04057f79a7f7abf992c45169b2f69b9089cba3b2b4052f73aab93b83586ecb50
GET /spa-static/1.4.1453/static/media/iihf.0cf95ffca4cb651cd906.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-103b"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yE0UW3XJwEgvgXvNIRjIjdUWFZ%2BkUx7VDs6cWECmt1ewtKpSd48CgAdpFzpK1p1NtFMIftfMarU0UEmfvNhH5APdqVaqVXonr1%2F2WMQWiEt0GZYqeXWdKuaKa4vFZkipZa%2FC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5a92b56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/9561.ad7f175d.chunk.js
172.67.172.109200 OK 29 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/9561.ad7f175d.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (28719), with no line terminators
Hash 50350184b8df96b568fe5ec72805f7ac
e96fc945d03f2330ede4b675cae36316034f1f86
a192935c16fbe9729465726a54b4be52cdc09f08be200f0c348f3e986c7e6b1a
GET /spa-static/1.4.1453/static/js/9561.ad7f175d.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-702f"
expires: Tue, 23 Apr 2024 23:48:02 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 4935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PrlNHQ22sK9IIXOFi7rodVxlRmMfgwQIhwSkiCiA27fW%2FAZuKFm699aSS7Kh6sooOQmCSJwpCvqhkVSs9JshLBZDWPstXIKpLA0zovvVyrAU5Yymzd1bsHjYcRhV9u4LxeSh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e74aba56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/recaptcha/api2/audio_2x.png
142.250.74.35200 OK 530 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/audio_2x.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Hash 88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 18:58:27 GMT
expires: Sun, 28 Apr 2024 18:58:27 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 180715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
front.cdn-mb.com/spa-static/1.4.1453/static/media/telegram.060313401e4899c5fe38.svg
172.67.172.109200 OK 217 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/telegram.060313401e4899c5fe38.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash fcb5640a576ac6d105374798cd1167b1
c28ece68991fd1f6e1989ed570df43e79b627ece
5f798d8aa54bb39441e2f02a55b49fcf434fd87fff6deaf94b5021af5acf3943
GET /spa-static/1.4.1453/static/media/telegram.060313401e4899c5fe38.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-d9"
expires: Tue, 23 Apr 2024 22:52:17 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=inxNLmby8bfD1Wt8eI73PrmZ5TxFglFj%2BOTiGsKnXpvepkWa73MSmQxyspIKI%2FTPRYayaAwBI4WhWhv7zSa5EB4n1abq6na6iuRp%2FjLTiN0d2lFTYGO3MwjtWLNnFW%2B0fPly"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5f96256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/3334.63b131a0.chunk.css
172.67.172.109200 OK 12 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/3334.63b131a0.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (11946), with no line terminators
Hash 65e5467b405dc96b6ec02a5873b669b4
1b6dc054523d4399f3af60cf93aaa830e7e24720
9bef141e82c76f9ffa06e6e032256ac1cc6879effc06931d632c2ce76707d909
GET /spa-static/1.4.1453/static/css/3334.63b131a0.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2eaa"
expires: Tue, 23 Apr 2024 23:18:30 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 6707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TqRxDMVkJr6gqWmIjhDKCUo%2F5GTyapGPYoNxhHjW0qcAu%2F4XNaVhFhaSWVXUaQdLRoNhJsfWrKuN%2BztTT30fzeNMylNSG9SUD1sfJaMScx%2F3pyFPVERG9jAuZpFGCU29GHs8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e72a8756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/8798.bfb20c35.chunk.css
172.67.172.109200 OK 24 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/8798.bfb20c35.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (24498), with no line terminators
Hash 3759dbea221caa9b4c5482e0c900462a
0df6c42325f20d0cec70d978a0cd7254fbc4f0a9
205c1d3aeab0cd18024862b27dd63690e4a47bef4ee2786a5d4e8a8fc7a701e1
GET /spa-static/1.4.1453/static/css/8798.bfb20c35.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-5fb2"
expires: Wed, 24 Apr 2024 00:17:45 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3facjDIkUncX4Le8Th%2FmNa4%2Bq%2Bx60IJvoW7e7Nzs0nVRWqsAVVh2Q4PPLDFvbsFOQkCHdksTsU5UYl7jUT3QaOHTzLJ%2FmkoXU9CK5YSR7Nrv0LF%2BPJl6BrRTxZ9j8aHB3Za"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ea9e0656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/main.0b0ed44c.js
172.67.172.109200 OK 147 kB URL GET HTTP/2 front.cdn-mb.com/spa-static/1.4.1453/static/js/main.0b0ed44c.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (65465)
Size 147 kB (147067 bytes)
Hash 210552438d9d46a9d81903ecc0eae46b
f71de1c3c1f7dff8ba7438b2e696c68a52d34957
7ded4896e4d08e3426e895154366775500077b012313d2578860335e773d7a12
GET /spa-static/1.4.1453/static/js/main.0b0ed44c.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:10:14 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-23e7b"
expires: Tue, 23 Apr 2024 23:44:41 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 5133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CQH%2FBSy7YSBuMdLtYOfBEhaCm1IWGKp%2BPcVbh2JAUuv%2FPvQWPaLNP3YVJRSbkFwN4GSDIp3fIzmaUX3OZAH76M7gZjfA8EOVkEO3iYFu7pj8zraXcqsiVh7TOLoS1%2BfRp%2FXm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6d62b0d0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
len6gyisnhmb.com/api/v1/locale
3.125.159.65200 OK 1.5 kB URL GET HTTP/2 len6gyisnhmb.com/api/v1/locale
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1898), with no line terminators
Hash 2a2d88a3af37142d4147f4dfdf8a1e78
b4554a1cee376ccc84712201c59e2a3808215af2
6d7b4eb41085404c26ac5cec90143f66851dac1ebc171ea0f65558a5e1178596
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/locale HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
x-client-platform: desktop-web
sentry-trace: d2414d3176d9425a9c0db1501fa538d2-9ab3dc0e0223aa5f-0
baggage: sentry-environment=production,sentry-release=23cb614f47bbc2f7b6eb478dcdfdec2f50952808,sentry-public_key=4a626086556647d191e62e9bef5eb347,sentry-trace_id=d2414d3176d9425a9c0db1501fa538d2,sentry-sample_rate=0.1
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906616.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/json
cache-control: max-age=604800, private
x-request-id: d354b3ed78179882fbd64bd50619f0d0
pragma: no-cache
expires: -1
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
len6gyisnhmb.com/api/v3/widget/get-list.json
3.125.159.65200 OK 117 B URL GET HTTP/2 len6gyisnhmb.com/api/v3/widget/get-list.json
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash d4b2bb4c804f687829900849126cff42
329085d3634ece2f1a0df3c2161b554e9ac4332b
aee28f7e2646df2b685e292c8b8bed81d7bd53f018693dd6bd09a2a3b6a4da25
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v3/widget/get-list.json HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
sentry-trace: d2414d3176d9425a9c0db1501fa538d2-87ab7eaf59c0adbd-0
baggage: sentry-environment=production,sentry-release=23cb614f47bbc2f7b6eb478dcdfdec2f50952808,sentry-public_key=4a626086556647d191e62e9bef5eb347,sentry-trace_id=d2414d3176d9425a9c0db1501fa538d2,sentry-sample_rate=0.1
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906616.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: 7ad8d218bff57d424bc67a6a41dd29a4
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:16 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/sa.dbdc272cb217fd407ff8.svg
172.67.172.109200 OK 10 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/sa.dbdc272cb217fd407ff8.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 135d0c86322f6763fb5631794b8af510
91394b420999bd3fb75ea94df03bc86f26ce2d5c
639ee1c158b0b61e8789bde27ae64edb246afe63cb8999e3468ca88c344927be
GET /spa-static/1.4.1453/static/media/sa.dbdc272cb217fd407ff8.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-27c3"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3zBOrbzBXKXSqAkhFRMKhpvYVYO9KiRnb2SFjg%2Fy82C3qmrtPUnExPTt5GM332Csw4CwGSKirWJOhXF7GpusEnUaQ42EfNsbiAkmWyyKxVz3qCYJ69A3NUo0pWTn68WIsYXi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4e85256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/ar.5a7c09af30ea06db87f1.svg
172.67.172.109200 OK 3.5 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/ar.5a7c09af30ea06db87f1.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash d7c08979ef2a9ddeb036c5926e54bc68
8814bc42df645389e3b4d4801c4a40e67f9435ae
0769d6fbbfd76146b28633eed9309e2d627b0d24913a2e106777a7db2b29a794
GET /spa-static/1.4.1453/static/media/ar.5a7c09af30ea06db87f1.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-d91"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAVUm7GxJKGlcaVmOXAsm1TCDhtcQhBmkhO1mzv1bWqp4wXeeUm4SB5dhzfIsVgWcMWHKLt7%2Ffx%2F9gy6Ev4QtIaXrL8ZDYNhCf0fjhawOK6mHdVDcb6vTWQWn5m9cGv2djP5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5189456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/Roboto-MediumItalic.17d0cac04a3f124945e1.ttf
172.67.172.109200 OK 176 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/Roboto-MediumItalic.17d0cac04a3f124945e1.ttf
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumItalicRoboto Medium ItalicVersion 2.
Size 176 kB (176428 bytes)
Hash cf23e1bb619029496260760b72aebd30
e4e31e55d279a9b12c32327a60a3a65c8350e5df
552fa6bfc8f4ad480ba69feb9745f31d77fa88c12826a1bbd3c5eb0beefa22bb
GET /spa-static/1.4.1453/static/media/Roboto-MediumItalic.17d0cac04a3f124945e1.ttf HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: application/octet-stream
content-length: 176428
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
etag: "662648dc-2b12c"
expires: Tue, 23 Apr 2024 22:14:30 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UCI5MDyJmG6y6atUQkY7qVRnX1x0E4exEJfQlRXRDbykHFwzOPbG0iWNd2CPpdZISEesjd1bv2iub8wCDIXH8U71ALOvd%2FHJ5zBIN%2FYytSKwLCEQ%2FEe67oxHsSAdqr4t5KyF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8790d6eb8ec256af-OSL
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/pk.0e17f31b0f156316ef20.svg
172.67.172.109200 OK 684 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/pk.0e17f31b0f156316ef20.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash e630d92ebef75e08d929efe7d2926833
24ea16476287fbe8d231721762ae21fa5cce949b
20c92a468c60d1f28c76835957bfab240b0dbf09199b56864e41e24e98a3db40
GET /spa-static/1.4.1453/static/media/pk.0e17f31b0f156316ef20.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2ac"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t87xcU4WMenzYgdK5hUZoQYQ0s0A4gUWg0EHDXitmx2%2FFGludSGriWfTd4zIE1bOIhZHD9pB%2B81ZAPzDmqVVXn5gMV5MmbUlrkjoS%2FTXwH2wA4PFHwy3KeLpUuy9KwkTUXg2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e45fbf56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/pe.83c26459858b4334c435.svg
172.67.172.109200 OK 73 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/pe.83c26459858b4334c435.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 23591f9d72b1e3ad2652099518e98f72
f9bd0381541c7d3094b7948a93810d10c772ee45
e0468f05eddaea5fb78d8d86440a580cd9cf5f27baa3e2ac4f229b4423abd7f9
GET /spa-static/1.4.1453/static/media/pe.83c26459858b4334c435.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-11ccb"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gmhf3Mk8fnAfTdRrGddPu%2B9q8u8sBsdWnQV1Dsrf7J6h3AKulwoQ1wtaD8DTBeX0ku68hKrcJFkr0XAdpijkXTdMvNfELugCAsyEPYgIIuMpzcX%2F%2Bxu6NhSW%2BPmgvJdgzsk6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e47fdb56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/1006.17fe5b69.chunk.css
172.67.172.109200 OK 3.5 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/1006.17fe5b69.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (3524), with no line terminators
Hash 30032b717e8a3ebaf3b68ce31d104cc9
51a6b45256164b4cababa525a7a7f696aec8bb63
1be54593547bc630b76603bd94371359eeb52087d8dbf5641e87da9655c52e1a
GET /spa-static/1.4.1453/static/css/1006.17fe5b69.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-dc1"
expires: Tue, 23 Apr 2024 23:18:30 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 6706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6fdnWDTA%2FnSGiVp90ZYo4uG7q6bvU%2BG2NSEfeq9UanDvgIdpuoJOfgWtumucWxXfQqly%2FTr1vkWy05sXmRDEViZZMoRC6DtBbwuDqAdpL4SUfTqD3WuC0CbDofFQ%2Bnxbe4W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e2fe8e56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
agstatic.com/games/evosw/roulette.jpg
54.230.111.13200 OK 95 kB URL GET HTTP/2 agstatic.com/games/evosw/roulette.jpg
IP 54.230.111.13:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerAmazon
Subject*.agstatic.com
Fingerprint0E:4F:35:84:E2:C6:81:0D:F2:72:CC:66:C5:58:96:AA:F8:27:11:08
ValidityWed, 24 May 2023 00:00:00 GMT - Sat, 22 Jun 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 640x480, components 3
Hash 9d54aee7b72d0670530408b10ee9cbcc
2ed1f016004e9fadea2dc1a6b63e2e7166735b63
277a9dfc169f63582b26340ac7f520dff101e2b260970e78f3b3c9c0e77f666a
GET /games/evosw/roulette.jpg HTTP/1.1
Host: agstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 95329
date: Tue, 23 Apr 2024 12:02:17 GMT
last-modified: Tue, 26 Dec 2023 14:01:45 GMT
etag: "9d54aee7b72d0670530408b10ee9cbcc"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0BqLLoXviAbpDWNFYVi3JK_pZ58R-P982vwdUG4JDq_1IUrNW7xykw==
age: 32882
vary: Origin
X-Firefox-Spdy: h2
len6gyisnhmb.com/api/v1/bonus/first_deposit/info?currency=RUB
3.125.159.65200 OK 59 B URL GET HTTP/2 len6gyisnhmb.com/api/v1/bonus/first_deposit/info?currency=RUB
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 244bafb7d36fb74595576ce553133442
49842065690aed64fd4aa670823c2eac6bf2a7d2
1aa33698594f13f59561fc08eef6fbee953447db06fb8e6ff1c31a56471da14e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/bonus/first_deposit/info?currency=RUB HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: 64d6c85471ece1fb99b8896ffa2c26d3
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:17 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/br.b3663866f502ec386f0e.svg
172.67.172.109200 OK 7.7 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/br.b3663866f502ec386f0e.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash cc2cf818df01b26a9a30efa6739a9ed3
1c6556b4b00a22c0000b4cca53d4cf36da2dd0f5
8a4751e483f00e87730ae58fef47e0de6d0926acbb7c27a23fb3021548c66790
GET /spa-static/1.4.1453/static/media/br.b3663866f502ec386f0e.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1e06"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZ7jrCZeX%2BOa2nqLIQiOsr0fJ1jd%2B4JITa%2B9NqoE2MuHsHZCA5SfUySNl%2BCYDsailvOnXWHWXt%2BMqr2vyd7Uv7eKV6nRSISfg5hLyZDQpQ3GJ4dPQNXaDxO5RojwBWgKJgZm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e46fce56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/pt.5697f2973616282e4c76.svg
172.67.172.109200 OK 8.7 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/pt.5697f2973616282e4c76.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash d8757cadead3ed4a26ac2011c55e050a
35f8185f287c66ecdf31780fb2feb60389dd21a9
76a4aa2c218941018dcf29cabda254778cd74a7480c5d423e14585814ba0a6a3
GET /spa-static/1.4.1453/static/media/pt.5697f2973616282e4c76.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-21d5"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2t4eLPlYdIFeyDAfR05am7BZA2dgwynmQXaovW%2FI9PGkkz8yZtntTSY8fSDynRqZpXlZj%2BWS5DSulB%2FiPiuSYCjcWatY2ikt8HkMv%2FdLZ9RlycXtHGMqbSYvtzmn18QAx1oz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e48fe256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/Roboto-Bold.4f39c5796e60c9d8e732.ttf
172.67.172.109200 OK 170 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/Roboto-Bold.4f39c5796e60c9d8e732.ttf
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo
Size 170 kB (170348 bytes)
Hash e07df86cef2e721115583d61d1fb68a6
3dd713113ff2d79b94d2df343e2e28fa8e7279cf
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
GET /spa-static/1.4.1453/static/media/Roboto-Bold.4f39c5796e60c9d8e732.ttf HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/octet-stream
content-length: 170348
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
etag: "662648dc-2996c"
expires: Tue, 23 Apr 2024 21:36:14 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 12843
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGb24SwDqdUbkuK5VOhpQBNZUcHVRfVlO11h93oFdnA4Kv9kbWXJmmr00LYmzLcEXr1ZM%2B86ScbyWEWKCucSZCuzjHGau8FaCfbLceEigKprSF6TQc6qne1uf7H1bQddvXdg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8790d6e548b456af-OSL
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/valorant.svg
172.67.172.109200 OK 361 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/valorant.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash b74eefa4b9d08c10fd9a6887f4d974e4
f096770bbabaecf2b3de9cffc95710b1d6479799
058b3423f4b52bfafbd513e9bb2d1b47dcc631a45857b825d5fd49322ebdc2cc
GET /upload/images/sport%20icons/valorant.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"fb1b692a5da30a4e2b55f1545e96c955"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: d9f9c3a4ae1ee6a8dbb2d3b306070026e56ac66c25360192e0f990b84c8e2bf2
x-amz-request-id: 17B18A45E7834FD0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102013/ctime:1654102013/gid:33/gname:www-data/mode:33188/mtime:1654102013/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 2142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kcLBXI6fgUs%2BZVtz7n0e%2B23MCdrdfdisj3GxA4Idr2QA2oj8zlUAkKZ6pgdc5887tMvb6GjeuA1am912tbJNkHepbnVBJxTMR51qYixJo9ArqeCqAiJaUnN3YYGbIOrp4rYXjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ec9fc456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
sentry.mostbet.com/api/27/envelope/?sentry_key=4a626086556647d191e62e9bef5eb347&sentry_version=7&sentry_client=sentry.javascript.react%2F7.51.2
116.202.10.2200 OK 2 B URL POST HTTP/2 sentry.mostbet.com/api/27/envelope/?sentry_key=4a626086556647d191e62e9bef5eb347&sentry_version=7&sentry_client=sentry.javascript.react%2F7.51.2
IP 116.202.10.2:443
ASN #24940 Hetzner Online GmbH
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectmostbet.com
FingerprintAD:CF:45:31:5F:B1:6C:40:B6:A2:A9:CB:37:E1:C4:8F:61:E8:7F:0C
ValidityThu, 07 Mar 2024 04:04:07 GMT - Wed, 05 Jun 2024 04:04:06 GMT
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/27/envelope/?sentry_key=4a626086556647d191e62e9bef5eb347&sentry_version=7&sentry_client=sentry.javascript.react%2F7.51.2 HTTP/1.1
Host: sentry.mostbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 447
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:15 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://len6gyisnhmb.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
content-security-policy: worker-src 'self' blob:; child-src 'self' blob:
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
172.67.172.109200 OK 109 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
Size 109 kB (108717 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1a8ad"
expires: Tue, 23 Apr 2024 23:44:48 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 5128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmQG3fm%2FKcHn7zCfQThd%2FGMJIOR8iLUxJWkT9dMX%2FVlMX9bmwsejLA1ZBkpjt4waGOT8%2BzKSfNC4oZJlyxSQiGCiUS03Fh3%2F0N8Cp2%2FvdGlO1fUxN0fAki0NVxm1d8ZNT4oY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6df7b2756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/websocket/credentials
3.125.159.65200 OK 260 B URL GET HTTP/2 len6gyisnhmb.com/api/v1/websocket/credentials
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash b96c4cfa9ce399a82e6517305cc61097
69053f6c3cabfefc693b80822d5c29aa9bd44c52
81064f98308ed35f1a51cde7790ad1ac613166e8a47694b5083aa2ebb8a91892
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/websocket/credentials HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
sentry-trace: d2414d3176d9425a9c0db1501fa538d2-a3c169f968982685-0
baggage: sentry-environment=production,sentry-release=23cb614f47bbc2f7b6eb478dcdfdec2f50952808,sentry-public_key=4a626086556647d191e62e9bef5eb347,sentry-trace_id=d2414d3176d9425a9c0db1501fa538d2,sentry-sample_rate=0.1
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906616.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: 04a034812a333c602092a90ea0369807
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:16 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/th.2ca3db46e2b26412705d.svg
172.67.172.109200 OK 288 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/th.2ca3db46e2b26412705d.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 55dd217baf61e7a2815d34050a47ffb5
25c20b5ce089b24c5bbb92ced1a213df458a0976
95e593f882acbb12fcffd4c9830c60d44c3fea07bc8b1a34cc607b20a41f976b
GET /spa-static/1.4.1453/static/media/th.2ca3db46e2b26412705d.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-120"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4kHXy7XDxQXlMYaeLBeoY5a%2Bit42%2B5ahKoCLZ5%2FvdlEDNsHAfmHFuI5G%2F958FDXmcTslecf7IZhRyNydKaPK2IMlhajSUVkQCsrnp%2B9nvl6fkeIkkXyWDIibZ4sfH8x7XzG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4f85e56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/triple_arrow.ea71882e83af233365b7.svg
172.67.172.109200 OK 676 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/triple_arrow.ea71882e83af233365b7.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 79ea3646abc18b35e0bc6c4b660817b8
28e3f93481f0cf2b5a2d601d607fa018f4ff6516
fecf0b8641c50e09586c7483ab8b7da50972e1b2e44c4c3e21ebe6502c045c31
GET /spa-static/1.4.1453/static/media/triple_arrow.ea71882e83af233365b7.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2a4"
expires: Wed, 24 Apr 2024 00:37:50 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QtzqUW0vRzg3sdEEj90uGgVe3p0bN9fC6DtgwUF7P9%2FCVL2%2BNI4fSZKfl3stvU5N%2BC7psv3JMeTgFk9K4IWGNzW%2FmZ5KsF7VsDOSPec%2Fa4AepxNRAPd%2BHFptq9TNRhBDDX2b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6edf90156af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/upload/images/sport%20icons/soccer.svg
3.125.159.65200 OK 586 B URL GET HTTP/2 len6gyisnhmb.com/upload/images/sport%20icons/soccer.svg
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type SVG Scalable Vector Graphics image
Hash 1a6d8af7357d2a2d19617860550d8c38
1e57b4f0c31e86c7294b19496f84667f61258088
3c774e9fd645258135e754bb72c656865ef9c788c721e72714f279b191062932
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/images/sport%20icons/soccer.svg HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:20 GMT
content-type: image/svg+xml
etag: W/"956c4b55e9fdc0fd0750a3175e37c09b"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin, Accept-Encoding
x-amz-id-2: d9f9c3a4ae1ee6a8dbb2d3b306070026e56ac66c25360192e0f990b84c8e2bf2
x-amz-request-id: 17C8DB3A5EE0F66E
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
expires: Wed, 24 Apr 2024 21:10:20 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2
gba.lnabew.com/sub/sdk-37XKiQozDmPb1Eb3
0.0.0.0 0 B URL GET gba.lnabew.com/sub/sdk-37XKiQozDmPb1Eb3
IP 0.0.0.0:0
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectgba.lnabew.com
FingerprintE1:B4:D9:65:5D:E7:6B:CD:F7:67:CE:41:D3:D7:29:0A:EE:B1:DA:EB
ValidityWed, 06 Mar 2024 11:29:12 GMT - Tue, 04 Jun 2024 11:29:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sub/sdk-37XKiQozDmPb1Eb3 HTTP/1.1
Host: gba.lnabew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/event-stream
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
cache-control: no-store, no-cache
content-type: text/event-stream
date: Tue, 23 Apr 2024 21:10:15 GMT
expires: 0
pragma: no-cache
server: Caddy
strict-transport-security: max-age=31536000
x-powered-by: Express
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/ca.102b45b24a03abdaeae6.svg
172.67.172.109200 OK 708 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/ca.102b45b24a03abdaeae6.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash ff51ab8c4d9d978f7ccda8b743da2b59
04ea3e2f22cac2bbd1733d3dfecf9b6b50572156
eb5b1cb16fb6936cb9fb68530adbe287fef007f9066bd246f411b6e36afc0fb6
GET /spa-static/1.4.1453/static/media/ca.102b45b24a03abdaeae6.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2c4"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YNLMVSnIZbOhMkvG7r1FMVNv4%2Bn8cdxnowvPf%2FNcE4UifBm1uHgy9Vw1quEGaz1D3V8aajKIV5OHrGP7MyZEKGBeszkNmSrow7kgIQ%2B47mAjiZId6BVYvFwBUUtPMQgalLAi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e4e84e56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/casino/games/top?page=1&itemsOnPage=6&platform=desktop¤cy=RUB
3.125.159.65200 OK 14 kB URL GET HTTP/2 len6gyisnhmb.com/api/v1/casino/games/top?page=1&itemsOnPage=6&platform=desktop¤cy=RUB
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
Hash ddb8fdbcf83d5d0888fb3cdb32cb4d51
099fe79aadd6cfbba1e952aa4f029fdb65fc20e3
4fdc9f610004ad318aeace6c9dcceb08f8d7c74c1754f590828b3218cb52da67
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/casino/games/top?page=1&itemsOnPage=6&platform=desktop¤cy=RUB HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: 4359ebbf756031157a74a37b04fdb02d
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:18 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/bd.a3ae69dedf0b3ad8fb44.svg
172.67.172.109200 OK 192 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/bd.a3ae69dedf0b3ad8fb44.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 0ceb812902f3d1414d689ce9db4ded52
3ebd434e8d163989723f3bc917bf8cfa8eb43ffa
ed9837c2f0e326bd957ce676e742ead6984fc374e25f01a4e9de89b113221b63
GET /spa-static/1.4.1453/static/media/bd.a3ae69dedf0b3ad8fb44.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-c0"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lG1INgcO6yUvkgqDLo6%2FdGyor06BwO2nAxiUkpHGS7B908qzG1yKy1pzNFRRmYus1pPvEqBK3kueIK55CxgOZPkCWpETzbWBHv20pl4hCI%2FxGOIoUSW%2BKUzFQIMCnWaAnTuc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e45fbd56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/nhl.af1a458aac77218cad9d.svg
172.67.172.109200 OK 2.1 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/nhl.af1a458aac77218cad9d.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 32c5e5dce9986872067aca3e5c687503
9cc98e83140ad625fef36330b0e44b5bdbc39e3b
68033e371d004fee5967a9f804d09144bde944f5779aa83318c8030cd2c42b5b
GET /spa-static/1.4.1453/static/media/nhl.af1a458aac77218cad9d.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-81f"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0wb6FFp8ZG4GB1kkAvNESxQExrvO1blGB9yIPVD4RpDdk1HtTIjUvkgkRftm0k5UrnH7RvnXXnSUu%2B0XYUgIMDr1%2Bf7brn%2F1ebHve2nbRIc4ZXf1JTnedSbOylrvLO6ayye"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5a91f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/gift2.45bfe9dd1ca64a744e62.svg
172.67.172.109200 OK 473 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/gift2.45bfe9dd1ca64a744e62.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash dcc856db13589a74c00f2a2ab97a5714
5dde79e7929dec4d92a593ce400b37dc46fcba69
3cb251a0cd23d0fcf442abaf0c748cf0ba7353da112f338b2a157efc4842f355
GET /spa-static/1.4.1453/static/media/gift2.45bfe9dd1ca64a744e62.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1d9"
expires: Tue, 23 Apr 2024 22:52:17 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oskg4WD0M5gExaVBUU06hy59TulZ2KStjR%2FhZXIgfpbTmNb09BjPZLffNFZU4PuyC9KMuSW%2FO1bDtz13MW%2B9ojCIQcGvRjSveixbANKO8q%2FlQ74WtwCbZsqeqfccoNbCIluy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e578fb56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/upload/images/sport%20icons/ice-hockey.svg
3.125.159.65200 OK 679 B URL GET HTTP/2 len6gyisnhmb.com/upload/images/sport%20icons/ice-hockey.svg
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type SVG Scalable Vector Graphics image
Hash 23e908c8ef60229f294d38c050a8e192
b588d405fd4bc56f0fa67a57f2970876981d3848
29e7cf876c6b6f8677c048d4c89276acc19eb06fe7a1306c1f6b82e48bce1838
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/images/sport%20icons/ice-hockey.svg HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:20 GMT
content-type: image/svg+xml
etag: W/"10d425894ae12d10290eddcde1d131f9"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin, Accept-Encoding
x-amz-id-2: d9f9c3a4ae1ee6a8dbb2d3b306070026e56ac66c25360192e0f990b84c8e2bf2
x-amz-request-id: 17C8DCF705EDD749
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
expires: Wed, 24 Apr 2024 21:10:20 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2
code.jivosite.com/script/widget/config/zV6xlxr9an
193.17.93.93200 OK 7.5 kB URL GET HTTP/2 code.jivosite.com/script/widget/config/zV6xlxr9an
IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoDaddy.com, Inc.
Subject*.jivosite.com
Fingerprint48:23:E2:E5:0B:0A:4E:4F:CA:AD:65:27:8E:22:2A:8F:87:B3:6D:F4
ValidityWed, 05 Apr 2023 11:26:25 GMT - Mon, 06 May 2024 11:26:25 GMT
File type troff or preprocessor input, ASCII text, with very long lines (8717), with no line terminators
Hash 71c87e33a5bace19d4618c78bb520a2c
87b383160ea8a4d78fa4f25eaf620329c1ee9472
a750f6f8b3d6f6913dcb7ea5882f1c87786f14d50231700d200e942e9d83dc10
GET /script/widget/config/zV6xlxr9an HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: gzip
expires: Tue, 23 Apr 2024 23:07:36 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: sber1
cache: HIT
x-cached-since: 2024-04-23T21:07:36+00:00
x-node: m9-up-gc229
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/74.3ec0d7c5.chunk.js
172.67.172.109200 OK 10 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/74.3ec0d7c5.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (10370), with no line terminators
Hash 794ab286a9b50896b1258f7970e24b4f
b7a827d1ea766efed9c088aa09df45f12d2a2737
d11f2c5a81de0637c6a0c2ff564f08691d9a28b0a401829bee142088a936617d
GET /spa-static/1.4.1453/static/js/74.3ec0d7c5.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2882"
expires: Tue, 23 Apr 2024 21:43:20 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 12418
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJO%2BrejQ7%2Fwn6MqmltESZLXh%2BOdIq8vQd3Vn8wC7cuio59D9sw%2Fv4K16np3bwK1URnxIbRWy9jE6XoFbd2EXxNZ1EOPB3wFAMNY%2FzXLYSzsNBjgd2hUFcqO%2B1GRGkQxXMccu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eb1e6056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/js/9336.e3ea778c.chunk.js
172.67.172.109200 OK 72 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/9336.e3ea778c.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 45b396e86199a29fb0df90786d2f94b4
3cdcc9e8de56ad492a6d7398f9caaacb67c012d9
a5dff9b2e24f6a36ce1f0e485c8991b5412b9d06765b45695cb4d2354373c5d8
GET /spa-static/1.4.1453/static/js/9336.e3ea778c.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-11aa1"
expires: Tue, 23 Apr 2024 21:43:20 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 12417
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Sddc2ByyaHUNKnR90%2BpbBBt9Cg0xrmLgXHlkmxCVFK3YHwJkGZ115u8LYwjOT1NMhO%2BFxPCgAM2R6bDmv24UdyETuK2ZbfcA2jnm4wBZNaA%2B1%2Bv%2B0yM4jG0MHdVZfFlPrFR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e74ab656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v2/settings
3.125.159.65200 OK 895 B URL GET HTTP/2 len6gyisnhmb.com/api/v2/settings
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1011), with no line terminators
Hash 409e2bc4272355ea0c79bfa6a5649117
85210e106bb3795f9b3aaa32bb32635bef199619
73cca0a0eed6c9853498b100676ad8f5754e2587d981f7b3908193bbfb1060a1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v2/settings HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
x-client-platform: desktop-web
sentry-trace: d2414d3176d9425a9c0db1501fa538d2-b69960021ec74d69-0
baggage: sentry-environment=production,sentry-release=23cb614f47bbc2f7b6eb478dcdfdec2f50952808,sentry-public_key=4a626086556647d191e62e9bef5eb347,sentry-trace_id=d2414d3176d9425a9c0db1501fa538d2,sentry-sample_rate=0.1
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906615.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:15 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: de7745f1ac7b1035da1949c24dade286
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:15 GMT
vary: Accept-Encoding, Accept-Language
set-cookie: PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; expires=Thu, 23-May-2024 21:10:15 GMT; Max-Age=2592000; path=/; secure; HttpOnly
lunetics_locale=ru; expires=Wed, 24-Apr-2024 21:10:15 GMT; Max-Age=86400; path=/; secure
tz=Europe%2FOslo; expires=Tue, 30-Apr-2024 21:10:15 GMT; Max-Age=604800; path=/; secure
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/js/1006.a3495223.chunk.js
172.67.172.109200 OK 6.9 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/js/1006.a3495223.chunk.js
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type JavaScript source, ASCII text, with very long lines (7025), with no line terminators
Hash 1bf5dda1a5d5ca65e34359d867176be0
25227ebd235a5c6340bef5c577cf21befe1dfd80
ed5fa4fdeff74287a7e9b7145dc77d4891b7fd10269e706ff709c43a158c3e54
GET /spa-static/1.4.1453/static/js/1006.a3495223.chunk.js HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:16 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1b03"
expires: Tue, 23 Apr 2024 22:14:25 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10550
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0H8r%2Fhmn5hM%2Brzvt2pYdtEjytZJIRyUzQ4FOQA0vpT6XyqapCZ48aFBckfx6iWuBhAPMA%2FElL1AWgZ0u9ToZsxznH5HwoO18D2%2BqI52ZCCNwUoEKp4zD1%2FhDiMDapukw0WfY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e2fe9256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/2415.2f49e63e.chunk.css
172.67.172.109200 OK 4.9 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/2415.2f49e63e.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (4957), with no line terminators
Hash 4f6408825810cd3ff0e58a8cb0c4d8bb
55a5bd2a07e3fe7859818a4e404523f451509b09
bbecda7ee4366573fb5f10770a6153ccf8383c8f05aea94cc6b6f8234bf98f4e
GET /spa-static/1.4.1453/static/css/2415.2f49e63e.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1354"
expires: Wed, 24 Apr 2024 00:28:03 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 2535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGL3bThwrpFNQ2Q%2Bhg56KoDwXMjdUOO1BX1IUJMmkJfYQOwy4lEaT7gfnc%2BrGefmqfn15FsK78kXrbAVjU18grEzIFJtTmW2z0jBDuT6J7MMXc7LPxDL%2FAqQ%2BCIcBLBv9aw6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eaae1156af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
upload.cdn-mb.com/upload/images/sport%20icons/ice-hockey.svg
172.67.172.109200 OK 679 B URL GET HTTP/3 upload.cdn-mb.com/upload/images/sport%20icons/ice-hockey.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 23e908c8ef60229f294d38c050a8e192
b588d405fd4bc56f0fa67a57f2970876981d3848
29e7cf876c6b6f8677c048d4c89276acc19eb06fe7a1306c1f6b82e48bce1838
GET /upload/images/sport%20icons/ice-hockey.svg HTTP/1.1
Host: upload.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"10d425894ae12d10290eddcde1d131f9"
last-modified: Wed, 07 Feb 2024 08:42:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: a1fa336c2fd2dc07ed124b8a56fe646ff71a960ff9616c4268e18a83b1883276
x-amz-request-id: 17B18A45C7347DFA
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1654102012/ctime:1654102012/gid:33/gname:www-data/mode:33188/mtime:1654102012/uid:33/uname:www-data
cache-control: max-age=345600
cf-cache-status: HIT
age: 6086
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c3zFnSnLHCBFklZcIrq4z65uftU%2BA9OJnkTbMv9ZVYwrdmbkGh%2FohXRLwjS1LaUAjCGL6yoRYwO%2Fv8AkVRmpNvBoEFOSeSR6T48yupHFGTQkRGKnenSVPWwv3KDTgl4zFBF43Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eb1e7156af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.google.com/recaptcha/api2/payload?p=06AFcWeA7mHU2gUK6Dk7A6UqHouTHddtVUBGkZ4ELU1yE4_Ycob772caeMHISpz-ItSbTSpTV3V7R7a-YSM8yA4TbaK6puIm9Tw9ngPeVbCRQK5rr4CiOY1WeMmWA5YOF5etuyOx1Bz2pihMIEDRhnG1M7ecSSxYrBx6cDi9AjFK0GO-3o9g9EceupUDKGu27BsoSOf0lLcDAA&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
142.250.74.164200 OK 57 kB URL GET HTTP/3 www.google.com/recaptcha/api2/payload?p=06AFcWeA7mHU2gUK6Dk7A6UqHouTHddtVUBGkZ4ELU1yE4_Ycob772caeMHISpz-ItSbTSpTV3V7R7a-YSM8yA4TbaK6puIm9Tw9ngPeVbCRQK5rr4CiOY1WeMmWA5YOF5etuyOx1Bz2pihMIEDRhnG1M7ecSSxYrBx6cDi9AjFK0GO-3o9g9EceupUDKGu27BsoSOf0lLcDAA&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
IP 142.250.74.164:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3
Hash 4e5734c61d9dfd833318f23d0bc28a27
7118f577b78d4793c2a938ce883d87e10af72eed
41dbed0d1ca0c7a4287de7a889a140fc1854e3708646105e90bb432ed140cdec
GET /recaptcha/api2/payload?p=06AFcWeA7mHU2gUK6Dk7A6UqHouTHddtVUBGkZ4ELU1yE4_Ycob772caeMHISpz-ItSbTSpTV3V7R7a-YSM8yA4TbaK6puIm9Tw9ngPeVbCRQK5rr4CiOY1WeMmWA5YOF5etuyOx1Bz2pihMIEDRhnG1M7ecSSxYrBx6cDi9AjFK0GO-3o9g9EceupUDKGu27BsoSOf0lLcDAA&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j
Cookie: _GRECAPTCHA=09AKPP-6dfcknn_mmPEzObLDuwW_49yhhLt3hhVnPrcRROVP3Sd-quLA9y03zG36bimO6b35SI8l9JmnSHNa0Eq7c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/jpeg
expires: Tue, 23 Apr 2024 21:10:21 GMT
date: Tue, 23 Apr 2024 21:10:21 GMT
cache-control: private, max-age=30
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
front.cdn-mb.com/spa-static/1.4.1453/static/media/no.266dbd6fc3e66414aa3c.svg
172.67.172.109200 OK 321 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/no.266dbd6fc3e66414aa3c.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 4d1dd94b0f4aea449999ebdf40d3ddfc
93d29329d50d30ef1a1f5a7e393abaa7a74e3909
1257ad41975d079113e827e26f28f3207142944965163150c61241e2bb006d9e
GET /spa-static/1.4.1453/static/media/no.266dbd6fc3e66414aa3c.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-141"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mz7jnxuuSurI8Jl9j7Fo0ndQCQ1Apts0mXJyVsmIy7okM7%2FxR%2BjbsLLQ6%2BcrDX33dYZyVCVlm8KuPwcXNm7JaujtfCG%2F6eYL9zju1u2I48lYRT0JGBTBScsLEAQi3rY9QoJg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5189a56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.google.com/recaptcha/api2/webworker.js?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC
142.250.74.164200 OK 102 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC
IP 142.250.74.164:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File type ASCII text, with no line terminators
Hash 79f9d94c0c033c7ddf4048aef7a52dc8
2b55dd695ed872807bcb15d907b1fc31e659fa77
99b69346c99ddbbdfc3e85c3f88843b6f092b67046d922cefb30beadb27ddc93
GET /recaptcha/api2/webworker.js?hl=ru&v=QoukH5jSO3sKFzVEA7Vc8VgC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LebvnYUAAAAAPjaNA0gcHaUffLC2Dek6HUqQR5j&co=aHR0cHM6Ly9sZW42Z3lpc25obWIuY29tOjQ0Mw..&hl=ru&type=image&v=QoukH5jSO3sKFzVEA7Vc8VgC&theme=light&size=invisible&badge=inline&cb=ivzgu3vfjtuf
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 23 Apr 2024 21:10:20 GMT
date: Tue, 23 Apr 2024 21:10:20 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
front.cdn-mb.com/spa-static/1.4.1453/static/media/np.f7885aa646996a2aa6e0.svg
172.67.172.109200 OK 1.2 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/np.f7885aa646996a2aa6e0.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 12c4e357d12ca2e200a554ed1f7736c6
04d6383f0d03d38d8107998a94ebaf80727ebd30
e63b58e1601f186978299be9d5b1ae79e5d160f0879970d6b1b22c681307f562
GET /spa-static/1.4.1453/static/media/np.f7885aa646996a2aa6e0.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-4a9"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bSU96ATNgi%2B8IE6Xo%2Fc%2BgDNGBuOfz%2BWgf4n30906kmBBezjbmaJpZNdA%2FKL8vEosgrbw5ysK1nbnZ%2BeBWMkz99CGWVFZlzuKWL2oEydnplfkUiAElY5GtWHgESqDUfuwlSTn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e45fc356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/mx.05c8d69783e68aaad2f4.svg
172.67.172.109200 OK 90 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/mx.05c8d69783e68aaad2f4.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 3aa223c8cc48eba75fbb57fcc20ce7cc
991d84b1fb4422a08c80851c237d279d713bc331
b67b689c0045cb4e8a4d5a439adbbf4c471cc090cbeb7ba7b2aed0eeabdbef3e
GET /spa-static/1.4.1453/static/media/mx.05c8d69783e68aaad2f4.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-16189"
expires: Wed, 24 Apr 2024 00:52:47 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QkkbusH5BGEtDIjREoAY2cNJAunX09Cx9s7KvtSDbKOcfgLMdQvmkl1IjUmCkbaDaXAaZ%2FxwcuEAwxwTysgHkWYiLaypiHtC06yhupWs999VO5D2LPl71mISffS06r%2BKhxzj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e46fd056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/star_circle_filled.2920f5def289f1e3e1a5.svg
172.67.172.109200 OK 304 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/star_circle_filled.2920f5def289f1e3e1a5.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash d3dfaf69bb64203a900e76c898e82351
39b98b953221b4b9da41354d96c1de1c74e56958
58f981d724cdd47c8d20b37c47bd3ec597da89e5dd8d5b4302ec1c1b7b3c091d
GET /spa-static/1.4.1453/static/media/star_circle_filled.2920f5def289f1e3e1a5.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/763.4bebe6ed.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-130"
expires: Wed, 24 Apr 2024 00:17:28 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PrJiBD1%2FvkWOJVMNUQmY38U0zo4yla%2BJLOd9PpAdx4kG8v9pdVHpwhcb5Adtk4W12YqfX3iFqV3oE1FWEKEMW1a74hmgBrnhObHQsR3n66obfUzIJSAWA%2FzC4pwoY8sJM9y0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6ee192756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/cabin.7fb81ea829d8ca7f9c7d.svg
172.67.172.109200 OK 2.7 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/cabin.7fb81ea829d8ca7f9c7d.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 53ae048a35c662d791a20936b4317ec2
48b92b520ce45d36a4eeccab93d07d6d588fe698
a4b793c56e944c8bd7111719a0c630a928842d5c60ea1d7d437cb96eff2534e0
GET /spa-static/1.4.1453/static/media/cabin.7fb81ea829d8ca7f9c7d.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-a5f"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0jeGyGmNmh9jdEJYJN7vyqei%2BZ%2BSiZbT9CLR4FaQcOwOrIjYd%2BPb1yVlMlG9YYWdzKXhFw71bjcO8d%2Ft9ScN%2Ftu21EwK6lpRU%2FpMKKJjrOdzfXkrRTMMnEg0UMZtBzLfvDJ1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5790756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
agstatic.com/games/pragmaticplay/sugar_rush.jpg
54.230.111.13200 OK 97 kB URL GET HTTP/2 agstatic.com/games/pragmaticplay/sugar_rush.jpg
IP 54.230.111.13:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerAmazon
Subject*.agstatic.com
Fingerprint0E:4F:35:84:E2:C6:81:0D:F2:72:CC:66:C5:58:96:AA:F8:27:11:08
ValidityWed, 24 May 2023 00:00:00 GMT - Sat, 22 Jun 2024 23:59:59 GMT
File type JPEG image data, progressive, precision 8, 640x480, components 3
Hash fe6210118d1770e6c459b60b1dd3b6e3
5ac6648b53e2b8c727ce240b8ab7ac33cf7d3f7c
9028d7e9d1acaa9981b7ea571bcb3b024a35ff48a0d9c471d4ab2ddb4313154c
GET /games/pragmaticplay/sugar_rush.jpg HTTP/1.1
Host: agstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 96647
date: Tue, 23 Apr 2024 11:36:40 GMT
last-modified: Tue, 26 Dec 2023 14:28:31 GMT
etag: "fe6210118d1770e6c459b60b1dd3b6e3"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Helwp0ODNyamy432hZGBpBKuvTlUEmScn2HU2vo3uSV5oJwfdktV-Q==
age: 34419
vary: Origin
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/kz.f528d1705766032d8237.svg
172.67.172.109200 OK 11 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/kz.f528d1705766032d8237.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash a19240f60581e10a25ee91cc4c00c3ed
61614d14dbb829fcc871cb0230f082063ec3a163
af4496d258a36c41ce92d7713c7206e2e92ac6037c6dcdac687ba815e74a4f49
GET /spa-static/1.4.1453/static/media/kz.f528d1705766032d8237.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://front.cdn-mb.com/spa-static/1.4.1453/static/css/9841.cf6f176a.chunk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-2c97"
expires: Wed, 24 Apr 2024 00:50:20 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 1197
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JcgTAVg%2FF32aPhYFWQ%2FRYqYAlCmWnyAwqfVf7tGmYN9Tim3%2Fu%2B3O7iz5EXcoFeimRie3mNrNfsd0Vf8ih7yglKwkBeYzBfiR94bGeQqMalXi%2B6RvpTKysfcJUHkzZNx5o5WG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e46fcc56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/android.dd4e4ba3ee281d0c0174.svg
172.67.172.109200 OK 624 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/android.dd4e4ba3ee281d0c0174.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 0ac4c5ffd0cc8107b89f53a6a39fcfbc
c234a9f5d9f92e71aeab4b4ccf279231d0991161
dd39990cb77626ae78bd984224daee81e2b29d6d9646538cda7480731f2ee955
GET /spa-static/1.4.1453/static/media/android.dd4e4ba3ee281d0c0174.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-270"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LeGbYsJznlc1J%2F4AmhSuxXRwc6nvZON8a76FlDr0%2FIIy38Ojp%2FMvFNzT3DAOikz5rkvlZxLdxNXIj4lNbIhlQUCU3fAxB9uVGDQ1j6YnaAkv2LvrxY85wZCQClswj%2Fmu9%2F49"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e548ba56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
len6gyisnhmb.com/api/v1/casino/games?page=1&itemsOnPage=6&platform=desktop¤cy=RUB&productTypes[]=live_casino&productTypes[]=live_games
3.125.159.65200 OK 8.0 kB URL GET HTTP/2 len6gyisnhmb.com/api/v1/casino/games?page=1&itemsOnPage=6&platform=desktop¤cy=RUB&productTypes[]=live_casino&productTypes[]=live_games
IP 3.125.159.65:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerLet's Encrypt
Subjectlen6gyisnhmb.com
FingerprintAE:DF:C8:2B:CA:BC:77:01:65:F2:A4:72:C7:D0:E2:A1:6C:2B:28:C9
ValidityMon, 08 Apr 2024 09:19:21 GMT - Sun, 07 Jul 2024 09:19:20 GMT
File type troff or preprocessor input, ASCII text, with very long lines (9346), with no line terminators
Hash 82c3cb666ebba2ba006738a52c0e6458
fe2a6917921f27ac7b47523dd6268028f2908186
727d7197e8e8801242d3196fbe74194dec1b9a788f9273ba1dc988ee457ce3b9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/v1/casino/games?page=1&itemsOnPage=6&platform=desktop¤cy=RUB&productTypes[]=live_casino&productTypes[]=live_games HTTP/1.1
Host: len6gyisnhmb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-client-name: mostbet-com-spa
x-client-version: 1.4.1453
x-client-session: a960fmakedlkar9pi7es
x-client-device-id: 9bargp2tjxb99dnak5lh
X-Requested-With: XMLHttpRequest
x-client-platform: desktop-web
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Cookie: uid=7188645369884966912; rst4-uid=7188645369884966912; _ga_9Q6VE8VYRH=GS1.1.1713906615.1.0.1713906617.0.0.0; _ga=GA1.1.1251391045.1713906615; theme=desktop; PHPSESSID=21isvcgmk9o6206ahuk8gpmv3t; lunetics_locale=ru; tz=Europe%2FOslo; multiAuthThirdPartyEnabled=true; rst-uid=7188645446904971264; cid=4214941352; prid=most_partner.4214941352; pid=126916; sip=0; _odd_format=decimal
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
x-request-id: 48e2d3c302c7a5a25359f64d9a6a71d3
pragma: no-cache
expires: Tue, 23 Apr 2024 21:10:18 GMT
vary: Accept-Encoding, Accept-Language
content-encoding: gzip
X-Firefox-Spdy: h2
front.cdn-mb.com/spa-static/1.4.1453/static/media/fire.254c3e5dda44853c03fd.svg
172.67.172.109200 OK 848 B URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/fire.254c3e5dda44853c03fd.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 38400c65eaebf471089903f4a0ba863b
7abc97bd736fc81f4b409c56dc835d38bcfa97f2
452d75d60be5929e7d92209798c8e39c87af85f50ff43d39d59358318d33bd23
GET /spa-static/1.4.1453/static/media/fire.254c3e5dda44853c03fd.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:18 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-350"
expires: Tue, 23 Apr 2024 22:14:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10552
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILx%2B8o0i937cOdKt2bGe03NBqjQ3AVUEZUhrfLqSYxd%2F2cg6zsMIpRTGlL6nW%2BG6slmS28Oe7ZemCI6OrCZnpvCd7wT7cg74XsSq%2Bd%2BR7D2zOkUKkYa7her0xXtEA1rFKrGX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6eaae1456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/wta.94528375d8f792247dca.svg
172.67.172.109200 OK 1.2 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/wta.94528375d8f792247dca.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 66f776a5f59d261b59f5afd8089cccb8
e49e4b0808fc205317780e06a9c5e549974775dd
d0455d0b575b3aa14fa3b1f674df6dca7edabb45486e510525de4f24b2c49495
GET /spa-static/1.4.1453/static/media/wta.94528375d8f792247dca.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-484"
expires: Tue, 23 Apr 2024 22:52:16 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 8280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4KJ4APFP83gVvLyKUyooH%2Fl0xkbFCm4GE81rx4IGy1lNAJ3uUxVFWllkD0M4H4hmCgLLhAcUh2F1ZjMNpfqGAMdi9HPIz1dtenBknwUXGU4fu%2FFZDwGkwdp3BGF6ix7KKV4M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e5a92256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/css/763.4bebe6ed.chunk.css
172.67.172.109200 OK 5.4 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/css/763.4bebe6ed.chunk.css
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type ASCII text, with very long lines (5406), with no line terminators
Hash f5a651d6f23491eb574b9e7f62458540
638e3a8d57b23606c81891cfdf1e0cf2184d7442
e2a0d2a97a36d506845989881403be63a634fd9b1a5cdc5260f70cd09c7f1a97
GET /spa-static/1.4.1453/static/css/763.4bebe6ed.chunk.css HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://len6gyisnhmb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: text/css
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-1519"
expires: Wed, 24 Apr 2024 00:17:26 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 3170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZbDGagS9XxfP49obCOJtcyVl5X30PY%2BCPsLfEDtjdDB4pYy8TiIcsKOL1216PELIRJHUag7FkPr6GED6gKNcVIYKSdJBFJb4RpcpzGNhdiS5Y65hs485Mtog4HE6liKt0%2FLO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e74ad056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
front.cdn-mb.com/spa-static/1.4.1453/static/media/settings.64de7b9afe592b4b614b.svg
172.67.172.109200 OK 1.4 kB URL GET HTTP/3 front.cdn-mb.com/spa-static/1.4.1453/static/media/settings.64de7b9afe592b4b614b.svg
IP 172.67.172.109:443
Requested by https://len6gyisnhmb.com/?cid=4214941352&pid=126916&sip=0
Certificate IssuerGoogle Trust Services LLC
Subjectcdn-mb.com
Fingerprint21:8F:AB:F5:C0:1A:1C:48:72:B9:FA:E5:6E:CA:46:9D:BB:F4:8E:E9
ValiditySun, 25 Feb 2024 11:57:33 GMT - Sat, 25 May 2024 11:57:32 GMT
File type SVG Scalable Vector Graphics image
Hash 9397eeb5bbb154f8ff8e2cb48e6b51b3
96be79db9ebad9d87bd191c89eed469059b493ca
2dfa622d440e9842a96c38166089424cc5ce6140ba66f10c0fb4effed22ee700
GET /spa-static/1.4.1453/static/media/settings.64de7b9afe592b4b614b.svg HTTP/1.1
Host: front.cdn-mb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://len6gyisnhmb.com/
Origin: https://len6gyisnhmb.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:10:17 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 11:24:12 GMT
vary: Accept-Encoding
etag: W/"662648dc-59c"
expires: Tue, 23 Apr 2024 22:14:29 GMT
cache-control: max-age=345600
access-control-allow-origin: *
cf-cache-status: HIT
age: 10548
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YqA1B7QUHQmBCpe%2B0UbL11RC0hJpo9Oz%2BZ0Ycz0g83MZHb%2FPyeIedEDwIKJv%2BfPKbNKS4T1pPX68JTcsQ2ys%2B8xd7qBYi%2BnvwLqnJ1j52LviXYAhrZ%2BioyeGmETWJpxMZGJ2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8790d6e8ec4956af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400